Mexico
Páginas: 7 (1558 palabras)
Publicado: 11 de febrero de 2013
Physical Access to Data Centers, Non Public Areas and Personal Devices
Version: 1.2 Effective date: April 1st, 2009
Starwood Proprietary & Confidential – Internal Distribution Only unless Authorized in Writing by the Starwood Information Security Office Page 1 of 7
© 2012 Starwood Hotels & Resorts Worldwide Inc.
INFORMATION SECURITY
Physical Access to Data Center/Computer roomsVersion: 1.2
FINAL
PHYSICAL ACCESS TO DATA CENTER/COMPUTER ROOMS CHANGELOG
The following changelog is a record of changes made to the Starwood Physical Access to Data Center/Computer rooms Standard since v1.0 by Starwood’s Global Information Security Office. The section is intended to document changes that impact auditable and operational processes in addition to tracking changes that helpachieve compliance with industry or regulatory standards. Grammatical changes and the like will not be captured in this changelog.
Policy Section
Policy Subsection
Short Description CHANGE: This standard supersedes and thereby replaces the Starwood Physical Access to Data Center/Computer rooms standard. ADD: Datacenter doors must be weighted so that they close securely from any openposition.
Implementation
ALL
ALL
v1.0
2
2
Datacenter doors must never be propped open or left ajar for any reason.
v1.1
All
All
Updated title page and version to 1.2 for 2010 distribution
v1.2
All
All
Reviewed for 2011 refresh
V 1.2 Aug 2011
All
All
Review for refresh 2012- Added information on access to non public areas
V 1.2 Jun 2012
33
Added section on access to non public areas
V 1.2 Jun 2012
4
4
Added section on badges
V 1.2 Jun 2012
5
5
Added section on personal devices
V 1.2 Jun 2012
Starwood Proprietary & Confidential – Internal Distribution Only unless Authorized Writing by the Starwood Information Security Office
© 2012 Starwood Hotels & Resorts Worldwide Inc. Page 2 of 7 INFORMATION SECURITY
Physical Access to Data Center/Computer rooms
Version: 1.2
FINAL
Table of Contents
Physical Access to Data Center/Computer rooms ......................... 2 Changelog...................................................................................... 2 1. Overview .................................................................................. 4
1.1 1.2 1.3 1.4Purpose ...........................................................................................................4 Scope and Applicability ...................................................................................4 Accountability ..................................................................................................4 Contributions...................................................................................................4
2. Data Center Procedures ........................................................... 5 3. Access for non public areas ...................................................... 5 4. Badges ..................................................................................... 6 5. Personal Devices...................................................................... 6 6. Documents ............................................................................... 7
Starwood Proprietary & Confidential – Internal Distribution Only unless Authorized Writing by the Starwood Information Security Office
© 2012 Starwood Hotels & Resorts Worldwide Inc. Page 3 of 7
INFORMATION SECURITY
Physical Access to Data Center/Computer rooms
Version:1.2
FINAL
1.
OVERVIEW
1.1 Purpose
This procedure is to ensure that proper physical security controls are in place regarding access to the datacenter. (This access includes a datacenter or any area that houses a system that stores, processes, or transmits cardholder data).
1.2 Scope and Applicability
This document explains a Starwood associate’s responsibility in granting access...
Version: 1.2 Effective date: April 1st, 2009
Starwood Proprietary & Confidential – Internal Distribution Only unless Authorized in Writing by the Starwood Information Security Office Page 1 of 7
© 2012 Starwood Hotels & Resorts Worldwide Inc.
INFORMATION SECURITY
Physical Access to Data Center/Computer roomsVersion: 1.2
FINAL
PHYSICAL ACCESS TO DATA CENTER/COMPUTER ROOMS CHANGELOG
The following changelog is a record of changes made to the Starwood Physical Access to Data Center/Computer rooms Standard since v1.0 by Starwood’s Global Information Security Office. The section is intended to document changes that impact auditable and operational processes in addition to tracking changes that helpachieve compliance with industry or regulatory standards. Grammatical changes and the like will not be captured in this changelog.
Policy Section
Policy Subsection
Short Description CHANGE: This standard supersedes and thereby replaces the Starwood Physical Access to Data Center/Computer rooms standard. ADD: Datacenter doors must be weighted so that they close securely from any openposition.
Implementation
ALL
ALL
v1.0
2
2
Datacenter doors must never be propped open or left ajar for any reason.
v1.1
All
All
Updated title page and version to 1.2 for 2010 distribution
v1.2
All
All
Reviewed for 2011 refresh
V 1.2 Aug 2011
All
All
Review for refresh 2012- Added information on access to non public areas
V 1.2 Jun 2012
33
Added section on access to non public areas
V 1.2 Jun 2012
4
4
Added section on badges
V 1.2 Jun 2012
5
5
Added section on personal devices
V 1.2 Jun 2012
Starwood Proprietary & Confidential – Internal Distribution Only unless Authorized Writing by the Starwood Information Security Office
© 2012 Starwood Hotels & Resorts Worldwide Inc. Page 2 of 7 INFORMATION SECURITY
Physical Access to Data Center/Computer rooms
Version: 1.2
FINAL
Table of Contents
Physical Access to Data Center/Computer rooms ......................... 2 Changelog...................................................................................... 2 1. Overview .................................................................................. 4
1.1 1.2 1.3 1.4Purpose ...........................................................................................................4 Scope and Applicability ...................................................................................4 Accountability ..................................................................................................4 Contributions...................................................................................................4
2. Data Center Procedures ........................................................... 5 3. Access for non public areas ...................................................... 5 4. Badges ..................................................................................... 6 5. Personal Devices...................................................................... 6 6. Documents ............................................................................... 7
Starwood Proprietary & Confidential – Internal Distribution Only unless Authorized Writing by the Starwood Information Security Office
© 2012 Starwood Hotels & Resorts Worldwide Inc. Page 3 of 7
INFORMATION SECURITY
Physical Access to Data Center/Computer rooms
Version:1.2
FINAL
1.
OVERVIEW
1.1 Purpose
This procedure is to ensure that proper physical security controls are in place regarding access to the datacenter. (This access includes a datacenter or any area that houses a system that stores, processes, or transmits cardholder data).
1.2 Scope and Applicability
This document explains a Starwood associate’s responsibility in granting access...
Leer documento completo
Regístrate para leer el documento completo.