Vista USD | BP 3401 Business and Noninstructional Operations
The Board of Trustees recognizes the need to maintain a safe and secure environment for its data processing assets. The purpose of this policy is to provide guidelines for securing these assets from physical access and thus preventing theft and / or vandalism wherever possible. This policy focuses on physical controls to data networking and information systems assets.
Physical Access controls for the Vista Unified School District serve to be consistent with best practices associated with organizational security management for facilities.
It is the intention of this policy to establish a physical access control capability throughout the Vista Unified School District for the purpose of securing the hardware assets of Vista Unified School District from tamper and theft. The granting, controlling and monitoring of the physical access to Information Resources facilities is extremely important for an overall security program.
As a general rule, all assets will have a minimum of dual physical access control. This means that assets will be within a locked container (ie, cabinet) within a locked room, distribution frame, or data center. In the cases where this is not practical, (ie, common areas, classrooms etc.) infrastructure assets will be locked to the cabinet itself with material devices such as cable locks to further deter theft / vandalism. Finally, data centers will adhere to this "two lock" rule by incorporating either physical locks to cabinets / cages, and / or dual locking mechanism to entry doors (ie, key and Card Reader, hand geometry scanner, etc.).
The scope of this policy covers all Information Technology (IT) resources owned or operated by the Vista Unified School District that are not "mobile" in nature. The policy is to establish the rules for the granting, controlling, monitoring and removal of physical access to Information Resource facilities. All users of Vista Unified School District including faculty, students, administration and staff (to include outside authorized vendors) of IT resources are responsible for adhering to this policy.
The Superintendent or designee is authorized to prepare an administrative regulation to implement this policy.
Policy VISTA UNIFIED SCHOOL DISTRICT
adopted: December 08, 2016 Vista, California