INFORMATION GOVERNANCE POLICY: NETWORK SECURITY
|
|
- Cory Richardson
- 8 years ago
- Views:
Transcription
1 INFORMATION GOVERNANCE POLICY: NETWORK SECURITY Original Approved by: Policy and Procedure Ratification Sub-group on 23 October 2007 Version 1.2 Approved by: Information Governance Group Approval Date: 16 December 2009 Review Date: 16 December 2011 Responsible Person: Steve Ingleson, Director of Performance Management Circumstances may arise or there may be a change in guidance (e.g. NICE or Employment Law) where changes may be required to the Policy before the planned review date. Staff are responsible to identify this to the Policy Group via their Line Manager who will then put in place a policy review process. NOTE: All policies remain extant until notification of an amended policy is placed on the intranet. Policy Name: Network Security Author: Carol Mitchell, Information Governance Manager Version: 1.2 Date: December 2009
2 2 of 8
3 Version Control Sheet: Version Date Author Status Comment 1.1 Sept 07 C Mitchell Approved 1.2 Dec 09 C Mitchell Approved No changes required 3 of 8
4 BRADFORD AND AIREDALE TEACHING PRIMARY CARE TRUST 4.2 NETWORK SECURITY Introduction This policy is in place to enable access to and assure the security of the data communications network of the tpct. It establishes the responsibilities of IT Services in managing the network and users responsibilities in using it. Additionally it provides information in taking action to foresee, detect, prevent or rectify security risks which threaten the activities of the tpct and its staff. Supporting Procedures None Risk Management The risks identified under this policy include unauthorised access to information, loss of information, loss of availability to information. 1.0 Purpose As a key part of its role, IT Services is responsible for the ownership, development, installation, operation and maintenance of the data communications network on behalf of the tpct and its staff. With this responsibility comes the authority to take action necessary to safeguard the security of the network to minimise and contain potential risks to the tpct and its staff, both operational and legal, from the consequences of network-related security violations and misuse. In this context, the purpose of this policy is to state clearly both IT Services responsibility and authority for the tpct s network infrastructure and devices connected to that infrastructure, and users responsibilities in using such devices. 2.0 Scope The coverage of this policy includes: a. The tpct s data communications network and devices connected to it. b. All users of such devices. c. External connections from the network to N3. d. Trust WAN links to other NHS organisations such as: Skipton Hospital Keighley Health Centre Ilkley Coronation Hospital 4 of 8
5 Others e. The protection, detection and action against threats, including but not restricted to: Virus attacks Denial of service attacks Hacking internally or from external sources Downloads and uploads of unacceptable material (as defined by the tpct s Surf Control Server policy) Unacceptable content of outgoing Unsolicited bulk Theft, corruption or loss of data or software from external sources Theft of bandwidth f. Unauthorised connection of devices to the network 3.0 Responsible Authorities The term Designated I.T. Services Authority used in this guidance means the Head of IT or their authorised delegate. This policy is issued under the authority of the Head of IT who is responsible for enforcing sanctions where necessary to safeguard the tpct and its members. The IT Infrastructure is managed by the IT Services Manager who is responsible for the prevention and detection of IT misuse. This policy is managed by the Head of IT who is responsible for investigating incidents of IT misuse. 4.0 Policy Statements The tpct s Network Security guidance addresses the following: Who can and cannot make use of the tpct s data communications network. Who can and cannot extend, remove or change the cabling or fibres that constitute the tpct s data communications network either within or between Trust buildings. What connections or changes can or cannot be made to the network. What devices can and cannot be attached to the network. Who can and cannot attach such devices. What they can and cannot use it for. How IT Services manages the control of the network and the approval of connections both from devices and from other networks. 5 of 8
6 How IT Services is able to foresee, detect, or prevent security threats and rectify the consequences of those threats to the network. What sanctions are available to IT Services when threats and misuse are encountered, to deter further misuse of the network. 5.0 Network Controls 5.1 Users of the Network As defined by the NHS Statement of Compliance, only registered users (i.e. those holding a valid username and password) or those given permission by the Head of IT are permitted to use the tpct s data network. The tpct s data network may be used for any purpose that is in accordance with the aims and policies of the tpct and for no other purpose. 5.2 Modifiers of the Network Only IT Services and tpct approved data communications contractors are permitted to modify the network infrastructure. 5.3 Network Devices Network devices are defined as active equipment required to connect and operate the tpct s data network. Examples are switches, routers and firewalls. Only IT Services and tpct approved data communications contractors are permitted to install such devices which will be solely managed by IT Services. These devices will be located in designated Communications Cabinets/Racks. 5.4 User Devices Any device, other than network devices defined above, is defined as a user device. User devices fall into two categories user and non-user equipment. A non-user device e.g. a server, is defined as equipment which provides a service to one or more users. tpct owned non-user devices may be connected to the network by competent users once it has been given an I.T. asset tag. The recognised owner of the equipment should then abide by this policy at all times. Client devices are defined as equipment generally used by one person. Examples are PCs or PDAs. Network connectivity is achieved by either plugging this equipment directly into an activated data point on the tpct network or indirectly by connection via the public Internet. Trust owned client devices may be connected to the network by any member of staff of the tpct provided the equipment is used in 6 of 8
7 accordance with the aims and policies of the tpct and for no other purpose. Users should note that they are not allowed to connect their own equipment as this breaches the NHS Statement of Compliance (Previously NHS Code of Connection). 6.0 Network Security Management (ISO Network controls & Security of network services) 6.1 IT Services are responsible for managing and being accountable for access to the N3 Network by the PCT s users. Staff should complete a network access form in order to gain access to the tpct s network. 6.2 IT Services are also responsible for managing the risks of any network device connected to the network and implementing any necessary security measures to protect the network. 6.3 IT Services manages the provision of IP addresses; protection via a central firewall and access lists; user registration; authorisation and authentication; and data point activation. Any approved tpct owned device may be connected to the tpct network and will be automatically assigned an IP address which gives access to internal resources. External resources can only be accessed through the Internet filter appliance firewall. Exceptions must be authorised by the Head of IT. 6.4 IT Services holds sole authority and responsibility for the connections of networking equipment to the network e.g. hubs, switches and routers. 6.5 Traffic entering and leaving the tpct s network will be monitored and managed by the IT Services. 6.6 IT Services are responsible for any equipment connected to the network to ensure that the latest level of anti-virus software and security patches are installed. 6.7 The management of remote network equipment should only be conducted by authorised IT Services staff. All network equipment, where available, should have a username and password set to access the device. Where possible only determined clients should be configured to access network equipment remotely. 6.8 The confidentiality and integrity of data passing over public networks should be maintained using industry standard security protocols such as IPSec. 6.9 Disruption to the network should be kept to a minimum. Procedures are in place to arrange for network downtime to include notification to end users in advance of scheduled maintenance. Change control documentation will be used on network equipment to ensure that only approved work is conducted and that work is logged. 7 of 8
8 6.10 When a new device is required to connect to the tpct s network IT Services should be contacted. They will then patch an existing LAN point or create a proposal for a new network point. 7. IT Services powers of detection, prevention and restitution IT Services proactively monitor the data network for performance issues, abnormal loading, port and IP scanning. The consequences of these are counter measured by regularly updating firmware and configuration files of firewalls and routers, and adding security patches and anti-virus updates when necessary. 8. Sanctions IT Services are responsible for investigating, containing and resolving breaches of security and may disconnect, block traffic to / from, impound, or log information about any machine using the data network. Under tpct disciplinary procedures, IT Services are authorised to initiate investigations of users who abuse this policy. Such investigations may result in IT Services banning users without prior notice, pending resolution of the incident and dependent upon the nature of the offence may involve the Police. 9. References N3 Network details can be viewed on NHS Statement of Compliance (Previously NHS Code of Connection) details can be viewed on 8 of 8
INFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE
INFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE Original Approved by: Policy and Procedure Ratification Sub-group on 23 October 2007 Version 2.1 Approved by: Information Governance
More informationNetwork Security & Connection Policy
Network Security & Connection Policy Effective from 17 February 2015 Version Number: 2.0 Author: Network Manager, IT Services Document Control Information Status and reason for development Revised to reflect
More informationINFORMATION GOVERNANCE POLICY: DATA BACKUP, RESTORE & FILE STORAGE HANDLING
INFORMATION GOVERNANCE POLICY: DATA BACKUP, RESTORE & FILE STORAGE HANDLING Original Approved by: Policy and Procedure Ratification Sub-group on 23 October 2007 Version 2.2 Approved by : Information Governance
More information1 Purpose... 2. 2 Scope... 2. 3 Roles and Responsibilities... 2. 4 Physical & Environmental Security... 3. 5 Access Control to the Network...
Contents 1 Purpose... 2 2 Scope... 2 3 Roles and Responsibilities... 2 4 Physical & Environmental Security... 3 5 Access Control to the Network... 3 6 Firewall Standards... 4 7 Wired network... 5 8 Wireless
More informationNetwork Service, Systems and Data Communications Monitoring Policy
Network Service, Systems and Data Communications Monitoring Policy Purpose This Policy defines the environment and circumstances under which Network Service, Systems and Data Communications Monitoring
More informationTEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL
TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for
More informationPolicy on Connection to the University Network
Policy on Connection to the University Network Revision History Version Date Changes 0.1 01/12/04 David Conway 0.2 02/12/04 David Conway 0.3 19/01/05 David Conway 0.4 21/01/05 David Conway 1.0 07/03/05
More informationInformation Security
Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff
More informationHow To Ensure Network Security
NETWORK SECURITY POLICY Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Page 1 of 12 Review and Amendment Log/Control Sheet Responsible Officer:
More informationSTRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction
Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,
More informationData Network Security Policy
Authors: Mike Smith Rod Makosch Network Manager Data Security Officer IM&T IM&T Version No : 1 Approval Date: March 2005 Approved by : John Aird Director of IM&T Review Date : 1 April 2006 Trust Ref: C7/2005
More informationNOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0
NOS for IT User and Application Specialist IT Security (ESKITU04) November 2014 V1.0 NOS Reference ESKITU040 ESKITU041 ESKITU042 Level 3 not defined Use digital systems NOS Title Set up and use security
More informationWEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY
WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4
More informationNetwork Security Policy
Network Security Policy Policy Contents I. POLICY STATEMENT II. REASON FOR POLICY III. SCOPE IV. AUDIENCE V. POLICY TEXT VI. PROCEDURES VII. RELATED INFORMATION VIII. DEFINITIONS IX. FREQUENTLY ASKED QUESTIONS
More informationSTFC Monitoring and Interception policy for Information & Communications Technology Systems and Services
STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services Issue 1.0 (Effective 27 June 2012) This document contains a copy of the STFC policy statements outlining
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationAcceptable Use Policy
Sell your Products Online and Web by Numbers are brands of Web by Numbers Ltd (hereinafter referred to as Web by Numbers ) Acceptable Use Policy Web by Numbers has created this Acceptable Use Policy (AUP)
More informationTECHNICAL VULNERABILITY & PATCH MANAGEMENT
INFORMATION SECURITY POLICY TECHNICAL VULNERABILITY & PATCH MANAGEMENT ISO 27002 12.6.1 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-12.6.1 Version No: 1.1 Date: 1 st
More informationDublin Institute of Technology IT Security Policy
Dublin Institute of Technology IT Security Policy BS7799/ISO27002 standard framework David Scott September 2007 Version Date Prepared By 1.0 13/10/06 David Scott 1.1 18/09/07 David Scott 1.2 26/09/07 David
More informationNetwork & Information Security Policy
Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk
More informationNETWORK AND INTERNET SECURITY POLICY STATEMENT
TADCASTER GRAMMAR SCHOOL Toulston, Tadcaster, North Yorkshire. LS24 9NB NETWORK AND INTERNET SECURITY POLICY STATEMENT Written by Steve South November 2003 Discussed with ICT Strategy Group January 2004
More informationOSU INSTITUTE OF TECHNOLOGY POLICY & PROCEDURES
Network Security 6-005 INFORMATION TECHNOLOGIES July 2013 INTRODUCTION 1.01 OSU Institute of Technology (OSUIT) s network exists to facilitate the education, research, administration, communication, and
More informationRemote Network Access Procedure
Remote Network Access Procedure Version: 1.1 Bodies consulted: - Approved by: PASC Date Approved: 20.8.13 Lead Manager: Ade Sulaiman Responsible Director: Simon Young Date issued: Aug 13 Review date: Jul
More informationNETWORK SECURITY GUIDELINES
NETWORK SECURITY GUIDELINES VIRUS PROTECTION STANDARDS All networked computers and networked laptop computers are protected by GST BOCES or district standard anti-virus protection software. The anti-virus
More informationChapter 9 Monitoring System Performance
Chapter 9 Monitoring System Performance This chapter describes the full set of system monitoring features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. You can be alerted to important
More informationULH-IM&T-ISP06. Information Governance Board
Network Security Policy Policy number: Version: 2.0 New or Replacement: Approved by: ULH-IM&T-ISP06 Replacement Date approved: 30 th April 2007 Name of author: Name of Executive Sponsor: Name of responsible
More informationNetwork Security Policy
Network Security Policy I. PURPOSE Attacks and security incidents constitute a risk to the University's academic mission. The loss or corruption of data or unauthorized disclosure of information on campus
More informationHow To Manage An 802.11 Wireless Network At A University
WIRELESS POLICY 1 INTRODUCTION 1.1 Wireless networking is a fast emerging technology and is set to continue to grow for the foreseeable future. It is recognised that wireless networking could offer benefits
More informationICANWK406A Install, configure and test network security
ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with
More informationAcceptable Usage Policy
Version 2.1 20141230 Acceptable Usage Policy Acceptable Usage Policy Contents 1. PURPOSE OF THIS POLICY... 2 2. GENERAL... 2 3. APPLICATION... 2 4. UNREASONABLE USE... 2 5. UNACCEPTABLE USE... 3 6. SPAM...
More informationBOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy
BOARD OF DIRECTORS PAPER COVER SHEET Meeting date: 22 February 2006 Agenda item:7 Title: Purpose: The Trust Board to approve the updated Summary: The Trust is required to have and update each year a policy
More informationRotherham CCG Network Security Policy V2.0
Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October
More informationThe purpose of this policy is to provide guidelines for Remote Access IPSec or Virtual Private
1. Policy Overview The purpose of this policy is to provide guidelines for Remote Access IPSec or Virtual Private Network (VPN) connections to the University of Dammam network. 1.1. Purpose University
More informationStudent Halls Network. Connection Guide
Student Halls Network Connection Guide Contents: Page 3 Page 4 Page 6 Page 10 Page 17 Page 18 Page 19 Page 20 Introduction Network Connection Policy Connecting to the Student Halls Network Connecting to
More informationREMOTE WORKING POLICY
Reference number Approved by Information Management and Technology Board Date approved 30 April 2013 Version 1.0 Last revised Review date March 2014 Category Owner Target audience Information Assurance
More informationMonitoring and Logging Policy. Document Status. Security Classification. Level 1 - PUBLIC. Version 1.0. Approval. Review By June 2012
Monitoring and Logging Policy Document Status Security Classification Version 1.0 Level 1 - PUBLIC Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Change History
More informationComputer Network & Internet Acceptable Usage Policy. Version 2.0
Computer Network & Internet Acceptable Usage Policy Version 2.0 April 2009 Document Version Control Version Date Description 1.0 Sept 2003 Original Version (adopted prior to establishment of BoM) 2.0 March
More informationDBC 999 Incident Reporting Procedure
DBC 999 Incident Reporting Procedure Signed: Chief Executive Introduction This procedure is intended to identify the actions to be taken in the event of a security incident or breach, and the persons responsible
More informationUsing a Firewall General Configuration Guide
Using a Firewall General Configuration Guide Page 1 1 Contents There are no satellite-specific configuration issues that need to be addressed when installing a firewall and so this document looks instead
More informationWellesley College Written Information Security Program
Wellesley College Written Information Security Program Introduction and Purpose Wellesley College developed this Written Information Security Program (the Program ) to protect Personal Information, as
More informationInformation Management and Security Policy
Unclassified Policy BG-Policy-03 Contents 1.0 BG Group Policy 3 2.0 Policy rationale 3 3.0 Applicability 3 4.0 Policy implementation 4 Document and version control Version Author Issue date Revision detail
More informationNetwork Services Internet VPN
Contents 1. 2. Network Services Customer Responsibilities 3. Network Services General 4. Service Management Boundary 5. Defined Terms Network Services Where the Customer selects as detailed in the Order
More informationFirewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA
Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..
More informationTameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:
Tameside Metropolitan Borough Council ICT Security Policy for Schools Adopted by: 1. Introduction 1.1. The purpose of the Policy is to protect the institution s information assets from all threats, whether
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationNETWORK SECURITY POLICY
NETWORK SECURITY POLICY Policy approved by: Governance and Corporate Affairs Committee Date: December 2014 Next Review Date: August 2016 Version: 0.2 Page 1 of 14 Review and Amendment Log / Control Sheet
More informationInternet Use Policy and Code of Conduct
Internet Use Policy and Code of Conduct UNIQUE REF NUMBER: AC/IG/023/V1.1 DOCUMENT STATUS: Agreed by Audit Committee 18 July 2013 DATE ISSUED: July 2013 DATE TO BE REVIEWED: July 2014 1 P age AMENDMENT
More informationHOSTEDMIDEX.CO.UK. Additional services are also available according to Client specific plan configuration.
HOSTEDMIDEX.CO.UK THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO CLIENT BY THE SUPPLIER. I. Service Definition Lanmark Technical Services Ltd trading as mailhosted.co.uk
More informationLAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY
LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee
More information2.1.1 This policy and any future changes requires ratification by CAUDIT.
1.0 Background to this document 1.1 This document sets out guidelines that cover the control of the supply and receipt of Internet access for educational purposes, that is primarily (but not exclusively)
More informationWireless Networking Policy September 2009 Newman University College IT Services. Wireless Networking Policy
This policy document relates specifically to wireless networking at Newman University and should be read in conjunction with the General Conditions of Use of Computing and Network Facilities. The Wireless
More informationInformation Technology Cyber Security Policy
Information Technology Cyber Security Policy (Insert Name of Organization) SAMPLE TEMPLATE Organizations are encouraged to develop their own policy and procedures from the information enclosed. Please
More informationICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation
ICT SECURITY POLICY Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation Responsibility Assistant Principal, Learner Services Jannette
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationNHSnet SyOP 9.2 NHSnet Portable Security Policy V1. NHSnet : PORTABLE COMPUTER SECURITY POLICY. 9.2 Introduction
NHSnet : PORTABLE COMPUTER SECURITY POLICY 9.2 Introduction This document comprises the IT Security policy for Portable Computer systems as described below. For the sake of this document Portable Computers
More informationSTRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS
Policy: Title: Status: ISP-S9 Use of Computers Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1. Introduction 1.1. This information security policy document contains high-level
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More informationORANGE REGIONAL MEDICAL CENTER Hospital Wide Policy/Procedure
ORANGE REGIONAL MEDICAL CENTER Hospital Wide Policy/Procedure MANUAL: Hospital Wide SECTION: Information Technology SUBJECT: Acceptable Use of Information Systems Policy IMPLEMENTATION: 01/2011 CONCURRENCE:
More informationE Safety Policy. 6 th March 2013. Annually. 26 th February 2014
E Safety Policy This e safety policy was approved by the Governing Body on: The implementation of this e safety policy will be monitored by: Monitoring will take place at regular intervals: Reporting to
More informationInfocomm Sec rity is incomplete without U Be aware,
Infocomm Sec rity is incomplete without U Be aware, responsible secure! HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD [ 2 ] FASTEN
More informationGuidance Notes on the Regulations for the use of Information Technology
Guidance Notes on the Regulations for the use of Information Technology 1 Introduction This guidance expands on the principles set out in the core regulations. It gives many examples of specific situations
More informationTrust Operational Policy. Information Security Department. Third Party Remote Access Policy
Trust Operational Policy Information Security Department Policy Reference: 3631 Document Control Document Title Author/Contact Document Reference 3631 Pauline Nordoff-Tate, Information Assurance Manager
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationS E R V E R C E N T R E H O S T I N G
S E R V E R C E N T R E H O S T I N G Managed Hosting Multi Tenant Platform Microsoft Dynamics CRM 2013 Service Level Agreement Server Centre Hosting Limited Master Version - 2.1 Server Centre Hosting
More informationInformation Technology Policy and Procedures
Information Technology Policy and Procedures Responsible Officer Author Ben Bennett, Business Planning & Resources Director Policy Development Group Date effective from April 2005 Date last amended February
More informationTerms and Conditions. Acceptable Use Policy Introduction. Compliance with UK Law. Compliance with foreign law
Terms and Conditions Acceptable Use Policy Introduction (hereafter called Hosted Developments) has created this Acceptable Use Policy (AUP) for hosting customers to protect our resources, and the resources
More informationAASTMT Acceptable Use Policy
AASTMT Acceptable Use Policy Classification Information Security Version 1.0 Status Not Active Prepared Department Computer Networks and Data Center Approved Authority AASTMT Presidency Release Date 19/4/2015
More informationINFORMATION SECURITY PROGRAM
Approved 1/30/15 by Dr. MaryLou Apple, President MSCC Policy No. 1:08:00:02 MSCC Gramm-Leach-Bliley INFORMATION SECURITY PROGRAM January, 2015 Version 1 Table of Contents A. Introduction Page 1 B. Security
More informationN e t w o r k E n g i n e e r Position Description
Position Title: Group/Division/Team Network Engineer Business Technology Services / IT Operations Division Date October 2011 Reports to Roles Reporting to This Primary Objective Decision Making Authority
More informationInformation and Communication Technology. Firewall Policy
BELA-BELA LOCAL MUNICIPALITY - - Chris Hani Drive, Bela- Bela, Limpopo. Private Bag x 1609 - BELA-BELA 0480 - Tel: 014 736 8000 Fax: 014 736 3288 - Website: www.belabela.gov.za - - OFFICE OF THE MUNICIPAL
More informationInformation Technology Services
Responsible Officer Approved by Chief Information Officer Council Approved and commenced August, 2014 Review by August, 2017 Relevant Legislation, Ordinance, Rule and/or Governance Level Principle ICT
More informationThe University of Information Technology Management System
IT Monitoring Code of Practice 1.4 University of Ulster Code of Practice Cover Sheet Document Title IT Monitoring Code of Practice 1.4 Custodian Approving Committee Deputy Director of Finance and Information
More informationComputers Basic Training recruits are provided access to a computer lab for completion of work assignments. Recruits may choose to bring a laptop or
Computers Basic Training recruits are provided access to a computer lab for completion of work assignments. Recruits may choose to bring a laptop or desktop for their use while in training. If a recruit
More informationS E R V E R C E N T R E H O S T I N G
S E R V E R C E N T R E H O S T I N G Managed Hosting Microsoft Lync - Service Level Agreement Server Centre Hosting Limited Master Version - 2.1 Server Centre Hosting Ltd, The Old Public House, 3 Watnall
More informationNETWORK INFRASTRUCTURE USE
NETWORK INFRASTRUCTURE USE Information Technology Responsible Office: Information Security Office http://ooc.usc.edu infosec@usc.edu (213) 743-4900 1.0 Purpose The (USC) provides its faculty, staff and
More informationIP Telephony Management
IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient
More informationICT Security Policy for Schools
WOLGARSTON HIGH SCHOOL Staffordshire ICT Security Policy for Schools A Statement of Policy Author: Readability Score: Frequency of Review: J Ablewhite 15-16 years Annually Amendments 2014 JA Page 1 of
More informationRL Solutions Hosting Service Level Agreement
RL Solutions Hosting Service Level Agreement April 2012 Table of Contents I. Context and Scope... 1 II. Defined Terms... 1 III. RL Solutions Responsibilities... 2 IV. Client Responsibilities... 4 V. The
More informationMSP Service Matrix. Servers
Servers MSP Service Matrix Microsoft Windows O/S Patching - Patches automatically updated on a regular basis to the customer's servers and desktops. MS Baseline Analyzer and MS WSUS Server used Server
More informationHow to Practice Safely in an era of Cybercrime and Privacy Fears
How to Practice Safely in an era of Cybercrime and Privacy Fears Christina Harbridge INFORMATION PROTECTION SPECIALIST Information Security The practice of defending information from unauthorised access,
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationData Protection Breach Management Policy
Data Protection Breach Management Policy Please check the HSE intranet for the most up to date version of this policy http://hsenet.hse.ie/hse_central/commercial_and_support_services/ict/policies_and_procedures/policies/
More informationSPECIAL CONDITIONS FOR WEBSITE HOSTING SERVICES ON A DEDICATED SERVER
SPECIAL CONDITIONS FOR WEBSITE HOSTING SERVICES ON A DEDICATED SERVER Version Date 03-09-13 The Supplier provides different categories of Dedicated Server. The hardware and software configurations, and
More informationARTICLE 4: SUPPLIER'S OBLIGATIONS
SPECIAL CONDITIONS FOR SO YOU START DEDICATED SERVER RENTAL Latest version dated 05/12/2013 ARTICLE 1: PURPOSE These Special Conditions supplement the So You Start General Conditions (the General Conditions
More informationTHE OPEN UNIVERSITY OF TANZANIA
THE OPEN UNIVERSITY OF TANZANIA Institute of Educational and Management Technologies COURSE OUTLINES FOR DIPLOMA IN COMPUTER SCIENCE 2 nd YEAR (NTA LEVEL 6) SEMESTER I 06101: Advanced Website Design Gather
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationConfiguring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011
Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011 Proprietary 2011 Media5 Corporation Table of Contents Introduction... 3 Solution Overview... 3 Network Topology... 4 Network Configuration...
More informationUniversal Network Access Policy
Universal Network Access Policy Purpose Poynton Workmens Club makes extensive use of network ed Information Technology resources to support its research and administration functions and provides a variety
More informationService Schedule for Business Email Lite powered by Microsoft Office 365
Service Schedule for Business Email Lite powered by Microsoft Office 365 1. SERVICE DESCRIPTION Service Overview 1.1 The Service is a hosted messaging service that delivers the capabilities of Microsoft
More informationEmbedded Network Solutions Australia Pty Ltd (ENSA) INTERNET ACCEPTABLE USE POLICY
T: 1300 00 ENSA (3672) F: 03 9421 6109 (ENSA) INTERNET ACCEPTABLE USE POLICY 1 ABOUT THIS POLICY... 2 2 GENERAL... 2 3 ILLEGAL ACTIVITY... 2 4 SECURITY... 2 5 RISKS OF THE INTERNET... 3 6 CONTENT PUBLISHING...
More informationABERDARE COMMUNITY SCHOOL
ABERDARE COMMUNITY SCHOOL IT Security Policy Drafted June 2014 Revised on....... Mrs. S. Davies (Headteacher) Mr. A. Maddox (Chair of Interim Governing Body) IT SECURITY POLICY Review This policy has been
More informationThe Wellcome Trust Sanger Institute IT Acceptable Use Policy (AUP) Version 1.8
The Wellcome Trust Sanger Institute IT Acceptable Use Policy (AUP) Version 1.8 Introduction The IT systems must be used in a reasonable manner and in such a way that does not affect their efficient operation,
More informationUMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY
UMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY Originator: IT Performance and Capacity Management Policy Approval and Version Control Approval Process: Position or Meeting
More informationPolicy Document. Communications and Operation Management Policy
Policy Document Communications and Operation Management Policy [23/08/2011] Page 1 of 11 Document Control Organisation Redditch Borough Council Title Communications and Operation Management Policy Author
More informationInformation Technology Security Procedures
Information Technology Security Procedures Prepared By: Paul Athaide Date Prepared: Dec 1, 2010 Revised By: Paul Athaide Date Revised: September 20, 2012 Version 1.2 Contents 1. Policy Procedures... 3
More informationOur Customer Relationship Agreement DIALUP SERVICE DESCRIPTION
Our Customer Relationship Agreement DIALUP SERVICE DESCRIPTION iinet Limited ACN 068 628 937 Phone: 13 22 58 Westnet Pty Ltd ACN 086 416 908 Phone: 1300 786 068 Adam Internet Pty Ltd ACN 055 495 853 Phone:
More informationGuardian365. Managed IT Support Services Suite
Guardian365 Managed IT Support Services Suite What will you get from us? Award Winning Team Deloitte Best Managed Company in 2015. Ranked in the Top 3 globally for Best Managed Service Desk by the Service
More informationEnterprise Broadband Customer Service Description
BT 2012 Issue 2_8 Table of Contents INTRODUCTION... 3 SERVICE OVERVIEW... 4 BENEFITS OF CHOOSING ENTERPRISE BROADBAND... 5 SERVICE DETAILS... 5 THE WORKPLACE... 5 COVERAGE... 5 ENTERPRISE BROADBAND...
More informationInformation Incident Management Policy
Information Incident Management Policy Change History Version Date Description 0.1 04/01/2013 Draft 0.2 26/02/2013 Replaced procedure details with broad principles 0.3 27/03/2013 Revised following audit
More information