Technical Infrastructure Plan

Plan 2015

The purpose of the technical infrastructure plan is to outline the guidelines and best practices for managing the technical infrastructure of James Rumsey Technical Institute, ensuring reliable, secure, and efficient access to technology resources for educational and administrative purposes. This policy applies to all faculty, staff, students, contractors, and any other individuals utilizing the technical infrastructure of James Rumsey Technical Institute. It encompasses all devices, networks, systems, and data managed or accessed within the institution’s premises or remotely.

Goals and Objectives

  • To provide reliable, secure, and efficient access to technology resources for educational and administrative purposes.
  • To ensure that the institutions data is safely secured and monitored.
  • To provide training to faculty and students that contributes to the safety and security of the technical infrastructure.
  • To engage in an annual review process that allows for the recognition of enhancements that can be made within the technical infrastructure of the institution.

Personnel Responsible for Overseeing the Plan

Director/Principal:

  • Review and approve relevant funding requisitions related to technical infrastructure
  • Review and maintain any contractual agreements that relate to the success of the institutions technical infrastructure.
  • Designate individual(s) responsible for updating and maintaining all devices, networks, systems, and data housed within the institution or utilized remotely.

Technology Integration Specialist:

  • Oversee the design, implementation, maintenance, and security of the technical infrastructure throughout the institution and any technology that is utilized remotely on behalf of the institution.
  • Develop and provide professional development to the staff in order to ensure that both staff and students are trained on appropriate technology usage and cybersecurity safety guidelines.
  • Maintain an inventory of all devices that are utilized within the institution.

Instructors/Faculty:

  • Utilize technology resources responsibly and adhere to security guidelines.
  • Educate and train students on appropriate technology usage.

Students:

  • Use technology resources in compliance with institution policies and for educational purposes.
  • Follow “BYOD” policy when utilizing personal devices within the institution.

Activities to Achieve the Objectives 

Network & Connectivity:

  • Internet Access: Provided to support educational activities and administrative functions. Access is filtered to ensure compliance with institution policies. The Local Area Network is segmented using 10 Gigabit Ethernet fiber optic cable with redundant 1 Gigabit Ethernet cable.
  • Network Security: Use of firewalls, intrusion detection/prevention systems, and regular security audits to protect against unauthorized access and cyber threats. Microsoft Defender Advanced Threat protection is used on all school owned end point devices to notify the IT department of any potential threats.
  • Wireless Networks: Secure and available across campus for convenient access by students, faculty, and staff. The wireless network provides 2.4 GHz and 5 GHz connectivity with separate networks for faculty, students, and guests.
  • Use of Third Party Vendors for the following services: Internet Service Provider, Website Hosting, Business Critical Software, Cloud Hosting, and Data Processors.

Hardware and Software:

  • Standards: Standardized hardware and software configurations to ensure compatibility, supportability, and security.
  • Procurement: All hardware and software acquisitions must be approved by the IT department to ensure compatibility and support.
  • Licensing: Only licensed software may be installed on institution-owned devices.

Data Management:

  • Data Security: Encryption, access controls, and regular backups to protect sensitive data.
  • Data Ownership: Institutional data is owned by James Rumsey Technical Institute, and access is granted based on roles and responsibilities.
  • Data Retention: Clear guidelines have been established on data retention and deletion to comply with legal and regulatory requirements. The process for backing up data full backup completed annually, incremental backup completed quarterly, and differential backup completed weekly. Data backups are stored securely onsite and securely offsite.

User Access and Authentication:

  • User Accounts: Unique accounts for faculty, staff, and students with designated access permissions based on their roles and responsibilities.
  • Password Protection: Regular password changes, complexity requirements, and multi-factor authentication where feasible.
  • Access Control: Immediate revocation of access upon termination or completion of studies.

Acceptable Use:

  • Guidelines: Clear policies on acceptable use of technology resources, including prohibited activities such as unauthorized access, harassment, and illegal file sharing. Staff and students agree to an acceptable use policy annually as part of orientation requirements. Students are also required to complete a “mobile device take home agreement” when borrowing a device from JRTI to complete educational activities at home.
  • Monitoring: Monitoring of network traffic and systems to ensure compliance with policies and to detect potential security breaches.

Incident Response:

  • Reporting: Prompt reporting of suspected security incidents or breaches to the technology integration specialist who then elevates the problem from there.
  • Investigation: Thorough investigation of incidents to determine root causes and appropriate corrective actions.
  • Notification: Timely communication with affected parties regarding security incidents or breaches and actions taken in response.

Compliance:

  • Regulatory Compliance: Adherence to relevant laws, regulations, and industry standards related to information security and data privacy.
  • Policy Review: Annual review and update of this policy to reflect changes in technology, regulations, and institutional needs.

Training and Awareness:

  • Training Programs: Annual training sessions for faculty, staff, and students on IT security best practices and policy updates.
  • Awareness Campaigns: Awareness campaigns to promote cybersecurity awareness and responsible use of technology resources. Timely notifications if new cybersecurity risks present themselves.

Enforcement:

  • Consequences: Violations of this policy may result in disciplinary actions, including but not limited to restrictions on access, disciplinary proceedings, and legal action if warranted.

Documentation:

  • Policy Distribution: Distribution of this policy to all relevant stakeholders and acknowledgment of receipt.
  • Accessibility: Accessible documentation of all technical infrastructure configurations, policies, and procedures for reference and audit purposes.

IT Support:

  • IT Support: A work order system is utilized for faculty and students to submit technology-based requests. This system allows for the monitoring, tracking, and oversight of IT-related issues or needs. This system is monitored by the institution’s technology integration specialist.

Timeline for Review, Evaluation and Revision of the Plan

The technical infrastructure plan will be reviewed annually and updated as necessary to address emerging threats, technological advancements, and institutional changes or needs. The current policy and all updates made are reviewed and approved by both the Administrative Council and the LSIC.

Translate »