Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Support Level

Support Level 0

Support Level 1

Support Level 2

Support Level 3

Support Level 4

Description

Non-NYS Owned Computer

NYS Owned ITS provides "Basic" Support Services

NYS Owned ITS Provides "Advanced" Support Services

NYS Owned and ITS "Fully" Supported

NYS Owned and ITS "Enhanced" Supported

Purpose

Used for providing services to non-NYS employees and non-students (e.g. Community Members).

Used for providing services to NYS employees and students.

Used for providing services to NYS employees and students.

Used for providing services to NYS employees and students.

Used for providing services to NYS employees and students.

Examples Include

Student computers, CoachUSA, non-Fredonia / non-state owned hardware, etc

Computers used with Scientific equipment. Single purpose computers, "appliance" type computers, Faculty start-up funded computers (depending on purpose), etc.

Multi-station / Multi-location use systems such as Carrier, Siemens, FSA, Physical Plant, Health Center Systems, Faculty start-up funded computers (depending on purpose), etc.

Standard Windows/Mac desktops & Macs, Faculty Mac's, Smart Classroom, Computer Labs, etc.

HIPAA, PCI, or similar type restricted access computer or system required to exceed normally recognized IT security best practice. Falls within level 2 data risk classification

Data Risk Classification Category

Category 1 - Public

Category 1 - Public

Category 2 - Private

Category 2 - Restricted

Category 3 - Restricted

OS Patch Management

Vendor or Service Provider installs critical and security OS patches no less than monthly. Current AV solution installed and updated automatically, no less than daily

ITS enables OS 'auto-updates'. Anti-virus required (Win/MAC) and updated automatically at a frequency of no less than daily. (OS must have current security and critical patches available from OS vendor)

ITS enables OS 'auto-updates'. Anti-virus required (Win/MAC) and updated automatically at a frequency of no less than daily. (OS must have current security and critical patches available from OS vendor)

ITS installs OS updates. ITS installs and configures SEP updates. (OS must have current security and critical patches available from OS vendor)

ITS installs OS updates. ITS installs and configures SEP updates. (OS must have current security and critical patches available from OS vendor)

Application Support and Management

Vendor or service provider

Local Fredonia non-ITS faculty / staff or under manufacturer software support agreement

Local Fredonia non-ITS faculty / staff or under manufacturer software support agreement

ITS provides all application support and management or service provided by manufacturer or vendor. Software under manufacturer's support agreement. Funding sources may vary

ITS provides all application support and management or service provided by manufacturer or vendor. Software under manufacturer's support agreement. Funding sources may vary

Hardware Support

Vendor or service provider

Physical Hardware should be kept under vendor or manufacturer's warranty. No ITS hardware support available. ITS reviews hardware spec and will (if requested) assist in acquiring hardware quotes from NYS OGS approved sources

Physical Hardware should be kept under vendor or manufacturer's warranty. No ITS hardware support available. ITS reviews hardware spec and will (if requested) assist in acquiring hardware quotes from NYS OGS approved sources

ITS fully responsible for all hardware, maintenance, and support

ITS fully responsible for all hardware, maintenance, and support

Local and/or Network Printers

Local Only

Local via USB or similar and/or printer has statically assigned NATTED IP with port 9100 allowed in but not allowed out

Local via USB or similar and/or printer has statically assigned NATTED IP with port 9100 allowed in but not allowed out

Local via USB or printer defined on non-internet directly accessible 141.238.x.y

Local via USB or printer defined on non-internet directly accessible 141.238.x.y

May connect to Fredonia Wired Network

"Direct to Internet" access only via NAT.

"Direct to Internet" access only via NAT. No 141.238.x.y IP address available

"Direct to Internet" access available. Firewalled and ACL'd 141.238.x.y range available based on need and scope

Yes, full Fredonia 141.238.x.y IP provided via statically assigned IP address reserved in IPAM or MAC address reservation with IPAM assignment via DHCP

Yes, full Fredonia 141.238.x.y IP provided via statically assigned IP address reserved in IPAM or MAC address reservation with IPAM assignment via DHCP

May connect to Fredonia Wireless Network

No

Yes, via FredSecure or similar 802.1X Solution

Yes, via FredSecure or similar 802.1X Solution

Yes, via FredSecure or similar 802.1X Solution

Yes, via FredSecure or similar 802.1X Solution

Port allowed Outbound (going outside Fredonia campus)

HTTPS, SSH

HTTPS, SSH

HTTPS, SSH

All required but host sits behind hardware firewall

All required but host sits behind hardware firewall

May be connected to Fredonia's Active Directory ("AD.FREDONIA.EDU")

No

No

No

Yes

Yes

New York State Asset Tag Required

No

Yes

Yes

Yes

Yes

May initiate a connection to another Fredonia Computer

No

No

No

Yes, but network ACL's may be in effect

Yes, but network ACL's may be in effect

May be connected from a Fredonia computer initiating the connection

No

RDP, SSH, IP Printing (9100) only

RDP, SSH, SMB (file print sharing). Can not use same eServices account / password

Yes, but network ACL's may be in effect

Yes, but network ACL's may be in effect

Scanned by NESSUS

Yes, non-credentialed only

Yes, non-credentialed only

Yes, non-credentialed only

Yes, credentialed and uncredentialed

Yes, credentialed and uncredentialed

Hardware Replacement Costs

Vendor or service provider

Department responsible. No ongoing ITS replacement funding available

Department responsible. No ongoing ITS replacement funding available

Yes, funding sources may vary

Yes, funding sources may vary

Disaster Recovery / Business Continuity Disk Imaging Services

None, vendor or service provider responsible

ITS can provide imaging service for Win/Mac Only via optional SLA

ITS can provide imaging service for Win/Mac Only via optional SLA

Full DR/BC Services available with optional / additional SLA

Full DR/BC Services available with optional / additional SLA

Host (OS) Firewall required

Yes

Yes

Yes

Yes

Yes

May be used to store Fredonia information / data

No

Limited but not HIPAA / FERPA data. See "Normal Backups" below

Limited but not HIPAA / FERPA data without ISO review and approval. See "Normal Backups" below

Yes

Yes

Inventoried by LanSweeper

No

Yes via SSL off-site method currently used on laptops

Yes via SSL off-site method currently used on laptops

Yes, via full AD credentials

Yes, via full AD credentials

WhatsUpGold Alerts and SNMP alarms

No

No. Available with optional SLA

No. Available with optional SLA

Yes, full and enforced use of WUG

Yes, full and enforced use of WUG

Whole Disk encryption required

No

Depends on type of information stored

Depends on type of information stored

Depends on type of information stored. All Fredonia owned laptops = yes

Depends on type of information stored. All Fredonia owned laptops = yes

Regulated Data Security Controls (FERPA, HIPPA, etc.)

No

Depends on ownership. Configuration must be reviewed and approved by ISO if used to store Fredonia data

Depends on ownership. Configuration must be reviewed and approved by ISO if used to store Fredonia data

Full controls in place pending review and approval from ISO

Full controls in place pending review and approval from ISO

Who has local admin privileges

Vendor only

Local Fredonia non-ITS faculty / staff. 1Password use available with optional SLA

Local Fredonia non-ITS faculty / staff. 1Password use available with optional SLA

ITS OS admin, ITS application admin, 1Password use required

ITS OS admin, ITS application admin, 1Password use required

If running web service, is SSL cert required and who procures cert

Yes, vendor or service provider procures

Yes, vendor or service provider procures

Yes, vendor or service provider procures

ITS, funding sources vary

ITS, funding sources vary

Disable IPv6

Yes

Yes

Yes

Yes

Yes

Who provides normal daily backups

None, vendor or service provider

Vendor or service provider. ITS may upon optional SLA

Vendor or service provider. ITS may upon optional SLA

ITS provides all OS, application, and image backups

ITS provides all OS, application, and image backups

Authentication

Local accounts only

Local accounts only

Local accounts only or self supported authentication system

AD bound, Federated allowed. Only local service accounts allowed

AD bound, Federated allowed. Only local service accounts allowed

ACL VLAN changes

Reviewed by ISO, executed by Network System and Services

Reviewed by ISO, executed by Network System and Services

Reviewed by ISO, executed by Network System and Services

Reviewed by ISO, executed by Network System and Services

Reviewed by ISO, executed by Network System and Services

Examples

Student computers, CoachUSA,

Computers used with Scientific equipment. GasBoy, Health Center, etc.

Carrier, Siemens, FSA, etc.

Prowatch, DVTEL, Wilmac, Banner, AD, etc.

Prowatch, DVTEL, Wilmac, Banner, AD, etc.

Computer Naming Convention

None

Should follow documented ITS Naming Convention

Should follow documented ITS Naming Convention

Must follow documented ITS Naming Convention

Must follow documented ITS Naming Convention

ITS DataCenter Available to Host System(s)

No

Yes, with additional SLA

Yes, with additional SLA

All ITS Servers must be stored in approved ITS controlled DataCenters

All ITS Servers must be stored in approved ITS controlled DataCenters

...

Live Search
sizelarge
additionalpage excerpt
placeholderSearch Answers
typepage

Filter by label (Content by label)
showLabelsfalse
max5
spacesSKB
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel in ( "ferpa" , "security" , "hippa" , "pci" , "classification" , "standards" , "data" , "dss" ) and type = "page" and space = currentSpace ( )
labelsdata classification security pci dss hippa ferpa standards
Page Properties
hiddentrue


Related issues