Acceptable Usage Guidelines. e-governance

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Acceptable Usage Guidelines. e-governance"

Transcription

1 Acceptable Usage Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India.

2 Document Control S/L Type of Information Document Data 1. Document Title e-gov Acceptable Usage Guidelines 2. Document Code GL_eGov_AU 3. Date of Release 4. Next Review Date 5. Document Revision Number 6. Document Owner DietY 7. Document Author(s) 8. Document Reference Document Approval Sr. No. Document Approver Approver Designation Approver ID Document Change History Version No. Revision Date Nature of Change Date of Approval For Internal Use Only Page 2 of 12

3 Table of Contents 1. INTRODUCTIO N SCOPE PURPOSE USAGE GUIDELINES GENERAL GUIDELINES FOR IT USAGE DESKTOP LEVEL GUIDELINES SOFTWARE LICENSE GUIDELINES INFORMATION DISCLOSURE GUIDELINES INCIDENT REPORTING GUIDELINES PASSWORD USAGE GUIDELINES PHYSICAL AND ENVIRONMENTAL SECURITY GUIDELINES DATA/ PRIVACY PROTECTION GUIDELINES INTERNET ACCESS GUIDELINES ACCESS GUIDELINES REF ERENCE INTRODUCTION For Internal Use Only Page 3 of 12

4 An acceptable usage guidelines is a set of instructions applied by the owner or manager of a network, website or large computer system that restrict the ways in which the network, website or system may be used. It is often used to reduce the potential for legal action that may be taken by a user, and often with little prospect of enforcement. 2. SCOPE This guideline is applicable to all employees, third parties, auditors etc. of e-gov service delivery. 3. PURPOSE The purpose of these guidelines is to guide all users of e-gov information systems on appropriate use of its assets & facilities deployed for providing e-gov services. This document will guide all users to decide what to do and what not to do during e-gov service delivery.it also helps to implement Acceptable Usage Policy (O.SP-4) mentioned in esafe GD ACCEPTABLE USAGE GUIDELINES This guidelines covers: General guidelines for IT Usage Desktop level guidelines Software License guidelines Information disclosure guidelines Incident reporting guidelines For Internal Use Only Page 4 of 12

5 Password usage guidelines Physical and Environmental Security guidelines Data/ Privacy protection guidelines Internet Access guidelines Access guidelines 4.1 GENERAL GUIDELINES FOR IT USAGE Users are accountable and responsible for judicious and ethical use of e-gov s IT Resources. Users will ensure that their actions do not compromise the security of company s valuable information assets and resources. Users will be, at all times, aware of e-gov s security policy and work towards meeting its objectives. Users will use e-gov s IT Resources for business purposes. Users will not misuse the IT resources, and actively prevent other users from doing so. Users will access only those resources, for which they are authorized. Users will treat data as a valuable organization asset and protect it with regular backups. 4.2 DESKTOP LEVEL GUIDELINES For Internal Use Only Page 5 of 12

6 Desktops/ laptops or any other IT resources provided to Users will be used only for official purpose Users will only use e-gov s approved software Users will always keep their desktop/ laptop suitably fastened/ locked when they are not at their desk. Adequate precautions should also be taken to ensure safe carriage of laptops during travel. In the event of a laptop being stolen, the concerned personnel will file a police report and subsequently inform the administration department Laptops will always be carried as hand luggage whilst travelling, and laptops will not be left on the desk or in the work area overnight Users will declare personal computing equipment (like CDs, pen drives, laptops etc) to the security guard before carrying them inside e-gov s premises. E-GOV will not be responsible for such personal computer equipment. Users using external internet connections on laptops will ensure that Anti-virus signatures are updated Personal firewalls are enabled on laptops Latest security patches are installed Classified data will not be copied to external portable media like USB s, CDs, etc without the permission of the respective department head Unacceptable Usage Users will not connect their personal laptops or mobile devices to the organization Network For Internal Use Only Page 6 of 12

7 Users will not install freeware or shareware which are not provided by the organization Users will not use external devices unless it is approved 4.3 SOFTWARE LICENSE GUIDELINES Users will ensure that their desktop has only licensed software. Unacceptable Usage Users will not download shareware or freeware from the Internet Users will not use any of E-GOV s software for personal use. 4.4 INFORMATION DISCLOSURE GUIDELINES If users accidentally come across unsecured sensitive information, they will inform their superior immediately. Users will follow the e-gov s Asset labelling and handling guidelines for labelling and handling confidential information. Unacceptable Usage Users will not discuss any company-related information with anyone who does not need to know. For Internal Use Only Page 7 of 12

8 Users will not access any information not related to their work. 4.5 INCIDENT REPORTING GUIDELINES Users will promptly report incidents related to information security to the IT helpdesk of their respective location. In case of misuse of IT assets and company confidential data, users will report the incidence to the immediate senior/ Department Head. In case of Non IT incidents like theft, fire, vandalism or, accidental or wilful destruction of information systems will report the incidence to the physical security and Department Head. User will report any software malfunction i.e. unpredictable behaviour to the Composite team (security). 4.6 PASSWORD USAGE GUIDELINES Acceptable Usage Users will adhere to the password management guidelines mentioned in Procedure for access to information and systems. Users will keep their password private and undertake the responsibility to maintain the confidentiality of their passwords. Passwords will be changed at regular intervals using the password change procedure The initial password provided by the administrator will be changed at first login Passwords to be changed at least once in 90 days for normal users. Password length minimum 8 characters (will contain alphabets as well as numbers) For Internal Use Only Page 8 of 12

9 Unacceptable Usage Users will not share their password with others. Users will not reuse his old passwords. 4.7 PHYSICAL AND ENVIRONMENTAL SECURITY GUIDELINES ID Badges should be displayed all times within organization premises ID Badge should be carried in such a manner that it is visible at all times Users will participate in safety drills organised by the organization Users should ensure that visitors are always escorted to and from the reception areas Unacceptable Usage: Users will not tailgate or allow tailgating in secured areas like server room Users will not lend or borrow access cards Users will not disregard safety instructions 4.8 DATA/ PRIVACY PROTECTION GUIDELINES Users will understand business/ contractual requirements of data protection from their respective managers or departmental heads. Users will classify information assets according to their level of sensitivity and handle the same accordingly For Internal Use Only Page 9 of 12

10 Users will protect vital physical records which contain business related information Users will take a backup of their data (mails, personal folders etc.) on a regular basis Unacceptable Usage: Users will not send business data related to the department to any third party Users will not use camera mobile phones in secured areas like server rooms Users will not leave confidential documents on the desk; instead it should be kept in a locked cabinet Users will not leave printouts unattended at the printer machine Users will not reveal information about organization s business details in white papers or presentations Users will not discuss official matters in public places 4.9 INTERNET ACCESS GUIDELINES Users will exercise caution while accessing internet connections protected by organization Users will adhere to organization's Internet Usage policies such as: Do not send/ receive/ view racial, sexually threatening, defamatory or harassing messages; Do not upload and download large files not related to business; Do not release computer viruses, worms, or Trojan horses, etc. Internet/ traffic logs may be maintained by the company without prior notice. This information can be used by the company to take disciplinary action against Users who have misused organisation s Internet, which may result in termination of services For Internal Use Only Page 10 of 12

11 Unacceptable Usage: Users will not use e-gov resources for non-business purposes like downloading songs, pictures, objectionable site contents Users will not connect to internet via data card while using organization network Usage of any kind of Internet chat services like MSN messenger, Yahoo chat, Rediff chat and social networking sites like Orkut, Face book etc is strictly prohibited Users will not participate in public chat session for official purpose. An explicit written permission should be obtained for a user to use the internet chat facility for official purposes. Appropriate disciplinary action will be initiated if any user is found to be using such service without permission. Users will be strictly prohibited from using any automated tools or any other means for gaining unauthorized entry into any third party systems or e-gov systems or any resource over the internet to which they do not have access rights Users are further prohibited from engaging in any activity that may result in disruption in operations of either e-gov or any third party computer systems ACCESS GUIDELINES Users will use organization only for official purposes Users will exercise caution in disclosing e-gov address to strangers Users will be cautious in opening attachments from suspicious addresses Users will report suspicious s to the helpdesk Users will archive mails and take regular backups For Internal Use Only Page 11 of 12

12 Users will follow the controls specified by the organization while accessing s from mobiles/ PDAs Users will report about spam to the helpdesk Unacceptable Usage: Users will not use s within the organization to harass Users Users will not send unwanted s to the outside world that project a wrong image of the organization. Users will not communicate with any third party which may potentially invite involvement of law enforcement agencies Users will not participate in chain s Users will not forward sensitive s containing e-gov information to the external world, even inadvertently Users will not register organization addresses on external websites 5. REFERENCE Acceptable usage policy (O.SP-4) in e SAFE All users including third parties should be aware on the usage policy and should be formally communicated to all of them. All users should follow rules of acceptable usage policy The acceptable usage policy should include the usage policy of electronic mail, internet and mobile devices, and other assets and information as applicable For Internal Use Only Page 12 of 12

Please note this policy is mandatory and staff are required to adhere to the content

Please note this policy is mandatory and staff are required to adhere to the content Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the

More information

Technology Department 1350 Main Street Cambria, CA 93428

Technology Department 1350 Main Street Cambria, CA 93428 Technology Department 1350 Main Street Cambria, CA 93428 Technology Acceptable Use and Security Policy The Technology Acceptable Use and Security Policy ( policy ) applies to all CUSD employees and any

More information

UNESCO-IHE Code of Conduct regarding Information Technology (IT)

UNESCO-IHE Code of Conduct regarding Information Technology (IT) UNESCO-IHE Code of Conduct regarding Information Technology (IT) Introduction The use of computers within all the domains of UNESCO-IHE (education, research, administration, projects and marketing & communications)

More information

INFORMATION TECHNOLOGY Policy 8400 (Regulation 8400) Data Security

INFORMATION TECHNOLOGY Policy 8400 (Regulation 8400) Data Security INFORMATION TECHNOLOGY Policy 8400 (Regulation 8400) Data Security State Fair Community College shall provide a central administrative system for use in data collection and extraction. Any system user

More information

Information Security Code of Conduct

Information Security Code of Conduct Information Security Code of Conduct IT s up to us >Passwords > Anti-Virus > Security Locks >Email & Internet >Software >Aon Information >Data Protection >ID Badges > Contents Aon Information Security

More information

Newcastle University Information Security Procedures Version 3

Newcastle University Information Security Procedures Version 3 Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations

More information

Information Security and Electronic Communications Acceptable Use Policy (AUP)

Information Security and Electronic Communications Acceptable Use Policy (AUP) Policy No.: AUP v2.0 Effective Date: August 16, 2004 Revision Date: January 17, 2013 Revision No.: 1 Approval jwv / mkb Information Security and Electronic Communications (AUP) 1. INTRODUCTION Southwestern

More information

Information Technology Acceptable Use Policy

Information Technology Acceptable Use Policy Information Technology Acceptable Use Policy Overview The information technology resources of Providence College are owned and maintained by Providence College. Use of this technology is a privilege, not

More information

Reynoldsburg City Schools Computer and Technology Acceptable Use Policy Staff, Volunteers and Students

Reynoldsburg City Schools Computer and Technology Acceptable Use Policy Staff, Volunteers and Students Reynoldsburg City Schools Computer and Technology Acceptable Use Policy Staff, Volunteers and Students AUP Sections 1. Acceptable Use 2. Privileges 3. Internet Access 4. Procedures & Caveats 5. Netiquette

More information

The Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3

The Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3 Table of Contents 1 Acceptable use 1 Violations 1 Administration 1 Director and Supervisor Responsibilities 1 MIS Director Responsibilities 1 The Internet and e-mail 2 Acceptable use 2 Unacceptable use

More information

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0 BCS IT User Syllabus IT for Users Level 2 Version 1.0 June 2009 ITS2.1 System Performance ITS2.1.1 Unwanted messages ITS2.1.2 Malicious ITS2.1.1.1 ITS2.1.1.2 ITS2.1.2.1 ITS2.1.2.2 ITS2.1.2.3 ITS2.1.2.4

More information

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy Version History Author Approved Committee Version Status date Eddie Jefferson 09/15/2009 Full Governing 1.0 Final Version Body Eddie Jefferson 18/08/2012 Full Governing Body 2.0 Emended due to the change

More information

Information Technology Acceptable Use Policies and Procedures

Information Technology Acceptable Use Policies and Procedures Information Technology Acceptable Use Policies and Procedures The following Information Technology Acceptable Use Policies and Procedures are to be followed by ALL employees, contractors, vendors, and

More information

A Guide to Information Technology Security in Trinity College Dublin

A Guide to Information Technology Security in Trinity College Dublin A Guide to Information Technology Security in Trinity College Dublin Produced by The IT Security Officer & Training and Publications 2003 Web Address: www.tcd.ie/itsecurity Email: ITSecurity@tcd.ie 1 2

More information

Information Security Handbook for Employees

Information Security Handbook for Employees Information Security Handbook for Employees Providing our patients with excellence in healthcare includes protecting their information This handbook was prepared by Tom Walsh Consulting, LLC for the Kansas

More information

State of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE IT RESOURCES POLICY

State of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE IT RESOURCES POLICY State of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE IT RESOURCES POLICY Effective December 15, 2008 State of Illinois Department of Central Management Services Bureau

More information

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Information Security Policy September 2009 Newman University IT Services. Information Security Policy Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms

More information

Senior School 1 PURPOSE 2 SCOPE 3 SCHOOL RESPONSIBILITIES

Senior School 1 PURPOSE 2 SCOPE 3 SCHOOL RESPONSIBILITIES Senior School 1 PURPOSE The policy defines and describes the acceptable use of ICT (Information and Communications Technology) and mobile phones for school-based employees. Its purpose is to minimise the

More information

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee Software Policy Approved by School Committee General Statement of Policy The Medford Public Schools licenses the use of computer software from a variety of third parties. Such software is normally copyrighted

More information

Acceptable Use of Information Technology Policy

Acceptable Use of Information Technology Policy Acceptable Use of Information Technology Policy Date created: January 2006 Updated Review date: April June 2008 Review date: Oct Dec 2009 Introduction VAW provides IT facilities for promoting its charitable

More information

NC DPH: Computer Security Basic Awareness Training

NC DPH: Computer Security Basic Awareness Training NC DPH: Computer Security Basic Awareness Training Introduction and Training Objective Our roles in the Division of Public Health (DPH) require us to utilize our computer resources in a manner that protects

More information

Information Security

Information Security Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff

More information

Information Technology Acceptable Use Policies

Information Technology Acceptable Use Policies White Paper: Information Technology Acceptable Use Policies A practical guide for protecting IT assets from the largest single IT Security threat inappropriate use of IT services, including desktops, email,

More information

Service Children s Education

Service Children s Education Service Children s Education Data Handling and Security Information Security Audit Issued January 2009 2009 - An Agency of the Ministry of Defence Information Security Audit 2 Information handling and

More information

HAZELDENE LOWER SCHOOL

HAZELDENE LOWER SCHOOL HAZELDENE LOWER SCHOOL POLICY AND PROCEDURES FOR MONITORING EQUIPMENT AND APPROPRIATE ICT USE WRITTEN MARCH 2015 SIGNED HEADTEACHER SIGNED CHAIR OF GOVERNORS DATE.. DATE. TO BE REVIEWED SEPTEMBER 2016

More information

5. Users of ITS are the persons described above under Policy Application of the diocese of Springfield in Illinois.

5. Users of ITS are the persons described above under Policy Application of the diocese of Springfield in Illinois. Diocese of Springfield in Illinois Section I General Statement 1. Information Technology Systems (ITS), when properly used, provide timely communication and technological support to help fulfill the mission

More information

13. Acceptable Use Policy

13. Acceptable Use Policy To view the complete Information and Security Policies and Procedures, log into the Intranet through the IRSC.edu website. Click on the Institutional Technology (IT) Department link, then the Information

More information

Berwick Academy Policy on E Safety

Berwick Academy Policy on E Safety Berwick Academy Policy on E Safety Overview The purpose of this document is to describe the rules and guidance associated with E Safety and the procedures to be followed in the event of an E Safety incident

More information

Data Management Policies. Sage ERP Online

Data Management Policies. Sage ERP Online Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...

More information

University for the Creative Arts. Mobile Working and Remote Access Policy

University for the Creative Arts. Mobile Working and Remote Access Policy Mobile Working and Remote Access Policy Version 1.0 Date: 20 July 2009 Document History Version History 1.0 20 July 2009 Approved for publication by the IS Board after E&FC approval in June 2009 Title:

More information

Information Security Policy

Information Security Policy Information Security Policy Touro College/University ( Touro ) is committed to information security. Information security is defined as protection of data, applications, networks, and computer systems

More information

OHIO VALLEY EDUCATIONAL COOPERATIVE TECHNOLOGY ACCEPTABLE USE POLICY

OHIO VALLEY EDUCATIONAL COOPERATIVE TECHNOLOGY ACCEPTABLE USE POLICY OHIO VALLEY EDUCATIONAL COOPERATIVE TECHNOLOGY ACCEPTABLE USE POLICY 03.13211 Referenced by OVEC Policy Manual and OVEC Employee Handbook Version 2.0.0 2/12/2014 Section headings: 1. Introductory paragraph

More information

DEPARTMENT OF COMMUNITY AND GOVERNMENT SERVICES (CGS) ACCEPTABLE EMAIL & INTERNET USAGE POLICY POLICY STATEMENT

DEPARTMENT OF COMMUNITY AND GOVERNMENT SERVICES (CGS) ACCEPTABLE EMAIL & INTERNET USAGE POLICY POLICY STATEMENT POLICY STATEMENT The purpose of this Policy is to establish the rules of acceptable use of Government of Nunavut networks and Internet services including E-mail, web-browsing, remote access, file transfer,

More information

TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE

TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE GENERAL STATEMENT TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE 1.1 The Council recognises the increasing importance of the Internet and email, offering opportunities for improving

More information

EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY

EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY This is a statement of The New York Institute for Special Education s (NYISE s) policy related to employees Computer Network and Internet

More information

TIME SYSTEM SECURITY AWARENESS HANDOUT

TIME SYSTEM SECURITY AWARENESS HANDOUT WISCONSIN TIME SYSTEM Training Materials TIME SYSTEM SECURITY AWARENESS HANDOUT Revised 11/21/13 2014 Security Awareness Handout All System Security The TIME/NCIC Systems are criminal justice computer

More information

51 JS-R STUDENT USE OF INFORMATION TECHNOLOGY RESOURCES

51 JS-R STUDENT USE OF INFORMATION TECHNOLOGY RESOURCES Page 1 of 5 Purpose This regulation implements Board policy JS by setting forth specific procedures, requirements and restrictions and conditions governing student use of District Information Technology

More information

Information Technology Acceptable Use and Safeguards

Information Technology Acceptable Use and Safeguards Approved by: Information Technology Acceptable Use and Safeguards President and Chief Executive Officer Corporate Policy & Procedures Manual Number: X-50 Date Approved May 12, 2014 Next Review (3 years

More information

This policy applies to all departments, agencies and employees of the Government of Nunavut, and those contracted to provide services to the GN.

This policy applies to all departments, agencies and employees of the Government of Nunavut, and those contracted to provide services to the GN. COMMUNITY AND GOVERNMENT SERVICES ACCEPTABLE E-MAIL & INTERNET USAGE POLICY Introduction The use of e-mail and Internet has become an essential business tool used by the Government of Nunavut (GN) that

More information

Peace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users

Peace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users Table of Contents... 1 A. Accountability... 1 B. System Use Notification (Login Banner)... 1 C. Non-... 1 D. System Access... 2 E. User IDs... 2 F. Passwords... 2 G. Electronic Information... 3 H. Agency

More information

Date Board Approved: 06/25/13 Date Revised: 05/21/13 Department/Individual Responsible for Maintaining Policy:

Date Board Approved: 06/25/13 Date Revised: 05/21/13 Department/Individual Responsible for Maintaining Policy: OVERVIEW This policy is applicable to Ameris Bank and all officers and employees thereof. Employees who violate any of the guidelines set in the policy may be subject to disciplinary action including written

More information

Dene Community School of Technology Staff Acceptable Use Policy

Dene Community School of Technology Staff Acceptable Use Policy Policy Overview Dene Community School of Technology The school provides computers for use by staff as an important tool for teaching, learning, and administration of the school. Use of school computers,

More information

THE RICE MARKETING BOARD FOR THE STATE OF NEW SOUTH WALES RESPONSIBLE COMPUTING POLICY

THE RICE MARKETING BOARD FOR THE STATE OF NEW SOUTH WALES RESPONSIBLE COMPUTING POLICY THE RICE MARKETING BOARD FOR THE STATE OF NEW SOUTH WALES RESPONSIBLE COMPUTING POLICY Version Author Date Approved by Board 2009-1 Gillian Kirkup 24 March 2010 Page 1 of 8 THE RICE MARKETING BOARD FOR

More information

Physical Security Policy

Physical Security Policy Physical Security Policy Author: Policy & Strategy Team Version: 0.8 Date: January 2008 Version 0.8 Page 1 of 7 Document Control Information Document ID Document title Sefton Council Physical Security

More information

Franciscan University of Steubenville Information Security Policy

Franciscan University of Steubenville Information Security Policy Franciscan University of Steubenville Information Security Policy Scope This policy is intended for use by all personnel, contractors, and third parties assisting in the direct implementation, support,

More information

K-20 Network Acceptable Use Guidelines/Internet Safety Requirements

K-20 Network Acceptable Use Guidelines/Internet Safety Requirements Page 1 of 5 K-20 Network Acceptable Use Guidelines/Internet Safety Requirements These procedures are written to support the Electronic Resources Policy of the board of directors and to promote positive

More information

Network Security Guidelines. e-governance

Network Security Guidelines. e-governance Network Security Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type

More information

Information Security Policy for Associates and Contractors

Information Security Policy for Associates and Contractors Policy for Associates and Contractors Version: 1.12 Status: Issued Date: 30 July 2015 Reference: 61418080 Location: Livelink Review cycle: Annual Contents Introduction... 3 Purpose... 3 Scope... 3 Responsibilities...

More information

All Users of DCRI Computing Equipment and Network Resources

All Users of DCRI Computing Equipment and Network Resources July 21, 2015 MEMORANDUM To: From Subject: All Users of DCRI Computing Equipment and Network Resources Eric Peterson, MD, MPH, Director, DCRI Secure System Usage The purpose of this memorandum is to inform

More information

The City reserves the right to inspect any and all files stored in private areas of the network in order to assure compliance.

The City reserves the right to inspect any and all files stored in private areas of the network in order to assure compliance. 1.0 PURPOSE: Internet access to global electronic information sources on the World Wide Web is provided by the City of Battle Creek to assist in obtaining work-related data and technology. The following

More information

DATA PROTECTION AND DATA STORAGE POLICY

DATA PROTECTION AND DATA STORAGE POLICY DATA PROTECTION AND DATA STORAGE POLICY 1. Purpose and Scope 1.1 This Data Protection and Data Storage Policy (the Policy ) applies to all personal data collected and dealt with by Centre 404, whether

More information

THE OPEN UNIVERSITY OF TANZANIA INSTITUTE OF EDUCATIONAL AND MANAGEMENT TECHNOLOGIES. ICT security procedures for staff

THE OPEN UNIVERSITY OF TANZANIA INSTITUTE OF EDUCATIONAL AND MANAGEMENT TECHNOLOGIES. ICT security procedures for staff THE OPEN UNIVERSITY OF TANZANIA INSTITUTE OF EDUCATIONAL AND MANAGEMENT TECHNOLOGIES ICT security procedures for staff October 2014 1.1 Information Systems Usage Guidelines 1.1.1 Users and Computers Accounts

More information

Guide to INFORMATION SECURITY FOR THE HEALTH CARE SECTOR

Guide to INFORMATION SECURITY FOR THE HEALTH CARE SECTOR Guide to INFORMATION SECURITY FOR THE HEALTH CARE SECTOR Information and Resources for Small Medical Offices Introduction The Personal Health Information Protection Act, 2004 (PHIPA) is Ontario s health-specific

More information

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course Rules of Behavior Before you print your certificate of completion, please read the following Rules of Behavior

More information

Career Connection, Inc. Data Privacy. Bringing Talent Together With Opportunity

Career Connection, Inc. Data Privacy. Bringing Talent Together With Opportunity Career Connection, Inc. Data Privacy Objectives This course is intended for CCI employees. The course gives guidance on data privacy concepts and describes how data privacy is relevant when delivering

More information

POLICIES AND REGULATIONS Policy #78

POLICIES AND REGULATIONS Policy #78 Peel District School Board POLICIES AND REGULATIONS Policy #78 DIGITAL CITIZENSHIP Digital Citizenship Digital citizenship is defined as the norms of responsible behaviour related to the appropriate use

More information

Acceptable Use of Information Systems Standard. Guidance for all staff

Acceptable Use of Information Systems Standard. Guidance for all staff Acceptable Use of Information Systems Standard Guidance for all staff 2 Equipment security and passwords You are responsible for the security of the equipment allocated to, or used by you, and must not

More information

Network and Workstation Acceptable Use Policy

Network and Workstation Acceptable Use Policy CONTENT: Introduction Purpose Policy / Procedure References INTRODUCTION Information Technology services including, staff, workstations, peripherals and network infrastructures are an integral part of

More information

Computers and Internet Policy and Procedure

Computers and Internet Policy and Procedure Computers and Internet Policy and Procedure Computers and Internet Policy and Procedure Modification history Date Modification Person responsible 18/01/12 Modification of existing policy Roger Stevens

More information

Network and Internet Access Agreement for Students

Network and Internet Access Agreement for Students Dublin City School District Network and Internet Access Agreement for Students Property Page 1 of 7 Any student age 18 and older is to read this form (). Page 5 of this form should then be completed and

More information

TECHNOLOGY USAGE POLICY

TECHNOLOGY USAGE POLICY TECHNOLOGY USAGE POLICY Computer Usage Policy (CUP). 2 Aims/Objectives. 2 General.. 2 Student Responsibilities 2 Monitoring 3 Access Violations... 3 Personal Devices 3 Internet Safety: Acceptable Usage

More information

APPROVED BY: Signatures on File Chief Information Officer APPROVED BY: Chief Financial Officer PURPOSE

APPROVED BY: Signatures on File Chief Information Officer APPROVED BY: Chief Financial Officer PURPOSE TITLE: COMPUTER USE POLICY PAGE 1 OF 5 EFFECTIVE DATE: 07/2001 REVIEW DATES: 02/2003, 09/2006 REVISION DATES: 03/2005, 03/2008 DISTRIBUTION: All Departments PURPOSE APPROVED BY: Signatures on File Chief

More information

Estate Agents Authority

Estate Agents Authority INFORMATION SECURITY AND PRIVACY PROTECTION POLICY AND GUIDELINES FOR ESTATE AGENTS Estate Agents Authority The contents of this document remain the property of, and may not be reproduced in whole or in

More information

DHHS Information Technology (IT) Access Control Standard

DHHS Information Technology (IT) Access Control Standard DHHS Information Technology (IT) Access Control Standard Issue Date: October 1, 2013 Effective Date: October 1,2013 Revised Date: Number: DHHS-2013-001-B 1.0 Purpose and Objectives With the diversity of

More information

Cellular/Smart Phone Use Procedure

Cellular/Smart Phone Use Procedure Number 1. Purpose This procedure is performed as a means of ensuring the safe and efficient use of cell/smart phones throughout West Coast District Health Board (WCDHB) facilities. 2. Application This

More information

Information Technology Security Policies

Information Technology Security Policies Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Electronic Communications Guidance for School Staff 2013/2014

Electronic Communications Guidance for School Staff 2013/2014 Our Lady of Lourdes and St Patrick s Catholic Primary Schools Huddersfield Electronic Communications Guidance for School Staff 2013/2014 Updated September 2013 Contents 1. Introduction 2. Safe and responsible

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three Data Handling in University Information Classification and Handling Agenda Background People-Process-Technology

More information

Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS

Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS 1. Purpose This directive establishes the Department of Homeland

More information

Kenmore State High School Student Laptop Charter

Kenmore State High School Student Laptop Charter Kenmore State High School Student Laptop Charter 2 Contents Student Laptop Charter... 4 Loan equipment... 4 Equipment ownership... 5 Fee for provision of laptop... 5 Laptop care... 6 Data security... 6

More information

Effective Date: Subject Matter Experts / Approval(s): TAC: LASO: C/ISO: Front Desk: Technology Support Lead: Agency Head:

Effective Date: Subject Matter Experts / Approval(s): TAC: LASO: C/ISO: Front Desk: Technology Support Lead: Agency Head: Policy Title: Effective Date: Revision Date: Subject Matter Experts / Approval(s): TAC: LASO: C/ISO: Front Desk: Technology Support Lead: Agency Head: Every 2 years or as needed Purpose: The purpose of

More information

ASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010

ASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010 ASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010 OBJECTIVE This Security Plan (the Plan ) is intended to create effective administrative, technical and physical safeguards for the protection

More information

HIPAA Security Training Manual

HIPAA Security Training Manual HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,

More information

MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT

MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT TO: John Phillips, City Manager Number: 04-020 SUBJECT: Computer Network, Internet and E-Mail Access Policy Date: 9/903 Attached is copy of the Information

More information

MARIN COUNTY OFFICE OF EDUCATION. EDUCATIONAL INTERNET ACCOUNT Acceptable Use Agreement TERMS AND CONDITIONS

MARIN COUNTY OFFICE OF EDUCATION. EDUCATIONAL INTERNET ACCOUNT Acceptable Use Agreement TERMS AND CONDITIONS MARIN COUNTY OFFICE OF EDUCATION EDUCATIONAL INTERNET ACCOUNT Acceptable Use Agreement TERMS AND CONDITIONS Please read the following carefully before signing this document. INTERNET access is coordinated

More information

Rocklin Unified School District Employee Authorized Network, Internet Usage, and E-Mail Privacy Agreement

Rocklin Unified School District Employee Authorized Network, Internet Usage, and E-Mail Privacy Agreement Rocklin Unified School District Employee Authorized Network, Internet Usage, and E-Mail Privacy Agreement Please read this document carefully before signing: A. Upon employment all individuals permitted

More information

Pierce County Policy on Computer Use and Information Systems

Pierce County Policy on Computer Use and Information Systems Pierce County Policy on Computer Use and Information Systems Pierce County provides a variety of information technology resources such as computers, software, printers, scanners, copiers, electronic mail

More information

Information Incident Management Policy

Information Incident Management Policy Information Incident Management Policy Change History Version Date Description 0.1 04/01/2013 Draft 0.2 26/02/2013 Replaced procedure details with broad principles 0.3 27/03/2013 Revised following audit

More information

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This

More information

e-governance Password Management Guidelines Draft 0.1

e-governance Password Management Guidelines Draft 0.1 e-governance Password Management Guidelines Draft 0.1 DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S.

More information

Student & Staff Access and Use of Networked Information Resources and Communications

Student & Staff Access and Use of Networked Information Resources and Communications Page 1 of 6 These procedures are written to support the Electronic Resources Policy of the board of directors and to promote positive and effective digital citizenship among students and staff. Digital

More information

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by: Tameside Metropolitan Borough Council ICT Security Policy for Schools Adopted by: 1. Introduction 1.1. The purpose of the Policy is to protect the institution s information assets from all threats, whether

More information

School Information Security Policy

School Information Security Policy School Information Security Policy Created By: Newport Education Service Date Created: 22 December 2009 Version: V1.0 Contents Background... 3 IT Infrastructure... 3 IT Access... 3 Acceptable use policy...

More information

MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY

MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY MEMORANDUM TO: FROM: RE: Employee Human Resources MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY Please find attached the above referenced policy that is being issued to each

More information

University of Northern Colorado. Data Security Policy for Research Projects

University of Northern Colorado. Data Security Policy for Research Projects University of Northern Colorado Data Security Policy for Research Projects Contents 1.0 Overview... 1 2.0 Purpose... 1 3.0 Scope... 1 4.0 Definitions, Roles, and Requirements... 1 5.0 Sources of Data...

More information

BOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy

BOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy BOARD OF DIRECTORS PAPER COVER SHEET Meeting date: 22 February 2006 Agenda item:7 Title: Purpose: The Trust Board to approve the updated Summary: The Trust is required to have and update each year a policy

More information

Information Security Policy. Policy and Procedures

Information Security Policy. Policy and Procedures Information Security Policy Policy and Procedures Issue Date February 2013 Revision Date February 2014 Responsibility/ Main Point of Contact Neil Smedley Approved by/date Associated Documents Acceptable

More information

PROGRAM R 2361/Page 1 of 12 ACCEPTABLE USE OF COMPUTERS NETWORKS/COMPUTERS AND RESOURCES

PROGRAM R 2361/Page 1 of 12 ACCEPTABLE USE OF COMPUTERS NETWORKS/COMPUTERS AND RESOURCES R 2361/Page 1 of 12 R 2361 ACCEPTABLE USE OF COMPUTER NETWORKS/COMPUTERS AND RESOURCES The school district provides computer equipment, computer services, and Internet access to its pupils and staff for

More information

Supplier Information Security Addendum for GE Restricted Data

Supplier Information Security Addendum for GE Restricted Data Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,

More information

Computing Services Information Security Office. Security 101

Computing Services Information Security Office. Security 101 Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification,

More information

NAZARETH CATHOLIC COLLEGE 1-1 LAPTOP PROGRAM Policies & Procedures. (March 2012)

NAZARETH CATHOLIC COLLEGE 1-1 LAPTOP PROGRAM Policies & Procedures. (March 2012) NAZARETH CATHOLIC COLLEGE 1-1 LAPTOP PROGRAM Policies & Procedures (March 2012) Contents Ownership... 3 Privately-owned devices... 4 Optional peripherals... 4 Warranty & Insurance... 4 Stolen or Lost Laptops...

More information

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis Information Security Risk Assessment Checklist A High-Level Tool to Assist USG Institutions with Risk Analysis Updated Oct 2008 Introduction Information security is an important issue for the University

More information

INFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c

INFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c INFORMATION SECURITY MANAGEMENT SYSTEM Version 1c Revised April 2011 CONTENTS Introduction... 5 1 Security Policy... 7 1.1 Information Security Policy... 7 1.2 Scope 2 Security Organisation... 8 2.1 Information

More information

Valmeyer Community Unit School District #3 Acceptable Use Of Computers and Networks

Valmeyer Community Unit School District #3 Acceptable Use Of Computers and Networks Valmeyer Community Unit School District #3 Acceptable Use Of Computers and Networks The Valmeyer Community Unit School District #3 Board of Education supports the use of the Internet and other computer

More information

Section 5 Identify Theft Red Flags and Address Discrepancy Procedures Index

Section 5 Identify Theft Red Flags and Address Discrepancy Procedures Index Index Section 5.1 Purpose.... 2 Section 5.2 Definitions........2 Section 5.3 Validation Information.....2 Section 5.4 Procedures for Opening New Accounts....3 Section 5.5 Procedures for Existing Accounts...

More information

CITY OF MARLBOROUGH MARLBOROUGH, MASSACHUSETTS 01752-3812

CITY OF MARLBOROUGH MARLBOROUGH, MASSACHUSETTS 01752-3812 CITY OF MARLBOROUGH MARLBOROUGH, MASSACHUSETTS 01752-3812 APPLICATION FOR INTERNET ACCESS To obtain Internet Access, complete the following form, sign and obtain department head signature and return to

More information

Administrative Procedures Manual. Management Information Services

Administrative Procedures Manual. Management Information Services I-23.10 Management Information Services The College owns and operates a local area network (LAN) that connects the College's computing hardware and services. Computing hardware refers to any device that

More information

Box Hill Senior Secondary College/MYSC

Box Hill Senior Secondary College/MYSC Box Hill Senior Secondary College/MYSC Information and Communication Technologies Acceptable Use and Cybersafety Policy Student and Parent/Guardian Agreement Aims of this Policy Information and Communication

More information

Hamilton College Administrative Information Systems Security Policy and Procedures. Approved by the IT Committee (December 2004)

Hamilton College Administrative Information Systems Security Policy and Procedures. Approved by the IT Committee (December 2004) Hamilton College Administrative Information Systems Security Policy and Procedures Approved by the IT Committee (December 2004) Table of Contents Summary... 3 Overview... 4 Definition of Administrative

More information