Version: 2.0. Effective From: 28/11/2014
|
|
- Dennis Cross
- 8 years ago
- Views:
Transcription
1 Policy No: OP58 Version: 2.0 Name of Policy: Anti Virus Policy Effective From: 28/11/2014 Date Ratified 17/09/2014 Ratified Health Informatics Assurance Committee Review Date 01/09/2016 Sponsor Director of Finance and Information Expiry Date 16/09/2017 Withdrawn Date This policy supersedes all previous issues. Anti Virus Policy v2
2 Version Control Version Release Author / Reviewer Ratified By / Authorised By /04/2009 D Prudhoe Information Governance Committee /11/2014 D Prudhoe Health Informatics Assurance Committee Date April /09/2014 Changes (Please identify page no.) Anti Virus Policy v2 2
3 Contents 1 Introduction Scope Aim of Policy Duties (Roles and Responsibilities) Definitions Anti Virus Policy Use of e mail and the internet Anti Virus Controls What to do if a virus is found or suspected Hoax Viruses Data Protection Act Training Equality and Diversity Monitoring Compliance with the Policy Consultation and Review Implementation of Policy (including raising awareness) Associated Documentation... Anti Virus Policy v2 3
4 Anti Virus Policy 1 Introduction The software and hardware that make up the computer networks are essential resources for the NHS Organisations. They aid staff in carrying out their everyday duties and without them important communication systems would not exist. Computer viruses pose considerable risks to these systems. They can cause them to run erratically, cause loss of information, and information to become corrupted, with the consequential loss of productivity for the organisation. This policy is designed to give guidance and direction on minimising the risk of a virus infection, and what to do if they are encountered. 2 Scope. This policy applies to: All employees whilst using Trust equipment and accessing the Trust s Network at any location, on any computer or Internet connection. Other persons working for the organisation, persons engaged on business or persons using equipment and networks of the organisation. Anyone granted access to the network. 3 Aim of Policy. The Aim of this policy is to ensure that: All staff are aware of their responsibilities in relation to safeguarding the confidentiality, integrity, and availability of data and software within the organisation. Best practice concerning the use of software within the organisation is identified. Instructions are provided on the prevention of virus infection, and what steps to take should a virus be found 4 Duties (Roles and Responsibilities). All staff and Non Executive Directors are obliged to adhere to this policy. It is the responsibility of the individual to ensure that they understand this policy. Managers at all levels are responsible for ensuring that the staff for whom they are responsible are aware of and adhere to this Policy. They are also responsible for ensuring staff are updated in regard to any changes in this Policy. Breaches of this policy should be regarded as serious misconduct which could lead to disciplinary action in accordance with the Trust s Disciplinary Policy. Anti Virus Policy v2 4
5 Every individual defined within the scope of this document is responsible for the implementation of this policy whilst operating any personal computer resources to access any of the Trust s systems. 5 Definitions. For the scope of this policy, a virus is defined as a self replicating piece of software, which may cause damage to the operating system of the computer, the storage devices, and any data and/or software stored on them. For the scope of this policy, software is defined as a computer program that is designed to carry out specific functions For the scope of this policy, a personal computer is defined as any one of the following. Desktop computers, laptop computers, tablet computers and any other mobile device capable of executing and/or running malicious software. For the scope of this policy, the Anti Virus software used by the Trust will include protection against virus, spyware and malware. 6 Anti Virus Policy. 6.1 Use of e mail and the internet. E mail is one of the main ways used to distribute computer viruses. This is due to the ease of which information can be distributed globally. Viruses can be hidden in attachments or in material downloaded from the internet. To help protect against viruses being distributed over the network, the following should be applied: Make sure you know the sender of the e mail is genuine before opening any attachments. If you are suspicious in any way then contact the sender to confirm they have sent the e mail. If you think you have received an e mail virus, or have received an alert from your PC to this effect then please contact the IT Service Desk. Any form of software, screen savers, or games must not be downloaded or copied from any source. Do not action any e mails that suggest they have been sent to fix a problem with your machine (e.g. s from Microsoft). Reputable vendors would never distribute software patches in this way. If you have any suspicions regarding a received e mail do not open it, but contact the IT Service Desk immediately. 6.2 Anti Virus Controls Requirements Anti Virus software must only be installed and configured by IT Services. Users must not disable or interfere with anti virus software installed on any computer or server. Anti Virus Policy v2 5
6 IT Services must ensure that automatic updates are applied to all workstations and servers on a daily basis and that all devices are up to date with the latest signature file. No computer or server may be connected to the network without adequate protection i.e. up to date anti virus software being installed and activated. Only portable devices owned by the Trust may be connected to the network. Portable device users must regularly connect to the network to ensure that the anti virus software remains updated. Failure to do so could result in unnecessary virus outbreaks. Users must not change or delete any anti virus software that is installed on the Trusts network, servers or PC s Software Controls No software programs or executable files should be downloaded from the Internet and installed onto a PC without the consent of IT Services. Unauthorised downloading of software may breach the copyright licence, could introduce a computer virus to the system, and is a breach of the Trusts Internet Policy. The unauthorised copying of software is a criminal offence under the Copyright, Design and Patents Act Avoiding virus infection Avoid the transfer of information by floppy disc, CD or USB memory sticks between computers. Do not introduce the above media from home onto NHS computers. Do not start up a PC with a floppy disk, CD or USB memory stick inserted unless instructed by IT Services. Where practical write protect floppy disks and USB memory sticks until the write option is required. Save data/documents etc. on your home directory. Do not save information on the PC so that if infection does occur, data can be recovered. 6.3 What to do if a virus is found or suspected If you find or suspect a virus on your PC Contact IT Services immediately. Do not use the PC until approved by the IT Department The responsibilities of IT Services are to: Check the infected PC Anti Virus Policy v2 6
7 6.4 Hoax Viruses Check any media that have been used in the infected PC Check any other PC that the media has been used with Delete or clean any infected files Check any Servers that may have been accessed during the incident Inform the IT Security Officer of any viruses detected Ensure that the incident is addressed within an appropriate timescale Hoax s are very common. The usual format is a warning of a virus (usually labelled as the worst yet or some other equally alarmist phrase). The will give details of a virus carried in an with a particular subject line or attachment name then give details of how the virus will cause huge amounts of data loss. The will then go on to tell you to send the warning to everyone you know. Staff should not pay heed to these s. If there is any doubt whether the details are genuine staff should contact the IT Service Desk for advice. 6.5 Data Protection Act Training. The Data Protection Act governs the processing of personal identifiable data, and protecting the data from loss, damage or destruction, whether accidental or deliberate. This includes having anti virus controls in place to safeguard information and ensure the Act is complied with. The security measures must take into account the harm that may result from unauthorised or unlawful processing, loss, damage or destruction. The nature of the data being protected also needs to be considered. Appropriate personnel checks need to be taken to ensure the integrity of the staff that have access to the data being protected. Any training required can be provided via the IT Directory and Security Team within the IT Department. 8 Equality and Diversity. The Trust is committed to ensuring that, as far as is reasonably practicable, the way we provide services to the public and the way we treat our staff reflects their individual needs and does not discriminate against individuals or groups on any grounds. Reasonable adjustments can be made to ensure disabled staff and people with other health conditions can utilise the system. Anti Virus Policy v2 7
8 9 Monitoring Compliance with the Policy. Standard/process/issue Ensure Anti Virus installations are up to date Monitoring and audit Method By Committee Frequency Reports via Directory Daily admin Services console Team Ensure infections are dealt with promptly Ensure inappropriate file types are not downloaded Highlight report to Health Informatics Assurance Committee Automatic alerts via admin console/ser vice Calls via Service Desk Automatic alerts via admin console Directory Services Team Directory Services Team Directory Services Team Health Informatics Assurance Committee Real Time Real Time Bi Monthly 10 Consultation and Review. Health Informatics Assurance Committee 11 Implementation of Policy (including raising awareness). This Policy will be published as per normal policies and circulated as per standard. This Policy will be available at all the Trust s designated locations. 12 Associated Documentation. IT Security Policy Internet, Intranet and Acceptable Use Policy Anti Virus Policy v2 8
IM&T POLICY & PROCEDURE (IM&TPP 01) Anti-Virus Policy. Notification of Policy Release: Distribution by Communication Managers
IM&T POLICY & PROCEDURE (IM&TPP 01) Anti-Virus Policy DOCUMENT INFORMATION Author: Vince Weldon Associate Director of IM&T Approval: Executive This document replaces: IM&T Policy No. 1 Anti Virus Version
More informationInformation Security
Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff
More informationDene Community School of Technology Staff Acceptable Use Policy
Policy Overview Dene Community School of Technology The school provides computers for use by staff as an important tool for teaching, learning, and administration of the school. Use of school computers,
More informationCOVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name
COVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name Introduction Removable Media and Mobile Device Policy Removable media and mobile devices are increasingly used to enable information access
More informationNETWORK AND INTERNET SECURITY POLICY STATEMENT
TADCASTER GRAMMAR SCHOOL Toulston, Tadcaster, North Yorkshire. LS24 9NB NETWORK AND INTERNET SECURITY POLICY STATEMENT Written by Steve South November 2003 Discussed with ICT Strategy Group January 2004
More informationThe Wellcome Trust Sanger Institute IT Acceptable Use Policy (AUP) Version 1.8
The Wellcome Trust Sanger Institute IT Acceptable Use Policy (AUP) Version 1.8 Introduction The IT systems must be used in a reasonable manner and in such a way that does not affect their efficient operation,
More informationHIPAA Security Training Manual
HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,
More informationSTANDARD ON CONTROLS AGAINST MALICIOUS CODE
EUROPEAN COMMISSION DIRECTORATE-GENERAL HUMAN RESOURCES AND SECURITY Directorate HR.DS - Security Informatics Security Brussels, 21/06/2011 HR.DS5/GV/ac ARES (2011) 663475 SEC20.10.05/04 - Standards European
More informationITU-10002 Computer Network, Internet Access & Email policy ( Network Access Policy )
ITU-10002 Computer Network, Internet Access & Email policy South Norfolk Council IT Unit Documentation www.south-norfolk.gov.uk Page : 2 of 8 Summary This policy informs all users about acceptable use
More informationInternet, E-mail and SMS Texting Usage Policy Group Policy
Internet, E-mail and SMS Texting Usage Policy Group Policy Scope: This Orbit Housing Group Limited ( Group ) policy provides a set of guidelines for all users within the Group on the proper usage of the
More informationSenior School 1 PURPOSE 2 SCOPE 3 SCHOOL RESPONSIBILITIES
Senior School 1 PURPOSE The policy defines and describes the acceptable use of ICT (Information and Communications Technology) and mobile phones for school-based employees. Its purpose is to minimise the
More informationICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation
ICT SECURITY POLICY Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation Responsibility Assistant Principal, Learner Services Jannette
More informationBOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy
BOARD OF DIRECTORS PAPER COVER SHEET Meeting date: 22 February 2006 Agenda item:7 Title: Purpose: The Trust Board to approve the updated Summary: The Trust is required to have and update each year a policy
More informationBurton Hospitals NHS Foundation Trust. On: 16 January 2014. Review Date: December 2015. Corporate / Directorate. Department Responsible for Review:
POLICY DOCUMENT Burton Hospitals NHS Foundation Trust INFORMATION SECURITY POLICY Approved by: Executive Management Team On: 16 January 2014 Review Date: December 2015 Corporate / Directorate Clinical
More informationTameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:
Tameside Metropolitan Borough Council ICT Security Policy for Schools Adopted by: 1. Introduction 1.1. The purpose of the Policy is to protect the institution s information assets from all threats, whether
More informationDATA PROTECTION IT S EVERYONE S RESPONSIBILITY. An Introductory Guide for Health Service Staff
DATA PROTECTION IT S EVERYONE S RESPONSIBILITY An Introductory Guide for Health Service Staff 1 Message from Director General Dear Colleagues The safeguarding of and access to personal information has
More informationSERVER, DESKTOP AND PORTABLE SECURITY. September 2014. Version 3.0
SERVER, DESKTOP AND PORTABLE SECURITY September 2014 Version 3.0 Western Health and Social Care Trust Page 1 of 6 Server, Desktop and Portable Policy Title SERVER, DESKTOP AND PORTABLE SECURITY POLICY
More informationINFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c
INFORMATION SECURITY MANAGEMENT SYSTEM Version 1c Revised April 2011 CONTENTS Introduction... 5 1 Security Policy... 7 1.1 Information Security Policy... 7 1.2 Scope 2 Security Organisation... 8 2.1 Information
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationLAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY
LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee
More informationAcceptable Use of ICT Policy. Staff Policy
Acceptable Use of ICT Policy Staff Policy Contents INTRODUCTION 3 1. ACCESS 3 2. E-SAFETY 4 3. COMPUTER SECURITY 4 4. INAPPROPRIATE BEHAVIOUR 5 5. MONITORING 6 6. BEST PRACTICE 6 7. DATA PROTECTION 7 8.
More informationAcceptable Use of Information Systems Standard. Guidance for all staff
Acceptable Use of Information Systems Standard Guidance for all staff 2 Equipment security and passwords You are responsible for the security of the equipment allocated to, or used by you, and must not
More informationLSE PCI-DSS Cardholder Data Environments Information Security Policy
LSE PCI-DSS Cardholder Data Environments Information Security Policy Written By: Jethro Perkins, Information Security Manager Reviewed By: Ali Lindsley, PCI-DSS Project Manager Endorsed By: PCI DSS project
More informationThe Bishop s Stortford High School Internet Use and Data Security Policy
Internet Acceptance Use and Data Security Policy Last Updated: 08/10/2012 Date of Next Review: 08/10/2015 Approved by GB: 10/10/2012 Responsible Committee: Student Welfare and Development Internet Acceptable
More informationOnline Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange
The responsibility of safeguarding your personal information starts with you. Your information is critical and it must be protected from unauthorised disclosure, modification or destruction. Here we are
More informationNHSnet SyOP 9.2 NHSnet Portable Security Policy V1. NHSnet : PORTABLE COMPUTER SECURITY POLICY. 9.2 Introduction
NHSnet : PORTABLE COMPUTER SECURITY POLICY 9.2 Introduction This document comprises the IT Security policy for Portable Computer systems as described below. For the sake of this document Portable Computers
More informationAngard Acceptable Use Policy
Angard Acceptable Use Policy Angard Staffing employees who are placed on assignments with Royal Mail will have access to a range of IT systems and mobile devices such as laptops and personal digital assistants
More informationSo the security measures you put in place should seek to ensure that:
Guidelines This guideline offers an overview of what the Data Protection Act requires in terms of information security and aims to help you decide how to manage the security of the personal data you hold.
More informationInformation Security Code of Conduct
Information Security Code of Conduct IT s up to us >Passwords > Anti-Virus > Security Locks >Email & Internet >Software >Aon Information >Data Protection >ID Badges > Contents Aon Information Security
More informationEMMANUEL CE VA MIDDLE SCHOOL. IT Security Standards
EMMANUEL CE VA MIDDLE SCHOOL IT Security Standards 1. Policy Statement The work of Schools and the County Council is increasingly reliant upon Information & Communication Technology (ICT) and the data
More informationUTC Cambridge ICT Policy
UTC Cambridge ICT Policy Lead member of SLT: Designated Governor: Staff Member: Principal TBC Lead IT & Telecommunication Technician Contents Introduction Scope Purpose Monitoring of college systems Prohibitions
More informationCCG LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY
CCG LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY (for Cheshire CCGs) Version 3.2 Ratified By Date Ratified November 2014 Author(s) Responsible Committee / Officers Issue Date November 2014 Review
More informationCentral Bedfordshire Council. IT Acceptable Use Policy. Version 1.7 January 2016 Not Protected. Not Protected Page 1 of 11
Central Bedfordshire Council IT Acceptable Use Policy Version 1.7 January 2016 Not Protected Not Protected Page 1 of 11 Policy Approval Central Bedfordshire Council acknowledges that information is a valuable
More informationInformation Security Policy for Associates and Contractors
Policy for Associates and Contractors Version: 1.12 Status: Issued Date: 30 July 2015 Reference: 61418080 Location: Livelink Review cycle: Annual Contents Introduction... 3 Purpose... 3 Scope... 3 Responsibilities...
More informationEmail, Internet & Telephone. Policy and Procedure
A Email, Internet & Telephone Policy and Procedure MAYLIM LTD Civil Engineering & Hard Landscaping Contractors 50 52 Wharf Road, G 04 The Wenlock, Islington, London N1 7EU Tel: +44(0)207 785 6996 Fax:
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationTrust Advantages and Disadvantages of Using Intranet
Policy No: OP17 Version: 6.0 Name of Policy: Internet, Intranet and Email Acceptable Use Policy Effective From: 04/08/2015 Date Ratified 04/03/2015 Ratified Health Informatics Assurance Committee Review
More informationINFORMATION SECURITY POLICY
INFORMATION SECURITY POLICY Policy approved by: Audit and Governance Committee Date: 4 th December 2014 Next Review Date: December 2016 Version: 1 Information Security Policy Page 1 of 17 Review and Amendment
More informationEmail Usage Policy Document Profile Box
Document Profile Box Document Category / Ref QSSD 660 Version: 0004 Ratified by: Governance and Risk Committee Date ratified: 12 th January 2012 Name of originator / author: Name of responsible committee
More informationHow To Behave At A School
THE LONG EATON SCHOOL ICT Security Policy Rules, expectations and advice for students APPROVED BY GOVERNORS: Student ICT Policy Introduction Educational establishments are using computer facilities more
More informationAcceptable Use Policy
Acceptable Use Policy Recommending Committee: Approving Committee: Information Governance Steering Group Patient Safety & Experience Council Signature: Designation: Chief Executive Date: Version Number:
More informationSECURITY POLICY REMOTE WORKING
ROYAL BOROUGH OF WINDSOR AND MAIDENHEAD SECURITY POLICY REMOTE WORKING Introduction This policy defines the security rules and responsibilities that apply when doing Council work outside of Council offices
More informationPortable Devices and Removable Media Acceptable Use Policy v1.0
Portable Devices and Removable Media Acceptable Use Policy v1.0 Organisation Title Creator Oxford Brookes University Portable Devices and Removable Media Acceptable Use Policy Information Security Working
More informationNETWORK SECURITY POLICY
NETWORK SECURITY POLICY Version: 0.2 Committee Approved by: Audit Committee Date Approved: 15 th January 2014 Author: Responsible Directorate Information Governance & Security Officer, The Health Informatics
More informationUNIVERSITY OF ST ANDREWS. EMAIL POLICY November 2005
UNIVERSITY OF ST ANDREWS EMAIL POLICY November 2005 I Introduction 1. Email is an important method of communication for University business, and carries the same weight as paper-based communications. The
More informationABERDARE COMMUNITY SCHOOL
ABERDARE COMMUNITY SCHOOL IT Security Policy Drafted June 2014 Revised on....... Mrs. S. Davies (Headteacher) Mr. A. Maddox (Chair of Interim Governing Body) IT SECURITY POLICY Review This policy has been
More informationInternet Use Policy and Code of Conduct
Internet Use Policy and Code of Conduct UNIQUE REF NUMBER: AC/IG/023/V1.1 DOCUMENT STATUS: Agreed by Audit Committee 18 July 2013 DATE ISSUED: July 2013 DATE TO BE REVIEWED: July 2014 1 P age AMENDMENT
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More information(Self-Study) Identify How to Protect Your Network Against Viruses
SECTION 24 (Self-Study) Identify How to Protect Your Network Against Viruses The following objective will be tested: Describe What You Can Do to Prevent a Virus Attack In this section you learn about viruses
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationANTI-VIRUS POLICY OCIO-6006-09 TABLE OF CONTENTS
OCIO-6006-09 Date of Issuance: May 22, 2009 Effective Date: May 22, 2009 Review Date: Section I. Purpose II. Authority III. Scope IV. Definitions V. Policy VI. Roles and Responsibilities VII. Exceptions
More informationUNESCO-IHE Code of Conduct regarding Information Technology (IT)
UNESCO-IHE Code of Conduct regarding Information Technology (IT) Introduction The use of computers within all the domains of UNESCO-IHE (education, research, administration, projects and marketing & communications)
More informationNetwork and Workstation Acceptable Use Policy
CONTENT: Introduction Purpose Policy / Procedure References INTRODUCTION Information Technology services including, staff, workstations, peripherals and network infrastructures are an integral part of
More informationDOCUMENT CONTROL PAGE
DOCUMENT CONTROL PAGE Title: Title Version: 0.2a Reference Number: Supersedes Supersedes: IT Encryption and Security Policy and Guidelines Description of Amendment(s): Clarification of document approval
More informationYMDDIRIEDOLAETH GIG CEREDIGION A CHANOLBARTH CYMRU CEREDIGION AND MID WALES NHS TRUST PC SECURITY POLICY
YMDDIRIEDOLAETH GIG CEREDIGION A CHANOLBARTH CYMRU CEREDIGION AND MID WALES NHS TRUST PC SECURITY POLICY Author Head of IT Equality impact Low Original Date September 2003 Equality No This Revision September
More informationHow To Ensure Your School Is Safe Online
Ivy Road Primary School Policy for e-safety Updated - 2014 1. Introduction Pupils interact with the internet and other communications technologies such as mobile phones on a daily basis. The exchange of
More informationDATA AND PAYMENT SECURITY PART 1
STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of
More informationInformation Technology Security Policies
Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral
More informationWorking Together Aiming High!
Poplar Street Primary School ICT Security and Acceptable Use Policy E-Safety policy 2013/14 Working Together Aiming High! 1 Contents 1. Introduction... 3 2. Policy Objectives... 3 3. Application... 3 4.
More informationE-SAFETY POLICY 2014/15 Including:
E-SAFETY POLICY 2014/15 Including: Staff ICT policy (Corporation approved) Data protection policy (Corporation approved) Staff guidelines for Data protection Data Security, awareness raising Acceptable
More informationHAZELDENE LOWER SCHOOL
HAZELDENE LOWER SCHOOL POLICY AND PROCEDURES FOR MONITORING EQUIPMENT AND APPROPRIATE ICT USE WRITTEN MARCH 2015 SIGNED HEADTEACHER SIGNED CHAIR OF GOVERNORS DATE.. DATE. TO BE REVIEWED SEPTEMBER 2016
More informationINFORMATION SECURITY POLICY
INFORMATION SECURITY POLICY Rev Date Purpose of Issue/ Description of Change Equality Impact Assessment Completed 1. June 2011 Initial Issue 2. 29 th March 2012 Second Version 3. 15 th April 2013 Third
More informationSummary Electronic Information Security Policy
University of Chichester Summary Electronic Information Security Policy 2015 Summary Electronic Information Security Policy Date of Issue 24 December 2015 Policy Owner Head of ICT, Strategy and Architecture
More informationICT POLICY AND PROCEDURE
ICT POLICY AND PROCEDURE POLICY STATEMENT St Michael s College regards the integrity of its computer resources, including hardware, databases and software, as central to the needs and success of our day-to-day
More informationCITY OF BOULDER *** POLICIES AND PROCEDURES
CITY OF BOULDER *** POLICIES AND PROCEDURES CONNECTED PARTNER EFFECTIVE DATE: SECURITY POLICY LAST REVISED: 12/2006 CHRISS PUCCIO, CITY IT DIRECTOR CONNECTED PARTNER SECURITY POLICY PAGE 1 OF 9 Table of
More informationInformation Security Policy London Borough of Barnet
Information Security Policy London Borough of Barnet DATA PROTECTION 11 Document Control POLICY NAME Document Description Information Security Policy Policy which sets out the council s approach to information
More informationU.S. Department of the Interior's Federal Information Systems Security Awareness Online Course
U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course Rules of Behavior Before you print your certificate of completion, please read the following Rules of Behavior
More informationCyber Security Awareness
Cyber Security Awareness User IDs and Passwords Home Computer Protection Protecting your Information Firewalls Malicious Code Protection Mobile Computing Security Wireless Security Patching Possible Symptoms
More informationComputing Guide. How to set up McAfee virus scanning software and become computer virus savvy
Computing Guide THE LIBRARY www.salford.ac.uk/library How to set up McAfee virus scanning software and become computer virus savvy A virus infection of your workstation can seriously disrupt your learning,
More informationSmall businesses: What you need to know about cyber security
Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...
More informationInformation Incident Management Policy
Information Incident Management Policy Change History Version Date Description 0.1 04/01/2013 Draft 0.2 26/02/2013 Replaced procedure details with broad principles 0.3 27/03/2013 Revised following audit
More informationInformation Services. Protecting information. It s everyone s responsibility
Information Services Protecting information It s everyone s responsibility Protecting information >> Contents >> Contents Introduction - we are all responsible for protecting information 03 The golden
More informationNotice: Page 1 of 11. Internet Acceptable Use Policy. v1.3
Notice: Plymouth Community Healthcare Community Interest Company adopted all Provider policies from NHS Plymouth when it became a new organisation on 1 October 2011. Please note that policies will be reviewed
More informationBCS IT User Syllabus IT Security for Users Level 2. Version 1.0
BCS IT User Syllabus IT for Users Level 2 Version 1.0 June 2009 ITS2.1 System Performance ITS2.1.1 Unwanted messages ITS2.1.2 Malicious ITS2.1.1.1 ITS2.1.1.2 ITS2.1.2.1 ITS2.1.2.2 ITS2.1.2.3 ITS2.1.2.4
More informationInformation Systems Acceptable Use Policy for Learners
Information Systems Acceptable Use Policy for Learners 1. Introduction 1.1. Morley College is committed to providing learners with easy access to computing and photocopying facilities. However it needs
More informationWhat you can do prevent virus infections on your computer
What you can do prevent virus infections on your computer A computer virus is program code which 'hides' in other files and can cause irreparable damage to your computer. Computer viruses spread easily
More informationHuman Resources Policy documents. Data Protection Policy
Policy documents Aims of the Policy apetito is committed to meeting its obligations under data protection law. As a business, apetito handles a range of Personal Data relating to its customers, staff and
More informationRemote Working and Portable Devices Policy
Remote Working and Portable Devices Policy Policy ID IG04 Version: V1 Date ratified by Governing Body 29/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review
More informationInformation Governance Policy (incorporating IM&T Security)
(incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationData Encryption Policy
Data Encryption Policy Please be aware that this printed version of the Policy may NOT be the latest version. Staff are reminded that they should always refer to the Intranet for the latest version. Purpose
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Policy for the electronic transfer of Person Identifiable Data - harmonised Version: 5 Reference Number: CO51 Supersedes Supersedes: 4 Description of Amendment(s):
More informationTECHNICAL VULNERABILITY & PATCH MANAGEMENT
INFORMATION SECURITY POLICY TECHNICAL VULNERABILITY & PATCH MANAGEMENT ISO 27002 12.6.1 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-12.6.1 Version No: 1.1 Date: 1 st
More informationINTERNET, E-MAIL USE AND
INTERNET, E-MAIL AND TELEPHONE USE AND MONITORING POLICY Originated by: Customer Services LJCC: 10 th April 2008 Full Council: June 2008 Implemented: June 2008 1.0 Introduction and Aim 1.1 The aim of this
More informationUniversity of Liverpool
University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October
More informationCyber Security Awareness
Cyber Security Awareness William F. Pelgrin Chair Page 1 Introduction Information is a critical asset. Therefore, it must be protected from unauthorized modification, destruction and disclosure. This brochure
More informationDATA PROTECTION AND DATA STORAGE POLICY
DATA PROTECTION AND DATA STORAGE POLICY 1. Purpose and Scope 1.1 This Data Protection and Data Storage Policy (the Policy ) applies to all personal data collected and dealt with by Centre 404, whether
More information2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy
Version History Author Approved Committee Version Status date Eddie Jefferson 09/15/2009 Full Governing 1.0 Final Version Body Eddie Jefferson 18/08/2012 Full Governing Body 2.0 Emended due to the change
More informationSUPREME COURT OF COLORADO OFFICE OF THE CHIEF JUSTICE
SUPREME COURT OF COLORADO OFFICE OF THE CHIEF JUSTICE Directive Concerning the Colorado Judicial Department Electronic Communications Usage Policy: Technical, Security, And System Management Concerns This
More informationPolicy Document. Communications and Operation Management Policy
Policy Document Communications and Operation Management Policy [23/08/2011] Page 1 of 11 Document Control Organisation Redditch Borough Council Title Communications and Operation Management Policy Author
More informationRotherham CCG Network Security Policy V2.0
Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October
More informationMOBILE COMPUTING & REMOTE WORKING POLICY AND PROCEDURE. Documentation Control. Consultation undertaken Information Governance Committee
MOBILE COMPUTING & REMOTE WORKING POLICY AND PROCEDURE Documentation Control Reference GG/INF/020 Date Approved 13 Approving Body Directors Group Implementation date 13 Supersedes Not Applicable Consultation
More informationEMERSON PARK ACADEMY
1 ACCEPTABLE USE POLICY (AUP) EMERSON PARK ACADEMY (Signature of Headteacher) 1 St September 2014 2 ACCEPTABLE USE POLICY EMERSON PARK ACADEMY 'Acceptable and Responsible Use of ICT Resources' Contents
More informationRemote Access and Network Security Statement For Apple
Remote Access and Mobile Working Policy & Guidance Document Control Document Details Author Adrian Last Company Name The Crown Estate Division Name Information Services Document Name Remote Access and
More informationResponsible Computer Use Policy for Students
Responsible Computer Use Policy for Students Introduction By using the Sheldon College Network and ICT Services students agree to accept the terms and conditions outlined in this document. This policy
More informationInformation Security Incident Management Policy and Procedure
Information Security Incident Management Policy and Procedure Version Final 1.0 Document Control Organisation Title Author Filename Owner Subject Protective Marking North Dorset District Council IT Infrastructure
More informationSOFTWARE LICENSING POLICY
SOFTWARE LICENSING POLICY Version 12/12/2012 University of Birmingham 2012 David Deighton, IT Services CONTENTS 1. Policy on Software Licensing... 3 1.1 Software Licensing Compliance... 3 1.2 Software
More informationInformation Security and Electronic Communications Acceptable Use Policy (AUP)
Policy No.: AUP v2.0 Effective Date: August 16, 2004 Revision Date: January 17, 2013 Revision No.: 1 Approval jwv / mkb Information Security and Electronic Communications (AUP) 1. INTRODUCTION Southwestern
More informationInformation Services. Regulations for the Use of Information Technology (IT) Facilities at the University of Kent
Scope Information Services Regulations for the Use of Information Technology (IT) Facilities at the University of Kent 1. These regulations apply to The Law All students registered at the University, all
More informationHow To Ensure Network Security
NETWORK SECURITY POLICY Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Page 1 of 12 Review and Amendment Log/Control Sheet Responsible Officer:
More informationICT Acceptable Use Policy
ICT Acceptable Use Policy Document Management Document Disclaimer This document is issued only for the purpose for which it is supplied. Document Owner This document is produced and owned by Staffordshire
More information