University of Notre Dame > OIT

Office of Information Technologies

services banner

IT Policies
IT Standards
OIT Policies & Procedures
Copyright Information

>IT Policies Home

security banner

RSS Feed
Subscribe to the OIT Security Alerts RSS Feed

OIT Home > Policies > IT Standards > OS Level Access to Servers

Operating System Level Access to Servers

Adopted August 20, 2007

1. Background and Scope

Pre-production servers are used for testing and training using live production data that is not masked, and are configured identically to production servers. In the pre-production environment, output files generated by jobs contain sensitive data and access must be limited. The pre-production environment is where changes are deployed and signed off on before they move into production. Changes must go through the change control process, and are deployed only by database administrators, systems administrators or application administrators. Access to this environment must be limited to guarantee that developers are not making changes while a functional user is testing.

The purpose of these standards is to specify operating system (OS) level access to pre-production (test and training) servers, and strengthen access controls and oversight for production environments. These standards apply to access by system administrators, database administrators, application administrators, developers, and functional users.

2. Access to Pre-Production (Non-Development) and Production Servers

Only system administrators, database administrators, and application administrators will have operating system (OS) level access to pre-production (test and training) servers. Developers and functional users will not have OS level access to pre-production servers.

Developers will have query level database access in the pre-production and production environments.

When an application requires OS level access to use its functionality in a production environment, this will create an automatic exception to the standard.

3. Access to Development Servers

Developers will have both OS and database level access in the development environment.

4. Procedures

If developers require access to certain files, they must contact the application or database administrator assigned to the application.

Developers may have a business need to access job output files and source code for review or troubleshooting. To provide this access, job output files can be directed to developers’ WebFile folders, and source code can be placed in a repository that developers can access.

Current OS level access for developers on pre-production servers will be revoked.

5. Contacts

For clarification of these standards, contact the Chief Information Officer via e-mail or by phone at (574) 631-9700.

6. Exceptions

Exceptions to these standards require the approval of the University’s Chief Information Officer.

 

 
 

Need answers?
Contact the OIT Help Desk at oithelp@nd.edu or 574-631-8111.