
How can I tell if I have a critical server?
- Large number of users (i.e., hundreds of users)
- Stores legally protected information (e.g., grades, Social Security number)
- High Availability/maximum uptime (e.g., 7 x 24 availability, little downtime tolerated)
- Financial impact due to downtime (i.e., thousands of dollars)
- Downtime impacts reputation of the University
- Difficult to resume operation if data is lost or corrupted (e.g., many coordination and synchronization issues)
- Backup and retention (e.g., daily backup with retention greater than 1 year)
Examples of critical servers:
- Enterprise level services that are used by all campuses or significant to one or more campuses
- Servers storing significant amount of legally protected data
- Availability is critical or important
- Designated credit card processing servers
- Important collegiate and department servers
- Servers on disaster recovery plans
Scoring: One factor=maybe; two factors=probably; three factors=certainly
For more information on identifying and reporting critical servers, see http://www.umn.edu /oit/security/criticalserv.html