The University of Texas at San Antonio
Office of Information Technology
Office of Information Security (OIS) Standards


OIS 53 –
Standard for Managing Access to Secured Shared Spaces

 


I. STANDARD STATEMENT


The following standard provides guidance for access and protection of shared secured spaces where critical OIT and facility assets are located (mechanical, electrical and communications infrastructure).
 


II. RATIONALE


This standard supports HOP Policy 8-12 Information Resources Use and Security Policy

 


III. SCOPE


This standard applies to all UTSA faculty and staff who use Office of Information Technology’s shared secured spaces.

 


IV. CONTACTS


If you have any questions about OIS 53 Standard for Managing Access to Secured Shared Spaces contact the following office:

Director of Enterprise Services

OITConnect@utsa.edu


V. DEFINITIONS  


  1. Facility Asset Rooms: Mechanical rooms, boiler rooms, valve rooms, fire equipment and alarm rooms, HVAC penthouses, attic spaces, roofs, crawl spaces, manholes and other locations where facilities support systems are located.
  2. OIT Communication Rooms: OIT communication rooms are defined as spaces utilized to provide network communications (wired and wireless) and campus communications infrastructure (cabling conduit, cross connection and termination). These rooms are purpose built according to OIT construction standards and only house non OIT equipment in specific situations as agreed upon with OIT. Non OIT inhabitants of these spaces are required to follow all OIT policies and standards related to installation of equipment and access to these rooms.
  3. Secured Shared Spaces: Rooms where critical facility assets and OIT equipment are collocated.

 


 VI. RESPONSIBILITY


  1. Vice Provost for OIT: Will develop access policy and disseminate it to all other OIT departments that have personnel who access secured spaces.
  2. OIT Director of Enterprise Services: Will ensure compliance with policy among OIT staff members as well as other support contractors.
  3. Senior OIT Infrastructure Project Manager: Will ensure OIT engineers, technicians and contractors are familiar with this program. Will maintain a master list of OIT personnel who have access to secured spaces. Will be responsible for requesting access based on need and for keeping control of personnel access.
  4. OIT Communication Infrastructure Manager: Will ensure OIT engineers, technicians and contractors are familiar with this program.

 


VII. ACCESS TO SECURED SHARED SPACES


  1. Authorized personnel with permanent or temporary access to OIT Communication Rooms may enter Secured Shared Spaces as needed to perform legitimate work related functions.
  2. Authorized personnel must contact UTSA Police Non-Emergency (458-4299) when accessing secured shared spaces outside of business hours (7pm-7am).
  3. Authorized personnel must contact UTSA Police Non-Emergency (458-4299) when accessing Downtown secured shared spaces outside of business hours (7pm-7am).

VIII. PROCESS FOR OBTAINING ACCESS KEYS AND CARDS


  1. OIT Director of Enterprise Services and other designated staff will be responsible for requesting permanent access and/or temporary access for OIT staff and or contractors.
  2. Permanent access to secured spaces should be granted on an as-needed basis. Staff assigned work in secured spaces on a scheduled routine basis (daily/weekly/monthly) should be provided such access; others should only be provided temporary access.
  3. Authorized Access Control Requestors are responsible for processing all requests for access, keys and swipe cards for their departments. Requests for Keys and Swipe Card access will be through the access control website at: http://www.utsa.edu/utsapd/access_systems/. See attached list of Authorized Access Requestors. The Access Control Department can be contacted at 210-458-6855; located in the Bosque Building in room 1.200.
  4. Access Control will notify the access requestors of a date/time when mechanical keys and swipe cards can be picked-up.
  5. Upgrades to existing access swipe cards will also be coordinated by the authorized access requestors.

IX. GENERAL SAFETY PROTOCOLS TO BE FOLLOWED IN ALL SECURED SPACES


  1. Food and beverages are not allowed in any of the secured spaces.
  2. Smoking (including E-Cigarettes) is not allowed in any of the secured spaces.
  3. Combustible items are not allowed in any MDF or IDF communication room without prior authorization from the OIT Infrastructure Services management group. All unused combustible items are to be removed from the space upon completion of work.
  4. Doors are not to be kept open via any mechanism (propped, blocked, or taped). Shared and IT space doors are to be locked at all times as these rooms have silent alarms.
  5. Umbrellas, raincoats, etc. must be left outside of shared and IT spaces to prevent water damage to the equipment or cause slippery floor conditions.
  6. Cleaning supplies (including water) are not allowed in shared and IT rooms without prior authorization from OIT Infrastructure Services management group.
  7. Compressed air canisters are not allowed in shared and OIT rooms.
  8. Vacuum cleaners with HEPA filters may be used in shared and communication rooms upon approval from OIT Infrastructure Services management group and only utilizing isolated power circuits.

 


X. RECORDS AND LOGS


  1. OIT Director of Enterprise Services and their designated staff will be responsible for keeping track of access keys and cards provided to their staff members.
  2. Logs will be reviewed at least annually to ensure accuracy and appropriate access group membership.
  3. Internal audits may be performed to determine accuracy of the access logs.
  4. Discrepancies will be corrected within 48 hours of the finding; discrepancies will be reported to the OIT Director of Enterprise Services.

Authorized Access Requestors OIT (Oct-2018)

Delegate DEPARTMENT Restricted Requestor
ADMIN SERVICES OFFICER III, OIT Information Technology No
ADMIN SERVICES OFFICER II, OIT Information Technology No
SR ADMINISTRATIVE ASSOCIATE OIT Information Technology Yes
SR. IT INFRAST PROJ MGR OIT Information Technology Yes

 


Effective Date: 11/12/2018

Last Revised: 11/12/2018