This document describes Information Security's requirements for employees of university that work outside of an office setting.
2. Scope:
This policy applies to any endpoint computer issued by university or used for university business which contains stored data owned by university.
3. Policy:
All employees shall assist in protecting devices issued by university or storing university data.
Users are expressly forbidden from storing university data on devices that are not issued by university, such as storing university email on a personal cell phone or PDA.
3.1 Anti-Virus, Secunia CSI and Endpoint Security Software:
University will issue computers with Secunia, Anti-virus and Endpoint security installed. Employees are to notify the security department immediately if they see error messages for these products. Employees shall run on online malware scanner at least once a month for a “second opinion.
3.2 Browser Add-ons:
In general, univarsity does not recommend using Browser Add-ons, however we do not forbid the use of these tools if they enhance productivity. After installing a Browser Add-on, employees shall run a browser testing tool. See MS Endpoint Privacy & Security Guidelinesfor recommended testing tools.
Also, it increase security against any adds.
5. Policy Compliance:
5.1 Compliance Measurement:
The administration will verify compliance to this policy through various methods, including but not limited to, periodic walk-thrus, video monitoring, business tool reports, internal and external audits, and feedback to the policy owner.
5.2 Exceptions:
Any exception to the policy must be approved by the administration in advance.
5.3 Non-Compliance:
An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
6 Related Standards, Policies and Processes:
· MS Endpoint Privacy & Security Guidelines
· IT policy
· Policy for Remote Access (to have full control of access witch increase the security of university resources)
This policy applies to any endpoint computer issued by university or used for university business which contains stored data owned by university.
3. Policy:
All employees shall assist in protecting devices issued by university or storing university data.
Users are expressly forbidden from storing university data on devices that are not issued by university, such as storing university email on a personal cell phone or PDA.
3.1 Anti-Virus, Secunia CSI and Endpoint Security Software:
University will issue computers with Secunia, Anti-virus and Endpoint security installed. Employees are to notify the security department immediately if they see error messages for these products. Employees shall run on online malware scanner at least once a month for a “second opinion.
3.2 Browser Add-ons:
In general, univarsity does not recommend using Browser Add-ons, however we do not forbid the use of these tools if they enhance productivity. After installing a Browser Add-on, employees shall run a browser testing tool. See MS Endpoint Privacy & Security Guidelinesfor recommended testing tools.
Also, it increase security against any adds.
5. Policy Compliance:
5.1 Compliance Measurement:
The administration will verify compliance to this policy through various methods, including but not limited to, periodic walk-thrus, video monitoring, business tool reports, internal and external audits, and feedback to the policy owner.
5.2 Exceptions:
Any exception to the policy must be approved by the administration in advance.
5.3 Non-Compliance:
An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
6 Related Standards, Policies and Processes:
· MS Endpoint Privacy & Security Guidelines
· IT policy
· Policy for Remote Access (to have full control of access witch increase the security of university resources)
Source:
Done by:
Ohoud Alshammary
No comments:
Post a Comment