[ skip to content ]

More Information about this image

Handbook and paperwork for the newly hired.

Old Dominion University

Information Technology Standard

06.1.0 IT Facilities Security Standard

Date of Current Revision or Creation: January 1, 2023

The purpose of an Information Technology Standard is to specify requirements for compliance with Old Dominion University Information Technology policies, other University policies, as well as applicable laws and regulations. Standards may include business principles, best practices, technical standards, migration and implementation strategies, that direct the design, deployment and management of information technology.

  1. Purpose

    The purpose of this compliance standard is to establish the requirements for safeguard the physical facilities that house information technology equipment, systems, services, and personnel.

  2. Definitions

    IT Facilities is a static, mobile or portable facility (or facilities) or a location that contains Old Dominion University information technology equipment, systems, services, and personnel.

  3. Standards Statement

    Old Dominion University implements physical security practices to prevent unauthorized physical access, damage and interference to the institution's premises and information. The protection provided should be commensurate with the identified risks.

    Site Security

    • Security perimeters of IT sites are clearly defined and controls depend on the requirements of the asset and the results of a risk assessment.
    • The perimeters of the site should be physically sound and of solid construction.
    • Doors should be suitably protected against unauthorized access with suitable control mechanisms.
    • Physical security for offices, rooms and other facilities should consider all relevant health and safety standards.
    • Where applicable, sites should be unobtrusive and give minimum indication of their purpose.

    Environmental Controls

    • Physical barriers should provide environmental protection.
    • Electric power, heating, fire suppression, ventilation, air-conditioning, and air purification are to be installed, as required by the IT systems and data.
    • All fire doors are to be alarmed, monitored and tested in compliance with fire safety regulations.

    Physical Access Controls

    • Access to sites should be restricted to authorized personnel only.
    • Physical access to essential computer hardware, wiring, displays, and networks by the principle of least privilege, where feasible.
    • A system of monitoring and auditing physical access to sensitive IT systems is provided.
    • The Information Security Officer (ISO) is to periodically review the list of persons allowed physical access to sensitive IT systems.

    Working in Secure Areas

    • Guidelines for working in secure areas should include controls for employees, contractors and third party users.
    • Personnel should only be aware of activities on a need-to-know basis.
    • Unsupervised working is secure areas should be avoided for safety reasons and to prevent opportunities for malicious activities.
    • Vacant areas should be physically locked and periodically checked.
    • Audio and video equipment is not allowed in secure areas without the authorization of the Information Security Officer.

    Public Access, Delivery and Loading Areas

    • Access points for deliveries and loading are to be controlled for unauthorized access.
    • Incoming material should be inspected for potential threats before being moved to the point of use and handled in accordance with asset management procedures.
  4. Procedures, Guidelines & Other Related Information

    Federal and State Law

    University IT Policies

    IT Policies and Standards

  5. History


    Responsible Party


    October 2008



    October 2009



    October 2010



    October 2011



    March 2012


    Revised for working in secure areas and public access and delivery

    December 2012

    IT Policy Office

    Numbering revision

    December 2016 IT Policy Office Reviewed no changes
    September 2019 IT Policy Office Reviewed no changes
    January 2023 IT Policy Office Reviewed no changes

Site Navigation

Experience Guaranteed

Enhance your college career by gaining relevant experience with the skills and knowledge needed for your future career. Discover our experiential learning opportunities.

Academic Days

Picture yourself in the classroom, speak with professors in your major, and meet current students.

Upcoming Events

From sports games to concerts and lectures, join the ODU community at a variety of campus events.