|Skip to Main Content|
  1. PROSPECTIVE STUDENTS
  2. CURRENT STUDENTS
  3. FACULTY & STAFF
  4. ALUMNI
  5. COMMUNITY & FRIENDS
 
  1. CAMPUS LINKS
    1. Inside UNCG
    2. Admissions
    3. Academics
    4. Libraries
    5. Administration
    6. Research & Centers
    7. International Programs
    8. Continuing Education
      & Outreach
    9. Technology
    10. Arts & Entertainment
    11. Employment
    12. Corporate Resources
    13. Giving to UNCG

Information Technology Services

Home » Technology Procedures » Networks » Server Transfer

  1. Technology Procedures

  2. Technology Procedures Home
  3. Acceptable Use
  4. Data Classification
  5. Forms
  6. Networks
  7. Wireless Communication

Secure Transfer/Disposal of Servers

The University of North Carolina at Greensboro

Policy Reference: Security of Networks and Networked Data
Approved: November 30, 2006
Document Maintainer: Information Technology Manager, ITS - Service Operations and Support

Purpose

This procedure addresses the following sections of the related policy:

Section III.A.v

"Follow ITS protocol for equipment disposal practices to ensure protection of data and licensed software."

Risks mitigated through the application of this procedure include mishandling and inappropriate disclosure of sensitive data and violations of University agreements with vendors regarding software licensing.

Scope

This procedure covers servers that have the capacity to retain sensitive data or licensed software.

Responsible Parties

Procedure

When a server is to be decommissioned or when the device is targeted for disposal, care must be taken to ensure that unauthorized individuals do not gain access to sensitive data and licensed software. The party responsible for the device has ultimate responsibility for ensuring that inappropriate access to that information is not obtained.

All data storage on the servers must be sanitized to Department of Defense (DoD) standards prior to disposal. Additional information as to DoD methods is available on the Data Removal/Media Destruction Process.

A log of information must be kept for each server including:

This information log must be maintained and kept for auditing purposes by a UNCG employee such as server administrator, facilities manager, or the individual contracting with an outside vendor.

For those servers that were not sanitized prior to removal from University possession, an exception form should be completed and given to department management, and the Associate Vice Chancellor for ITS-Compliance and Business Continuity. Information needed is the following:

ITS Responsibilities

It is the responsibility of the ITS Facilities Manager to ensure that the above procedures are followed for each server within the ITS server farm. Any exception forms must also be sent to the Director of Service Operations and Support.

IT Professional Responsibilities

Any IT professionals utilizing servers in any campus entity outside of the ITS server farm should be aware that there is the potential for secure data to be present on the hard drive and should therefore be purged as per the Data Removal/Media Destruction Process. Servers that have not received this treatment should be noted as exceptions as stated above.

 
Information Technology Services
The University of North Carolina at Greensboro
Greensboro, NC 27402-6170
Technical Support 336.256.TECH (8324)