Foreword. Director of Lands and Surveys Lands and Surveys Department Sabah. Information, Communication & Technology Best Practices (V1.



Similar documents
Information Security

Network and Workstation Acceptable Use Policy

Acceptable Use of Information Systems Standard. Guidance for all staff

STRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS

PHI- Protected Health Information

Information Systems Acceptable Use Policy for Learners

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy

Valmeyer Community Unit School District #3 Acceptable Use Of Computers and Networks

Authorised Acceptable Use Policy Groby Community College Achieving Excellence Together

THE OPEN UNIVERSITY OF TANZANIA INSTITUTE OF EDUCATIONAL AND MANAGEMENT TECHNOLOGIES. ICT security procedures for staff

Valmeyer Community Unit School District #3 Acceptable Use Of Computers and Networks

Sample Employee Network and Internet Usage and Monitoring Policy

E Safety Policy. 6 th March Annually. 26 th February 2014

Internet Use Policy and Code of Conduct

ICT POLICY AND PROCEDURE

TECHNOLOGY ACCEPTABLE USE POLICY

Terms and Conditions of Use - Connectivity to MAGNET

Electronic Communications Guidance for School Staff 2013/2014

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:

FAYETTEVILLE (AR) PUBLIC SCHOOLS COMPUTER/NETWORK USE POLICY

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL

ABERDARE COMMUNITY SCHOOL

Information Security Policy. Policy and Procedures

MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT

(For purposes of this Agreement, "You", " users", and "account holders" are used interchangeably, and where applicable).

LINCOLN UNIVERSITY. Approved by President and Active. 1. Purpose of Policy

Sheridan College Institute of Technology and Advanced Learning Telephone and Computer Information Access Policy

HAZELDENE LOWER SCHOOL

Acceptable Use of ICT Policy. Staff Policy

Cyber Security Best Practices

How To Behave At A School

Responsible Access and Use of Information Technology Resources and Services Policy

NAZARETH CATHOLIC COLLEGE 1-1 LAPTOP PROGRAM Policies & Procedures. (March 2012)

ACCEPTABLE IT AND COMPUTER USE POLICY GUIDE FOR STAFF

The Bishop s Stortford High School Internet Use and Data Security Policy

EMPLOYEE ACCESS RELEASE AND AUTHORIZATION FORM MCS warehouse form No

NC DPH: Computer Security Basic Awareness Training

HEATHFIELD HIGH SCHOOL INFORMATION TECHNOLOGY ACCEPTABLE USE POLICY

Computers and Internet Policy and Procedure

Senior School 1 PURPOSE 2 SCOPE 3 SCHOOL RESPONSIBILITIES

Acceptable Use of Information Technology Policy

Information Security Policy

How To Protect Decd Information From Harm

Acceptable Use of ICT Policy For Staff

Students KS2-3 Acceptable Use Policy

Dene Community School of Technology Staff Acceptable Use Policy

13. Acceptable Use Policy

POLICY ON THE USE OF UNIVERSITY INFORMATION AND COMMUNICATION TECHNOLOGY RESOURCES (ICT RESOURCES)

Information Security Code of Conduct

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST

HIPAA Privacy & Security Health Insurance Portability and Accountability Act

Students Acceptable Use Policy for Electronic Resources Rules Summary

CARRAMAR PUBLIC SCHOOL

Information Technology Acceptable Use Policies

The Internet and 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3

a) Access any information composed, created, received, downloaded, retrieved, stored, or sent using department computers.

Faculty/Staff/Community Mountain Home School District Computer and Network Appropriate Use Policy

Revelstoke Board of Education Policy Manual

SOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY

How To Deal With Social Media At Larks Hill J & I School

INTERNET, USE AND

YMDDIRIEDOLAETH GIG CEREDIGION A CHANOLBARTH CYMRU CEREDIGION AND MID WALES NHS TRUST PC SECURITY POLICY

Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS

UNIVERSITY OF ST ANDREWS. POLICY November 2005

The City reserves the right to inspect any and all files stored in private areas of the network in order to assure compliance.

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation

Tenth Judicial Circuit of Florida Information Systems Acceptable Use Guidelines Polk, Hardee and Highlands Counties as of January 2014

Grand Rapids Public Schools

Caldwell Community College and Technical Institute

Town of Brunswick. Computer Use Policy

1 Information and Communication Technology (ICT) Information Security Policy

POLICY: INTERNET AND ELECTRONIC COMMUNICATION # 406. APPROVAL/REVISION EFFECTIVE REVIEW DATE: March 2, 2009 DATE: March 10, 1009 DATE: March 2014

51 JS-R STUDENT USE OF INFORMATION TECHNOLOGY RESOURCES

STATE UNIVERSITY OF NEW YORK AT BROOKLYN DOWNSTATE MEDICAL CENTER COMPUTER and NETWORK USAGE POLICY I. INTRODUCTION

Information Technology Acceptable Use Policies and Procedures

Forrestville Valley School District #221

Guide to INFORMATION SECURITY FOR THE HEALTH CARE SECTOR

Policy and Procedure for Internet Use Summer Youth Program Johnson County Community College

INFORMATION TECHNOLOGY ACCEPTABLE USE & CYBER-SAFETY POLICY

LOUISA MUSCATINE COMMUNITY SCHOOLS POLICY REGARDING APPROPRIATE USE OF COMPUTERS, COMPUTER NETWORK SYSTEMS, AND THE INTERNET

INTERNET, AND COMPUTER USE POLICY.

EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY

CCSS IT ACCEPTABLE USE POLICY Guidance for Staff and Pupils

Computer Network & Internet Acceptable Usage Policy. Version 2.0

5. Users of ITS are the persons described above under Policy Application of the diocese of Springfield in Illinois.

BUCKEYE EXPRESS HIGH SPEED INTERNET SERVICE ACCEPTABLE USE POLICY

National Secondary School Computer Fund Meridan State College Q4 Take Home Tablet Charter. Student NSSCF Charter

NETWORK AND INTERNET SECURITY POLICY STATEMENT

ICT Student Usage Policy

WELB YOUTH SERVICE INTERNET AND ACCEPTABLE COMPUTER USAGE POLICY

DCPS STUDENT SAFETY AND USE POLICY FOR INTERNET AND TECHNOLOGY

Use of ESF Computing and Network Resources

Acceptable Use Policy

Information Technology Security Policies

How To Monitor The Internet In Idaho

OHIO VALLEY EDUCATIONAL COOPERATIVE TECHNOLOGY ACCEPTABLE USE POLICY

Computer Use Policy Approved by the Ohio Wesleyan University Faculty: March 24, 2014

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Bluewater District School Board ADMINISTRATIVE PROCEDURE AP 2312-D Administration Page 1. Network Resources - Limited Personal Use

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee

Transcription:

Circular : Information, Communication & Technology Best Practices (Version 1.0) Prepared By : Geospatial Development Management Section Survey Division Lands and Surveys Department Sabah January 2010

Foreword This circular is a compilation works over a period of time. The resources for ICT Best Practises are many and we have decided to focus on those being implemented in Malaysia, we have read the recommendations and circulars given by MAMPU, My.CERT, SG.CERT, UKIT and JPKN. This compilation is a summary of all the good practises that we should have when we make use of ICT to do our work. For more details of the Best Practises, you may visit any of the ICT websites that provide more detailed some guidelines and tips. In this modern age, ICT is a just tool to carry out our daily work and hence we need have to be knowledgeable on how to take care of our tool. Just like how the carpenter will spend time and effort to sharpen his saws and tools before beginning a day of carpentry work, likewise, in this age, it is expected of us when we login to the department network, that we spend time to ensure that our ICT tool is updated with antivirus patterns and that our email accounts do not spam others. In so doing we hope that that we do not burden others by our lack of knowledge when we spread 'virus' and 'worms' to our colleague. Please bear in mind that Computer Crimes Act 1997 is already enforced in Malaysia. Any failure on our part to observe the ICT Best Practises may result in a breach of the Act and is chargeable in courts of Malaysia. You are hereby advised to read and be familiar with the ICT Best Practises, Director of Lands and Surveys Lands and Surveys Department Sabah Information, Communication & Technology Best Practices (V1.0) 2

Do's and Don'ts Don'ts Do's Don't access obscene material or material that could offend others. Don t write down or store password electronically. Don't let anyone else use your log in accounts or tell anyone your login in password. Don't download videos or music that's copyrighted by others. Don't use ICT facilities to offend or harass other people. Don t use ICT facilities to hack or scan other machines. Don't install unlicensed or malicious software. Don't use ICT facilities to advertise goods or services. Log out of computer systems when you have finished using them. Do look after the computer and other ICT equipments under your care properly. Do backup your files regularly. Do keep one set of important data outside the office. Do check your antivirus regularly and make sure its virus definition pattern updated and running. Information, Communication & Technology Best Practices (V1.0) 3

ICT Environment Users should be aware and practice the following to ensure a reliable computing environment. I. Neither food nor beverages are permitted near computer terminals, and ICT equipments. I Ensure that the UPS and/or Power Regulator connecting to the computer and peripheral equipment (printers, monitor, plotters, scanners and etc) is always turned on. Refrain from using pen drive for long periods of time or as permanent storage and backup, as this device is meant for transporting and sharing files only. Ensure that the computer and peripheral equipment (printers, monitor, plotters, scanners and etc) are adequately ventilated. V. Ensure that the office is pest-free zone by practising high-standard of hygiene, ensure dustbin are not placed next to the ICT equipments and that the office has Pest Control service frequently. Information, Communication & Technology Best Practices (V1.0) 4

General ICT Usage I. All computers are to be used in a responsible, efficient, ethical and legal manner. Any attempt to hack into the Department computer system is regarded as a criminal act and will be liable to disciplinary actions. I Users should report any software/hardware fault to Unit Sokongan IT, Geospatial Development Management Section as soon as possible. Users should report suspected abuse, especially any damage to or problems with their files. Users should not copy files from and/or write files onto other s computer Without prior consent. V. Users should not install unlicensed software. V VI IX. Users should shut down the computers properly i.e not shutting down computers by simply pressing the ON/OFF button. In the event of power failure which the UPS will be activated and provide power supply for a limited period of time, users should save all their work before shutting the computers down properly as mentioned in Log off computers when you have finished using them. Lock your screen (using CTRL+ALT+DEL) if you are leaving your computer unattended for a some time. Information, Communication & Technology Best Practices (V1.0) 5

Antivirus Management I. All users should be aware that the official antivirus for government computers is TrendMicro. I Users must ensure that their computers are installed with the antivirus. Users must ensure that the antivirus always stay connected by pointing the cursor over the antivirus icon and checking its status. It is the responsibility of Unit Sokongan IT to ensure that the antivirus on every computer is pointing to the correct server for updating of latest antivirus definition pattern. V. Users must contact Unit Sokongan IT whenever the antivirus status is found 'disconnected'. Users should always remember that they are not allowed to uninstall the antivirus. Information, Communication & Technology Best Practices (V1.0) 6

Access to ICT facilities I. Users may only access those services or parts of the computer systems/applications he or she is given access to. I Users must not attempt in any manner to access unauthorised computer systems/applications in the Department's Local Area Network or the WIFI network. For headquarters users, they must ensure they log on to JTUHQ domain to enable IPs to be assigned to their computers as follows :- Username : Password : Domain : JTUHQ For other outstation offices, users must ensure that they log on to the domain with the username and password that is assigned to them. V. Users must not install Access Points within Wisma Tanah & Ukur or in any of the oustation offices illegally. V Users must not access others computers without prior consent. Always contact Unit Sokongan IT whenever users have difficulties logging on the domain. Information, Communication & Technology Best Practices (V1.0) 7

Email Usage I. Email usage is free for all users. For JTU staff, we have two accounts :- Ali.Ahmad@jtu.sabah.gov.my and Ali.Ahmad@sabah.gov.my. However, for official correspondence, users should use their official email accounts eg. Ali.Ahmad@sabah.gov.my I Users must exercise care when sending an email as the email messages sent become the possession of the receiver which can easily be redistributed. Always double-check the addresses of your intended recipients to avoid the email messages being sent to the wrong recipients. Never send or forward chain email as it may result in spamming which is a waste of computing resources and a nuisance and often offends recipients. V. Don't pass on unconfirmed rumours especially about viruses because they often only cause needless panic. V VI IX. Do not send emails of obscene nature i.e containing obscene messages and/or pictures/movie clips. Do not open files with.exe extension as they can be viruses. Delete messages that should not be preserved. Do not share your email passwords with others. Information, Communication & Technology Best Practices (V1.0) 8

Internet Usage I. Do not visit sites featuring pornography, terrorism, espionage, theft or drugs, inciting racial hatred or disharmony. I Do not engage in online gambling or any other activity in violation of the laws of the Country. Do not conduct unauthorised business. Do not engage in online subversive activities against the Government. V. Facebooks may be used but only during stipulated period of time as set forth in the access policy. Do not propagate deliberately any virus. V Some downloading sites have been blocked by firewall. Do not download programs which will significantly degrade the performance of the Internet facilities. VI Do not send inappropriate email to large numbers of people, via the Internet as this will also degrade the performance of the Internet facilities. Information, Communication & Technology Best Practices (V1.0) 9

Password Usage I. Do not write down or store password electronically. I Do not hint password to anyone. (e.g. my family name, my pet s name, etc.) Do not reveal password in any manner (e.g. over phone, SMS, email, messenger, questionnaires / security forms, etc) to anyone. Do not enable Remember Password feature of applications (e.g. Internet Explorer, Firefox, Opera, Messenger, Netscape, Eudora, Outlook etc.) V. A password must be : a. at least 8 characters in length. b. a combination of upper and lower-case alphabets, numbers and special characters. c. NOT the same as or similar to any personal information of user. d. NOT a word in any dictionary, language and jargon. Combination of password may include: a. Upper case: A Z b. Lower case: a z c. Numbers: 0 9 d. Special characters: ~!@#$%^&*()_+<>?;:[]\ Examples of weak passwords: a. Names of family, pets, friends, co-workers b. Computer terms and names, sites, companies, hardware, software c. Birthday, addresses, phone numbers, car plate number Always change any new password received immediately upon the first login. V Always change password immediately when suspected of being compromised. VI IX. Always change password at least once in every 6 months. The same password must never be used more than once. Information, Communication & Technology Best Practices (V1.0) 10

Backup & Restoration I. All work related data in any computer must be backup. I For standalone computers, network computer, workstations and servers, always backup important data on Pen-Drive, CD, magnetic tapes, external Hard Disk and/or copy important data to the file server. Backup important data daily and weekly. Keep daily backup on-site. V. For servers, keep one copy of weekly backup on-site for restoration and the other for off-site safe keeping. V VI For Headquarters, off-site safe keeping is at Inanam Training School. All backups must be verified to be restorable. All backups must be adequately and appropriately labelled. Information, Communication & Technology Best Practices (V1.0) 11

Sepuluh Perintah untuk Etika Komputer 1. Jangan menggunakan komputer untuk membahayakan orang lain. 2. Jangan mencampuri pekerjaan komputer orang lain. 3. Jangan mengintip file orang lain. 4. Jangan menggunakan komputer untuk mencuri. 5. Jangan menggunakan komputer untuk bersaksi dusta. 6. Jangan menggunakan sumber daya komputer orang lain tanpa izin. 7. Jangan mengambil hasil intelektual orang lain untuk diri sendiri. 8. Fikirkanlah mengenai akibat sosial dari program yang anda tulis. 9. Bantulah mereka yang memerlukan tunjuk ajar dalam penggunaan komputer. 10. Gunakanlah komputer dengan rasa penghargaan. Information, Communication & Technology Best Practices (V1.0) 12

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information