Vendor Access to College Networks Policy

Policy Number	Policy Owner
8006.1	Telecommunications

1.0 Purpose

2.0 Revision History

Date	Version Number	Change Description	Referenced Section
10/4/11	1.0	New Document	Entire Document
9/7/15	1.1	Minor Revisions
1/6/17	1.2	Minor Revisions
3/1/17	1.3	Minor Revisions	Owner
10/4/18	1.4	Minor Revisions

Date

Version Number

Change Description

Referenced Section

10/4/11

1.0

New Document

Entire Document

9/7/15

1.1

Minor Revisions

1/6/17

1.2

Minor Revisions

3/1/17

1.3

Minor Revisions

Owner

10/4/18

1.4

Minor Revisions

Review Process / Approval

Action:	Units	Date
Policy Review	Telecommunications Management Services
Policy Approval	Executive Council	10/4/11

Action:

Units

Date

Policy Review

Telecommunications
Management Services

Policy Approval

Executive Council

10/4/11

3.0 Units and Persons Affected

4.0 Policy

4.1 SUNY Plattsburgh, in order to protect its internal computer network, requires vendors and contractors to abide by rules and standards as outlined below.

4.2 Physical connection to the network.

4.2.1 Plans for network connections will be reviewed and approved by network operations before beginning work.

4.2.2 Any wiring (including patch cables) done or provided by the contractor or vendor will be installed and certified according to TIA/EIA, BICSI, and National Electrical Code standards. Wire map will be according to TIA/EIA 568B. All network wiring will be certified to a minimum of Cat 5E, or better, depending on the requirements of the equipment installed.

4.2.3 All terminations in the wiring closet will be in approved patch panels.

4.2.4 The final connection to the network in the wiring closet will be done by network operations, after reviewing the cable installation and certification to ensure that the cables will be patched to the proper switch port and vlan.

4.2.5 Any troubleshooting and testing after installation will be done with or by Network Operations to ensure the security of the network.

4.3 Remote and/or wireless access to the network.

4.3.1 Needs for off-campus access to secure, private networks will be coordinated with network operations.

4.3.2 Access to secure, private networks will be provided by Network Operations through a secure VPN server. Usercodes and passwords will be provided by network operations for the period necessary upon review of the access needs of the vendor. Network operations will maintain the VPN hardware and logging of accesses to the network.

4.4 Access to Computer Information Services controlled spaces and networks.

4.4.1 Because of implemented firewalls, access to software applications managed by Computer Information Systems (CIS) will require coordination with CIS. VPN usercodes and passwords to access these applications will be provided by CIS. Based upon a review of vendor needs, all VPN accounts will be available for a specific duration of access, and access will automatically expire at the end of that duration.

4.4.2 Vendor physical access to servers, located in Computer Information Systems, will only be allowed when accompanied by a member of the CIS staff.

10.0 Distribution and Training