Text Size Default Text SizeDefault Text Size Large Text SizeLarge Text Size Largest Text SizeLargest Text Size Print Print this Page

Policy 6127

Physical Access

I. Purpose

The purpose of this policy is to establish the rules for the granting, control, monitoring and removal of physical access to Longwood information technology resources and systems facilities. These facilities include areas containing sensitive data and telecommunications equipment.

II. Policy

  1. All physical security systems must comply with all applicable regulations such as, but not limited to, building codes and fire prevention codes. 
  2. All facilities must be physically protected in proportion to the criticality or importance of their function at Longwood.
  3. Access to facilities must be granted only to authorized personnel whose job responsibilities require access to that facility.
  4. The Chief Information Officer (CIO) or his or her designee must authorize access to facilities.
  5. Access to facilities will be promptly terminated when the need for that access no longer exists. The CIO or his or her designee reserves the right to suspend and/or terminate any access privileges he or she determines to be a potential threat to the confidentiality, integrity or availability of any sensitive IT resources and systems.
  6. Individuals without authorized access privileges must be escorted by an Information and Instructional Technology Services staff member with authorized access to the facility for the duration of the visit.
  7. All access to the facilities must be logged.
  8. All incoming or outgoing equipment from a facility should be identified, inventoried and logged with documentation to include Longwood tag number, model number, date installed or removed and equipment description.
  9. At a minimum, access to facilities will be reviewed by the Information Security Officer on an annual basis.

III. Enforcement

The University regards any violation of this policy as a serious offense. Violators of this policy are subject to disciplinary action, in addition to possible cancellation of IT resources and systems access privileges. Users of IT resources and systems at Longwood are subject to all applicable local, state and federal statutes. This policy does not preclude prosecution of criminal and civil cases under relevant local, state, federal and international laws and regulations.

Approved by the Board of Visitors, April 1, 2005.

Revised and approved by the Board of Visitors, December 5, 2008.