Client Responsibilities

When you subscribe to IUII services, you still assume full responsibility for system administration. Customer responsibilities and/or requirements include:

Staffing: All customer personnel contacting UITS for support must be fully trained on the operating system running in the virtual system.

Named Designated Contacts:

Customer named contacts, technical resources and fiscal account resources, which are established, person-specific, e-mail addresses associated with the customer support contract. It is expected that these contacts will be updated upon any personnel or responsibility change.

Customer Active Directory Services (ADS) group to be used for Virtual System resource assignment. The ADS group contents are managed by the Customer, thereby providing the most control over resource access to the Customer.

Full responsibility for system administration. System administration falls into, but is not limited to, the following areas:

• Installation and licensing of all operating system and application software.
• VMware tools software installation is required to maintain a supported infrastructure. Installation of VMware tools is required for each virtual server. It is strongly recommended to include VMware tools updates as part of normal operating system patch cycles. The VMware tools version will be evaluated as part of any debugging endeavor. In the event that the Virtual System has a VMware tools version that is not current, upgrading VMware tools will be the first step in solving the problem.
• Support and maintenance of all operating systems and application software, including the timely application of all patches and upgrades.
• Configuration of network address through Domain Name Services (DNS) administrators at UITS.
• Configuration of machine room firewall ports through Network administrators at UITS.
• Security measures, particularly the establishment of appropriate authentication and authorization processes, application of operating system and application security patches, and the performance and resolution of the University Information Security Office (UISO) scans. Click here for general security information
• Data management, as prescribed by university policies and state and federal laws and regulations in respect to protection of, access to, and confidentiality of institutional or personal data residing on or processed by the system.
• Liaison or manager who will provide operations staff with support escalation and contact information for system administration functions. Contact information for billing inquires and Technical contact for operational inquiries.
• Optional Backup services are offered that provide cross-site backups and cross-campus failover options, which isolate potential disasters by securing backup data within hardened data centers. In the event the optional services are not utilized data protection is solely the responsibility of the customer.
• Active incident response plan as outlined by University Information Policy Office (UIPO).
• Managing system logs for operating system and application related troubleshooting.
• Regular scheduled auditing for abnormal events including intrusion detection.
• If production systems are deemed critical, test VMs should be installed and maintained. In the event a vulnerability is discovered the test VM can be utilized to test the fix quickly and deploy it with confidence in the production environment.

UISO reserves the right to audit the security of any system residing in its facilities, through periodic security scans. Per Policy IT-12 “Proactively seek out and apply vendor-supplied fixes necessary to repair security vulnerabilities, within a timeframe commensurate with the level of risk (i.e., within 24 hours for high-risk, with 48 hours for medium-risk, and within 72 hours for low-risk).”

If a system becomes compromised, UITS will immediately remove it from the network and notify the customer. The system will not be allowed back on the network until the customer has resolved the situation and UISO has certified the resolution.