Frequently Asked Questions

Some of the basic steps taken to ensure the security of your data are:

  • Secured data center environment - Entry into the data center is restricted to authorized individuals. Access to the facility is controlled by proximity cards, monitored via video, with all access logged.

  • Logging of all file access - Security logs records who accesses files and when; and enters it into our log management system. Reports are generated by request.

  • Backups written to encrypted tapes before being sent offsite - Full backups are run each weekend and sent offsite weekly. All tapes going offsite are encrypted. This provides protection in the event that tapes are lost or stolen offsite. Data can only be restored from the encrypted tapes by providing the encryption keys. Keys are located in a safe onsite with a backup on an encrypted memory stick offsite.

  • On-demand virus scanning for CIFS/File Shares - Symantec Protection Engine for Cloud Services runs on dedicated servers to provide on-demand virus scanning on the file system. This is provided as an “on-demand” basis due to the intensive processing when run; which is noticeable to users. This has been deemed an acceptable risk because the desktops accessing the file services are required to have virus scanning installed and configured.

ITS hosted services design and configuration options provide the foundation for housing confidential data (e.g. PHI, PII and FERPA). Our environment adheres to UC/UCSF Policies and Procedures thereby addressing federal and state regulatory requirements, such as HIPAA and SB1386, for protecting your department’s confidential data.

For systems which process confidential data a System Security Risk Assessment is required. Deployments in the documented and vetted ITS hosted environment shorten the assessment process significantly in comparison to 3rd party environments.

New storage space can be provisioned in 1 business-day. Existing storage allocations can be expanded within the same timeframe.

Yes, you can purchase storage space separately that can be presented across the network using either the NFS or CIFS protocol.

Some of the basic steps taken to ensure the security of your data are:

  • Secured data center environment - Entry into the data center is restricted to authorized individuals. Access to the facility is controlled by proximity cards, monitored via video, with all access logged.

  • Logging of all file access - Security logs records who accesses files and when; and enters it into our log management system. Reports are generated by request.

  • Backups written to encrypted tapes before being sent offsite - Full backups are run each weekend and sent offsite weekly. All tapes going offsite are encrypted. This provides protection in the event that tapes are lost or stolen offsite. Data can only be restored from the encrypted tapes by providing the encryption keys. Keys are located in a safe onsite with a backup on an encrypted memory stick offsite.

  • On-demand virus scanning for CIFS/File Shares - Symantec Protection Engine for Cloud Services runs on dedicated servers to provide on-demand virus scanning on the file system. This is provided as an “on-demand” basis due to the intensive processing when run; which is noticeable to users. This has been deemed an acceptable risk because the desktops accessing the file services are required to have virus scanning installed and configured.

ITS hosted services design and configuration options provide the foundation for housing confidential data (e.g. PHI, PII and FERPA). Our environment adheres to UC/UCSF Policies and Procedures thereby addressing federal and state regulatory requirements, such as HIPAA and SB1386, for protecting your department’s confidential data.

For systems which process confidential data a System Security Risk Assessment is required. Deployments in the documented and vetted ITS hosted environment shorten the assessment process significantly in comparison to 3rd party environments.

If your data is stored on a network file share (mapped drive) provisioned by IT Field Services (ITFS), you can self-restore any file deleted within the last 14 days.

On a Windows workstation; right-click on the folder that contains the file and view the Properties, click the Previous Versions tab and select the version to restore.

To restore files from a Mac or a virtual server, submit a Service-Now ticket or call the IT Service Desk (514-4100).

Yes, we can dynamically add additional virtual hard disks, as well as expand existing virtual hard disks without rebooting.  Normally, the additional space can be recognized by using a simple command run in the guest operating system.

Order additional storage by submitting a Service-Now request or calling the IT Service Desk (514-4100).
In your request please include the server name, and the amount of additional storage for your virtual server.

Submit a request through Service-Now or call the IT Service Desk (514-4100).

Our service provides a utility to convert your physical server to a virtual server (P2V), so we can manage the process from start to finish; minimizing downtime to your users.

You can submit a Service-Now request or call the IT Service Desk (514-4100) to get started.

On the Windows platform we support Server 2012, 2008 and 2003*,
On the Linux platform we support Red Hat Enterprise Linux 32/64 5.x &6.x, Ubuntu 12.x & up and Centos 6.x & up.
*for existing servers only

Our virtual hosting service is based on VMware vSphere 5.1.

Yes, we can dynamically add additional virtual hard disks, as well as expand existing virtual hard disks without rebooting.  Normally, the additional space can be recognized by using a simple command run in the guest operating system.

Order additional storage by submitting a Service-Now request or calling the IT Service Desk (514-4100).
In your request please include the server name, and the amount of additional storage for your virtual server.

Provide advance notice of system or application changes so that we can take a snapshot of your server prior to any planned changes. This will allow us to revert your system back to the snapshot in the event that something goes wrong with the implementation of your planned changes.

Submit a Service-Now ticket or call the IT Service Desk (514-4100) to request a snapshot of your server. Please include the name of your server in your request.

Submit a Service-Now request or call the IT Service Desk (514-4100) and request that your virtual server be deleted.

Changes to your VM's firewall are initiated by submitting a ServiceNow request.

Remote connection to your VM is possible through the vSphere console Remote Desktop Connection (RDC) for Windows servers, and SecureShell (SSH) for Linux servers.

Yes, we provide console access to your virtual servers via a web client.

Once a proposal has been accepted by the customer, a simple VM will be provisioned within 2 business days. Complex VM’s may take longer. Application installation will be performed in consultation with the customer.

The DCS group does not provide high-performance compute capabilities (HPC). The Institute for Human Genetics has plans to provide this service, and QB3 faculty members can access the QB3-SF Shared Computing Service. Additional information on these services can be found on their web sites at:

Yes, we can restore from backup or you can rebuild. However, we recommend that you request a "snapshot" via a ServiceNow request, prior to making changes to your server.

The initial base installation can include the (patched) operating system and security suite. Subsequent updates and patches are provided as part of our system administration services.

The customer is responsible for installing updates and patching on virtual machines that they administer themselves.

All virtual machines that are subscribed to our backup services can be restored regardless of who administers the system.

Recovery is initiated by opening a service ticket.

No, customers are responsible for licensing applications on their servers.

You can choose to subscribe to our system administration services, or performing system administration functions yourself. Choose the option that works best for you.

Yes, both Linux and Windows VM’s are normally bound to Active Directory.