I.T. Security Policy
User Responsibilities
These
guidelines are intended to help you make the best use of
the computer resources at your disposal. You should understand
the following.
1.
You are individually responsible for protecting the data
and information in your hands. Security is everyone's responsibility.
2.
Recognise which data is sensitive. If you do not know or
are not sure, ask.
3.
Even though you cannot touch it, information is an asset,
sometimes a priceless asset.
4.
Use the resources at your disposal only for the benefit
of XYZ Ltd.
5.
Understand that you are accountable for what you do on the
system.
6.
If you observe anything unusual, tell your supervisor.
When using the Company's computer systems you should comply
with the following guidelines.
DO
7. Do choose a password that would be hard to guess.
8.
Do log off before you leave your workstation, if you are
working on sensitive information or leaving your workstation
for any length of time.
9.
Do ask people their business in your area, if they look
as though they do not belong there.
10.
Do protect equipment from theft and keep it away from food
and drinks.
11.
Do ensure that all important data is backed up regularly.
Liaise with I.T. Services if you require assistance.
12.
Do make sure that on every occasion that floppy disks and
other media are brought in to the Company that they are
checked for viruses by I.T Services before use.
13.
Do inform I.T. Services immediately if you think that your
workstation may have a virus.
DO
NOT
14. Do not write down your password.
15.
Do not share or disclose your password.
16.
Do not give others the opportunity to look over your shoulder
if you are working on something sensitive.
17.
Do not use shareware (software downloaded from the Internet
or on PC magazine covers).
18.
Do not duplicate or copy software.
19.
Do not install any software on your machine or alter its
configuration, this work may only be undertaken by I.T.
Services staff.
Please
note the following
Your PC will be audited periodically.
Logins to, and use of the Company's network are monitored
and audited.
FAILURE
TO COMPLY WITH THE COMPANY'S SECURITY POLICY MAY LEAD TO
DISIPLINARY ACTION.
|