Skip to Search Skip to Global Navigation Skip to Local Navigation Skip to Content
Handbook of Operating Procedures
Chapter 8 - Facilities and University Services
Publication Date: August 3, 2020
Previous Publication Date: July 7, 2011
Responsible Executive: VP for Business Affairs


8.04 Physical Access Control to University Facilities


I. POLICY STATEMENT


Access to The University of Texas at San Antonio (UTSA) buildings, offices and other facilities is strictly controlled to ensure that only authorized UTSA affiliates are issued keys and/ or electronic access credentials that allow access to facilities.

Facility access will be granted only upon the authorization of the appropriate authorized requestor as referenced in the "responsibilities" section. The Department of Public Safety: Security Services is responsible for issuance of keys, programming of UTSACard access and associated records, with limited exceptions as specified in this policy.


II. RATIONALE


The objective of this policy is to ensure the safety and security of UTSA buildings by strictly regulating the issuance and use of keys and electronic access. This policy also serves to communicate applicable procedures and responsibilities. 


III. SCOPE


This policy is effective for all UTSA facilities, leased or owned, that are accessed by mechanical keys or electronic access.


IV. WEBSITE ADDRESS FOR THIS POLICY


http://www.utsa.edu/hop/chapter8/8.04.html


V. RELATED STATUTES, POLICIES, REQUIREMENTS OR STANDARDS


UTSA HOP policy 4.14, Separation of Employment for UTSA Personnel
http://www.utsa.edu/hop/chapter4/4-14.html


CONTACTS


If you have any questions about HOP policy 8.04 Physical Access Control to University Facilities, contact Security Services at 210-458-6855.


DEFINITIONS


Access Control Authorized Requestor
The head of a divisional unit, college or department, and/or his/her authorized delegate with administrative responsibilities and oversight authority.

Data Center
A facility that houses computer systems and associated components, such as telecommunications and storage systems, redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices, etc.

Electronic Key Box
An electronically controlled cabinet that stores, audits, restricts and manages keys.

Emergency First Responder
Designated personnel from the following areas: Facilities, Public Safety, Lab/Safety and UTSA Hazmat Teams.

Intermediate Distribution Frame (IDF)
A distribution frame in a central office or customer premises, which cross connects he user cable media to individual user line circuits and may serve as a distribution point for multi-pair cables from the main distribution frame (MDF) or combined distribution frame (CDF) to individual cables connected to equipment in areas remote from these frames. IDFs are used for telephone exchange central office, customer-premises equipment, wide area network (WAN), and local area network (LAN).

Main Distribution Frame (MDF)
A termination point within the local telephone exchange where equipment and terminations of local loops are connected by jumper wires at the MDF. All cable copper pairs supplying services through user telephone lines are terminated at the MDF and distributed through the MDF equipment with the local exchange.

Multifactor authorization
Includes two or more access processes, including card access, keypad, biometrics, RFID and other access control technology

UTSA Affiliate
A current UTSA or University of Texas System (UT System) employee, a current UTSA student, or a contracted service provider is considered a UTSA affiliate for purposes of this policy.

UTSACard
The UTSA identification card that has been programmed to open electronic access controlled doors at any UTSA building, office, classroom, lab, workroom or other facility.

UTSA Key
A mechanical metal key issued by UTSA Security Services that opens a lock to allow access to any UTSA building, office, classroom, lab, workroom or other facility.


RESPONSIBILITIES


  1. Director of Security Services or authorized designee  
    1. Manages, controls and documents all keys and electronic access programming for all UTSA Affiliates, with the sole exception of University Housing residents. 
    2. Upon notification of lost key, reviews security risk associated and determines whether new key will be issued or if a rekey of the space is deemed necessary.  
    3. Maintains a secure computerized database that manages and documents key issuance records and UTSA access programming for UTSA facilities. 
    4. Provides UTSA electronic/key access records to each academic and administrative department for the purpose of verifying access. 
    5. Determines master key restrictions and approves any new master key requests. 
    6. Approves access to service drives (RFID sticker, RFID tag, or card access). 
  2. Executive Director of University Housing Services  
    1. Manages the issuance of key and card access for UTSA Housing residential areas. 
  3. Key, UTSACard, and  Access Credentials Recipient  
    1. Assumes responsibility for the security and proper use of issued keys or access to facilities via the UTSACard.  
    2. Will ensure at all times that issued master keys are properly secured in a locked drawer, cabinet, or key box at the end of the work day.  
    3. Will not permit a key or UTSACard to be out of their personal possession unless the key or card is secured in a locked drawer, cabinet or key box. This includes loaning issued keys or cards to anyone, including other UTSA affiliates. 
    4. Will not permit a key to be duplicated. 
    5. Upon discovery, must immediately report the loss or theft of any key or UTSACard to the UTSA Department of Public Safety and to their immediate supervisor or appropriate administrative official as soon as possible. ? 
    6. Ensures the return of issued key(s) to Security Services immediately upon terminating their affiliation with UTSA. Students are not required to return their issued UTSACard. ?Employees must return keys or cards in accordance with HOP policy 4.14Separation of Employment for UTSA Personnel.? 
  4. Authorized Requestor 
    1. Periodically conducts a documented physical accounting for keys and cards issued to UTSA affiliates. Any lost keys are immediately reported to Security Services.  
    2. Approves key or UTSACard access for UTSA affiliates within their organization. 
    3. Ensures that a Security Services Electronic Form request is submitted for removal of electronic access for any faculty/staff/student that no longer requires access to a space.   
    4. Authorized requestors are only permitted to request for access to spaces within their department and must only request the lowest level of access required for business need.  Required level of approval: 
      1. Building or Campus – Director of Security Services 
      2. Residential Housing Facilities – Housing Management 
      3. University Technology Solutions (UTS), Security Services and Facilities shared spaces – UTS, Security Services and Facilities authorized requestors 
      4. UTS IDF/MDF Rooms/Data Centers  – Associate Vice President of UTS
      5. Service Drives Entry – Director of Security Services  
      6. Department suites, offices, classrooms, labs – department authorized requestor
    5. Ensures that a Security Services Electronic Form request is submitted for removal of electronic access for any faculty/staff/student that no longer requires access to a space.   

PROCEDURES


    1. General Information
      1. Failure to comply with provisions of this policy and its associated procedures may subject the violator to adverse action in accordance with all applicable rules, policies, procedures as set forth by The University of Texas System Regents Rules and Regulations, the UTSA Handbook of Operating Procedures and/or the UTSA Student Code of Conduct, or applicable contractual provisions or terms and conditions that apply to service providers.
      2. Security Services has sole authority for the creation and issuance of all keys and electronic access programming with the exception of University Housing residents.
      3. Public Safety has sole authority for the design, implementation and installation of all security equipment on any UTSA property, to include electronic access control, alarms, security surveillance cameras, and other specialty security systems.
      4. Any department that requires additional security equipment, security evaluations or has a specific state/federal physical security requirements or other contracted, standard agreement for physical security should contact Security Services.
      5. Access to service drives and services roads shall be limited to only those with specific business need. Authorized personnel shall abide by regulations and posted signage.

    2. Keys or UTSA Card access are issued only in accordance with the following guidelines:
      1. Keys and UTSA Card access to UTSA buildings will be issued only to authorized UTSA affiliates in accordance with this policy.
      2. Duplication of a UTSA key is strictly prohibited.
      3. Keys will not be issued to any doors with a card reader or other electronic access control.
      4. Transferring keys from one UTSA affiliate to another is strictly prohibited.
      5. The issuance of master keys will be evaluated and limited for security purposes.
      6. Master keys must be kept in key box overnight or in a lockable desk drawer with limited access and must not be taken home.

    3. Requesting a Key or UTSACard Access
      1. Requests for a mechanical key must be submitted through the Security Services Eform by an authorized requestor.
      2. Once a key request has been approved, an email will be sent automatically to the authorized requestor and the person being issued the key letting them know that a key is ready to be picked up at Security Service (BOS 1.200).
      3. Keys requested for the downtown campus or ITC will automatically be transported to the downtown campus police department (FS 1.528) unless otherwise noted under the special instructions section when requesting key.
      4. Requests for Great Grand Master keys and Grand Master keys must include a justification from department's Vice President or designee and must be authorized by the Director of Security Services.

    4. Lost or Stolen Keys
      1. The loss or theft of a key or UTSACard must immediately be reported to the UTSA Department of Public Safety and to the immediate supervisor or authorized requestor with responsibility for the facility. (Note: Residential students should immediately report a lost card to the residential facility staff.)
      2. Once a police report has been made, a dispatch entry number or incident report number will be provided to the reporting person.
      3. An Eform mechanical key request must be submitted and the dispatch or incident number must be included on the request. If the incident number is not included, the request will be denied.
      4. Once a lost key request is submitted, Security Services will contact the requestor and gather information regarding the lost key (where it was lost, what kind of space the key opens, etc.).
      5. Once all of the required information is collected, the Director of Security Services or authorized designee will evaluate the security risk and determine if a rekey of the space is deemed necessary.
      6. The department will be responsible for funding any rekey due to lost keys. Keys should be delivered in person to minimize risk.

    5. Lost and/or Stolen UTSACard with Access
      1. Upon discovery of a lost and/or stolen UTSACard with access to buildings, offices, labs or other secure areas, UTSA affiliate or department shall notify Security Services immediately to revoke access.
      2. UTSA affiliate shall go to Campus Services to obtain a new UTSACard and have authorized requestor submit access request through the Security Services Eform.

    6. Returning Keys, UTSACard, and Other Access Control Credentials
      1. Keys shall not be transferred from one UTSA affiliate to another.
      2. Anytime a faculty/staff/student separates with the University, their issued keys must be returned to Security Services.  It is the responsibility of the supervisor to ensure all keys issued to the employee are returned to Security Services.
      3. It is the responsibility of the department supervisor to contact Security Services to review keys and card access issued to terminating or transferring employees to ensure that ALL keys and cards are returned and access is properly removed.
      4. When a UTSA or UT System employee terminates employment, they must return keys or UTSACard in accordance with HOP policy 4.14Separation of Employment for UTSA Personnel, and follow all required procedures. ? 
      5. Keys that are issued by the University Housing must be returned directly to the designated University Housing official. University Housing staff are responsible for terminating card access for all residents. 
      6. Keys must not to be sent through campus or any type of mail service. 

    7. Transferring Keys
      1. Transferring keys is strictly prohibited.
      2. If a key needs to be transferred due to one faculty/staff member leaving and a new faculty/staff member starting, a key request must be submitted through the Eform for the new employee and both members must come to Security Services to fill out necessary paperwork.
      3. Once all necessary paperwork is filled out, the key number will be replaced with a new key number and can then be given to the new employee.
      4. This process is vital as it allows Security Services to keep track of all keys and maintain proper documentation.

    8. UTSA Housing
      1. The UTSA Office of Housing and Residence Life is responsible for all access for UTSA Housing residents.
      2. Housing and Residence Life engages Security Services to key all non-residential rooms within UTSA residential housing facilities.

    9. Key Inventory
      1. Each year Security Services will conduct a documented inventory of Great Grand Master keys, Grand Masters, keys to highly restricted and restricted spaces, as well as keys contained inside electronic key boxes. All other keys will be inventoried periodically or as required due to special circumstances.
      2. The authorized requestor is required to maintain a list of keys assigned to their personnel and conduct periodic physical inventory of keys to controlled spaces issued to affiliates within their department.
      3. The authorized requestor shall be responsible for coordinating with Security Services for inventories and ensuring that keys are correctly managed within their department.
      4. The physical inventory of keys requires a visual inspection of the issued key by the department authorized requestor and verification of the key number and name of the UTSA affiliate.
      5. The department will be responsible for funding any rekey of their space.

    10. Increased Security Measures
      1. Areas that are required to have increased security must be evaluated by the Director of Security Services or his/her designee.
      2. The Director of Security Services or his/her designee must evaluate any security plans that have contractual or state/federal security requirements.
      3. The Director of Security Services designates the security level for each space based on specific requirements provided.
      4. Security equipment necessary to meet specific requirements must be funded by the department.

    11. Emergency access for first responders
      1. In the event of an emergency, first responders will have master access to evaluate hazards, shut off utilities, minimize building damage and minimize any other life safety risks.

    12. Electronic Key Box
      1. All electronic key boxes are installed, managed, and maintained by Security Services.
      2. New key box requests must be coordinated with Security Services and will be funded by requesting department.
      3. At no time should keys be removed from assigned key ring. Any requests for keys to be removed or changes to key rings must be conducted by Security Services.
      4. Department supervisors shall report any criminal mischief, tampering, or damage to key boxes to Security Services or Department of Public Safety.
      5. Security Services will work with the responsible department to inventory electronic key boxes annually.
      6. Request for key box access:
        1. Department supervisors are responsible for submitting Eform requests to obtain access or remove access from electronic key boxes.
      7. Daily use
        1. Keys removed from key box are the responsibility of the individual who has checked them out.
        2. Daily issue keys must not be transferred or loaned from one person to another.
        3. Keys must be returned to the key box at the end of each day.
        4. It is the responsibility of the designated department supervisor to ensure that all keys are returned to the key box and monitor alarm notifications.
        5. Department supervisors shall immediately attempt to locate missing keys and report any unaccounted keys to Security Services. 

    13. UTSA Data Center/MDF/IDF Access
      1. All UTSA Data Centers are to be secured at all times.
        1. Access to all Data Center is based on specific need and will be granted at the discretion of the Director of Enterprise Architecture and Infrastructure, Enterprise Infrastructure Architect, and/or their designee. A valid government issued ID or passport is required prior to a request for access and should be made available upon request with a UTSACard while visiting the Data Center. Role based access is automatic for emergency response groups as listed; Police Officers Security System Administrators, and Facilities Emergency Response Team.
        2. Access into the Data Center will be reviewed annually at the time of the security system inspection.
        3. Physical key access to the data center should only be used when the card access system is not operational.
        4. Each authorized personnel entrant must swipe their card individually
        5. Visitors granted access to the data center must be escorted at all times by authorized UTSA personnel
        6. Activities within the data center shall be restricted, where reasonably possible, no food or drink of any type is permitted in the data center.
        7. Third Party support services are granted access only when escorted, and supervised
        8. All authorized personnel, visitors and third party service workers must sign the data center access log book, documenting their name, time, date, and purpose of visit.
        9. Ingress and Egress
          1. Unauthorized use of photographic and video devices while on premises is strictly prohibited
        10. All Information Resources must be physically protected based on risk
      2. All MDF/IDF rooms are to be secured at all times
        1. Physical key access to MDF/IDF rooms should only be used when the card access system is not operational.
        2. Each authorized personnel entrant must swipe their card individually
        3. Visitors granted access to MDF/IDF rooms must be escorted at all times by authorized UTSA personnel
        4. Activities within the MDF/IDF rooms shall be restricted, where reasonably possible, no food or drink of any type is permitted in these communications rooms.
        5. Third Party support services are granted access only when escorted, and supervised

    14. Additional Responsibilities for Physical Security
      1. The propping of secured doors and modifying door hardware to prevent doors from securing properly is strictly prohibited, specifically for laboratories, restricted areas, research facilities and other alarmed access points.
      2. Allowing unauthorized individuals to access secured facilities is not permitted.
      3. Sharing UTSACards, access or security credentials with others is prohibited.
      4. Departments not limited to research facilities and laboratories, computer and cyber research laboratories shall ensure proper access control management of their space and establish internal policies that strictly prohibits unapproved access and activities within the department's facilities. Departments shall coordinate with Security Services for support and guidance where needed.
      5. Violation of these procedures may result in an internal review and removal of access on a temporary or permanent basis.


    X. SPECIAL INSTRUCTIONS FOR INITIAL IMPLEMENTATION


    None


    XI. FORMS AND TOOLS/ONLINE PROCESSES


    Access Services Website https://www.utsa.edu/publicsafety/security/keys/

    Mechanical Key Request Form https://cardaccessrequest.utsa.edu/Account/Login.aspx?ReturnUrl=%2f

    Electronic Card Access Request https://www.utsa.edu/publicsafety/security/keys/


    XII. APPENDIX