Data Center Policy
|Policy Title||Data Center Policy|
|Responsible Executive||Vice President for Information Technology and CIO Jay Dominick|
|Responsible Office||Office of Information Technology
Enterprise Infrastructure Services (EIS)
|Endorsed by||Kevin Gift; (609) 258-2299|
|Contact||Matthew Petty; (609) 258-6323|
|Effective Date||March 1, 2017|
|Last Update||March 1, 2017|
I. Policy Statement
Princeton University maintains multiple data centers across the University campuses. The purpose of this policy document is to provide guidance for users and visitors to any of these University Data Centers. This policy is meant to not only ensure the safety and security of the users/visitors but also to protect and secure the University’s IT and other assets located within each of these data centers.
Data Center Safety:
Maintaining safety for all users and visitors of the data centers is critical. To help ensure people’s safety, Princeton has deployed security and other protection systems at each data center. All Princeton University and Data Center policies and procedures must be followed by anyone inside any University Data Center.
Fire extinguishers are located around the periphery of all of the data centers, with additional extinguishers located around the periphery of the HPCRC White Space. In case of fire, the first step is to contact Public Safety, either by calling 609-258-3333, or by pressing one of the “Duress Buttons” located near the doors to the Data Center.
Data Center Specific Details:
Portable Emergency Call Buttons are kept on a hooks near the console room door. Especially when working in the building after hours, users are encouraged to carry one of these portable call buttons, in order to summon help in an emergency.
“Emergency Power Off” (EPO) buttons are located near the exits from the Data Center Room. These are to be use ONLY in an emergency to avoid physical injury, e.g. by electrocution, to someone in the data center room.
Data Center Access:
Access to the data center spaces within buildings is controlled by enabling individuals’ campus ID cards for that access. Doors leading into the actual data floor space (“white space”) also require entry of a PIN code, which is set by Data Center Facilities.
Individuals request access by filling out the “Form to Access Princeton Data Center Facilities”, which is available through SN@P or on the IT Security web site (http://www.princeton.edu/itsecurity/procedures/datacenter/). A manager or department head must also sign as a sponsor and specify the purpose for the individual’s access. Sponsors will be asked to re-confirm access permissions multiple times per year.
There are special procedures that are required to be followed when the data center access is off hours (non-working business hours) – see Data Center Specifics section below.
Data Center Specific (Access):
Exterior access to the building is by the front door or by the door at the loading dock. All internal doors require entry of a PIN code, which is set by Data Center Facilities. To request that an ID card be enabled for the appropriate access requires a justification to the Data Center Facilities team.
Off-hours access to the building is closely monitored and additional conditions apply. There is a procedure sheet at the front entrance that lists the additional notice that must be provided to the Department of Public Safety (DPS) before entering the building. The portable emergency call buttons noted in the safety section above should be worn if working in the white space area of the building. All safety precautions and data center policies must be followed.
Data center users have access to the stairs and the freight and passenger elevators. On the first floor, the conference room and meeting room are accessible by anyone who can enter the building. The large meeting room can be reserved for any University function by contacting Data Center Facilities.
On the second floor, all HPCRC users have access to the conference room and console room in the front of the building and the Staging Room, Burn-In Room and Storage Room in the back of the building. Anyone working in the building may also use the kitchenette on the second floor. Coffee and tea are provided by OIT.
Locking computer cabinets:
All user-accessible cabinets in the data centers have locks and keys are available only to authorized users of the cabinet. Accessing a cabinet without permission is both a safety and a security violation.
Data Center Specific (Cabinet Locks):
Keys are kept in a key control box located in the data center white space, just inside the door from the console room. To open the key cabinet, users swipe their cards on the reader located on the front panel. This opens the door and enables release of any keys to which a user has access. When a key is released, the LED near the key turns green. To remove a key, press the black button next to the key fob. Please remember to close the key box door after removing a key, and of course remember to return the key when you leave.
Data Center Notifications:
All departments with equipment in a University data center will be notified of any upcoming changes to any of the building systems that could affect operation of the building cooling or electrical systems. Notification will be via e-mail to the hpcrc-admins list.
Data Center Delivery/Installation of New Equipment:
When moving equipment into or out of the data centers, you must use the loading dock if available. Any new equipment should be unboxed outside of the white space. In order to maintain a clean environment for computer systems, no packing material should be taken into the white space.
Data Center Cabinet Electrical Strips:
Each cabinet has two strips for A/B power. One strip has six (6) C19/C20 outlets and twenty-four (24) C13/C14 outlets. There are red/blue “C19/C20” and “C13/C14” cord choices available in various lengths. It is strongly preferred that new systems utilize these red/blue power cords instead of what comes with the servers/units which is usually just black.
HPCRC Console Room:
The console room adjacent to the data center white space houses several desktop computers and a printer. Three of the computers are restricted to OIT system administrators. The other computers and the printer are available to all users of the facility. Usage of these systems should comply with Princeton’s acceptable use policy and priority is given to people who need to use these computers in connection with their data center systems and/or applications. Please remember to logout when you have finished working.
The storage room in the back of the building is available to all HPCRC users on request. Depending on the amount of material to be stored, users are provided with a dedicated, lockable cabinet or a shared cabinet. Contact Matt Petty to request storage space. Access to the storage room is controlled by a Salto lock.
Cell phone service should be available throughout the data centers. Notify Data Center Facilities if there are areas where you have no coverage.
Tools and Supplies:
Tools and various supplies (power cords, etc.) are kept in the HPCRC Staging Room. They are available for use by anyone working in the data center room. If you borrow any of the tools, please put them back. If tools are accidentally broken or damaged, please notify Data Center Facilities so they can be repaired or replaced. If you use supplies, please make a note on the white board in the Staging Room, so OIT will know when to reorder.
Several wheeled “crash carts” are located in the data center rooms. These devices contain a keyboard, mouse and monitor that can be connected to a server for debugging.
Retractable extension cords (“cord reels”) are located on each of the building pillars near rows C, H and L. Each cord is 50 ft. long and can be used to plug in tools or other devices anywhere in the data center room. The extension cord can be plugged into a power strip on the crash cart if you need to plug in multiple devices. To avoid any possibility of overloads or power surges/dips in computer power supplies, do not use the power strips inside the computer racks as convenience outlets
Data Center Specific (Parking):
- HPCRC - Parking is available by the front door and in spaces along the driveway or in front of the building
- New South – Closest Princeton Parking is Lot #P23 or #P16
- Prospect – Closest Princeton Parking is Lot #P4 or #P5 (Requires University permit)
- Lewis – Closest Princeton Parking is Lot #P14 (Requires University permit)
Tours of University Data Centers:
The Office of Information Technology maintains access-controlled data centers on behalf of Princeton University.
Unescorted physical access to OIT-maintained University data centers is restricted to a defined set of University employees and designated others who are responsible for the operation of computing and network resources and have a business need for regular access to the facility.
Under special circumstances, others may be given access when escorted by an authorized person. One type of special circumstance is when a tour of one of these University data centers is requested. Below is the procedure for requesting that guests be allowed a tour of a University data center.
- Notice must be provided in advance to the Data Center team. Currently this is done by sending an email to the Princeton email group email@example.com. Information must include the date and time of the tour, the number of people expected, which data center facility is being toured, and the purpose of the tour.
- The Data Center team will respond to the person submitting the request whether the requested data and time can be accommodated. Requests that require the direct involvement of the Data Center team for the actual tour should be submitted at least a week prior to the requested tour date.
- The tour should meet the following guidelines:
- There must be a valid business purpose for the tour
- The tour group size should not exceed twelve people
- General tours should not extend into any hazardous locations within the data center. Specialized tours may include these areas (e.g. battery room, generator room, etc.) that are related to the tour purpose if the tour members are provided proper safety instructions
- The tour group is not permitted to enter any secured cages inside any Data Center facility
- The tour duration (inside the Data Center facility) should be planned to be an hour or less
- Any requests for usage of conference rooms, eating areas, etc., outside of the Data Center compute space (“White Space”) should be made in advance to the Data Center team
- Any food being served or provided is only allowed in designated eating/dining areas and is never allowed in the Data Center compute space (“White Space”)
- The individuals brought in on the tour must abide by all Data Center facility security and access guidelines. They must all sign into the registration book/website when they are escorted into the Data Center facility
- Lack of procedure compliance may result in the tour not being allowed to proceed
- The tour group leader is responsible for everyone in the tour group and is required to ensure the group’s overall compliance with the University’s Data Center policies and security.
Please reference the policy above for the procedures related to physical access to the data centers and for tours of the data centers.
Below is the current contact information relating to Data Center Procedures:
Data Center Facilities: Matt Petty - firstname.lastname@example.org
Data Center Facilities: Mike Monaghan - email@example.com
Critical Infrastructure: Kevin Gift - firstname.lastname@example.org
The “on call” phone extension for Data Center Facilities is 8-7413 (609-258-7413). Someone will answer this phone between 8:00 AM and 4:30 PM Monday through Friday
E-mail to email@example.com will be distributed to all Data Center Facilities staff.
IV. Who is Affected by this Policy
This policy applies to all Princeton University faculty, staff and students, as well as other users and visitors to any Princeton University data center.
C13/C14 and C19/C20 - Types of Electrical plugs/sockets defined by the IEC
DPS - Department of Public Safety
HPCRC - High Performance Computing Resource Center
IEC - International Electrotechnical Commission
OIT - Office of Information Technology
SN@P - ServiceNow at Princeton