Unified Infrastructure/Organization Computer System/Software Use Policy

Transcription

1 Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help maintain the files and hardware that cmprise the system safe frm harm. 2. Definitins: Unified Organizatin Cmbine City, Cunty, utlying agency emplyees and building, departments, etc. supprted by Gshen Cunty IT. Unified Infrastructure Cmbined netwrk, server, PC, Laptp, wireless, netwrk cmpnents 3. Statement f Cmpliance By using any part r device f the Unified netwrk yu are shwing yur cmpliance and understanding f this plicy. 4. Statement f Liability Individuals granted accesses t the Unified systems are held liable fr imprper disseminatin f sensitive data, even after terminatin f emplyment. The emplyee may be subject t criminal and civil penalties. 5. Plicy Changes This plicy is subject t change withut ntice. It is the respnsibility f the Unified Organizatin emplyee t infrm him/herself f changes t this plicy. 6. Ownership f Wrk , cmputer, internet, and vice mail systems are the prperty f Unified infrastructure. Anything created, laded, r accessed n these systems becmes the prperty f the Unified Organizatin. Emplyees have n privacy rights t the cntent f messages r data files, and the Unified Organizatin has the right t review, mnitr, audit, intercept, cpy, dwnlad, and disclse any cmmunicatins r files created r maintained n infrmatin systems at any time, withut prir ntice. As f 8/21/2013

2 7. Physical Security Only authrized Unified Organizatin persnnel may use the Unified Infrastructure cmputers. Mving, cnnecting r discnnecting equipment is t be dne by the Gshen Cunty Infrmatin Technlgy Department. 8. Encryptin Materials f a sensitive nature r which cnstitute Unified Organizatin cnfidential infrmatin shall nt be sent ut by the internet unless the infrmatin is apprpriately encrypted t prevent interceptin by third parties. 9. Authrized Use Use f the Unified Infrastructure fr nn-emplyment purpses may result in discipline and/r mnitry charge. 10. Authrized Access Unified Organizatin emplyees will be given explicit access t prgrams, files, and resurces needed t perfrm their assigned duties. Attempted access t prgrams, files, r resurces t which the emplyee has nt been given permissin t utilize will make the emplyee subject t disciplinary actin. 11. Departmental Barrier Departmental data will remain under the cntrl f the department. N access t department generated data by any ther department will be allwed withut the permissin f the respective department head. 12. Prgrams Only authrized and licensed prgrams may be installed and used n Unified Infrastructure cmputers. All prgrams must be installed at the directin f the Gshen Cunty Infrmatin Technlgy Department. 13. Cpyright N material which vilates cpyright law may be installed, stred, r used n Unified Infrastructure cmputers, and n Unified Infrastructure cmputer may be used in the creatin r distributin f said material. Items include, and are nt limited t: Unlicensed sftware As f 8/21/2013

3 Digital music (MP3's, WMA's, CD's) Digital vide (DVD's MPEG2/4) 14. Every Unified Organizatin emplyee will be assigned an address. This address can be used frm any wrk statin in the cunty, r externally. This accunt will be deleted upn the terminatin f the emplyee. All emplyees must use the fllwing guidelines fr access: The emplyee will nt allw anyne besides him/herself t access his/her accunt The emplyee will nt engage in mass-mailing (spamming) with their accunt The emplyee s is subject t inspectin and mnitring by cmmanding fficers and Infrmatin Technlgy The accunt is subject t virus and spam filtratin 15. Internet Every cmputer lcated within the facilities f the Unified Organizatin has been given access t the internet. All authrized persns are able t access the internet frm these cmputers given that the fllwing rules are fllwed: Unless in the act f investigating r researching an assigned case, n ne will be allwed t knwingly access sites which cntain scial netwrking, prngraphy, hate r anti-gvernment rganizatins, r anything unbecming f an fficer r emplyee which culd have adverse affects n persnnel mral r public reputatin. N ne will dwnlad, install, r access any subversive files r prgrams. IE: Viruses, Trjan hrses, Spy ware, Ad ware N ne will attempt t access anther cmputer system withut permissin (hacking/cracking) All Unified Organizatin and infrastructure activity will be recrded including , internet, netwrk access Internet access fr users r cmputers is subject t revcatin by the decisin f department heads r the Gshen Cunty Infrmatin Technlgy department. Internet access t specified sites, r class f sites, r types f media is subject t filtratin by the decisin f department heads r Infrmatin Technlgy 16. Netwrk Access 1. Lgn and passwrd Every Unified Organizatin emplyee will be assigned a netwrk lgn which will be deactivated upn terminatin f emplyment. This lgn can be used at any similarly classed Unified Organizatin department (IE, Law enfrcement and gvernment). The emplyee is t use their persnal access their and files. The emplyee is respnsible fr all activity n Unified Infrastructure under As f 8/21/2013

4 his/her lgn ID. Special statin accunts (bking, cntrl) are created fr multipersn lcatins. These lgns are t be used fr thse purpses nly. 2. Netwrk Strage Every emplyee will be allwed t stre files n the netwrk. They will be assigned a private strage place, and have access t a cmmn strage. Emplyees will nt attempt t access ther emplyee s persnal strage withut permissin. Emplyees will nt destry, damage, r deface files in the cmmn strage area. 3. Unauthrized Access/Use Any unauthrized access t r f anther member s lgn r file(s) is abslutely prhibited. Emplyees wh utilize sftware applicatins under anther emplyee lgn identity r access individual file(s) withut permissin will be subject t disciplinary actin. 4. Resurce Utilizatin N user will utilize netwrk resurces (Internet, , Strage, Printers, et al.) in a manner in which that use becmes an undue drain n the capacity f the system (i.e. streaming vide, music, etc) 17. Remte Access Remte access int Unified Infrastructure cmputer systems will be dne by encrypted means. All remte activity will be lgged and secured by username and passwrd authenticatin. 18. Ntice f Status Change It is the respnsibility f the Unified Organizatin department heads t infrm Infrmatin Technlgy f an emplyee status change s that the emplyee's status can be reflected in their assigned lgn. These status changes are: Hire Terminatin Extended leave 19. Data Dispsal Devices cntaining sensitive data are t be cmpletely deleted, verwritten r destryed befre leaving the cntrl f trusted users. As f 8/21/2013

5 20. Wrkstatin Retire All cmputers that are replaced will have their hard drives cmpletely erased and verwritten t ensure n data leakage. Cmputers frm sensitive envirnments will have their hard drives erased, verwritten, and destryed. As f 8/21/2013