IT West Security Recommendations

 

Maintaining a secure computer system is critical to your business. You must do everything you can to maintain the integrity of the system. If you allow outsiders to intrude into your system you run the real risk of having your data wiped out and being unable to transact your business. Also you have business systems, documents and emails that should only be seen by the people they are intended for. If your system is compromised, even with the login of one person, then data could end up where it is not supposed to be and could impact adversely on the business.

 

Here are some general rules we suggest you add to your security policy, to help keep your data and systems secure:

·         You cannot access any other employee’s computer profile, unless that person gave you express permission. In general access to someone else’s profile should be seen as an abnormal circumstance. If it is happening continuously you need to discuss with a supervisor and have the circumstances changed so it does not have to happen.

·         You cannot access any other employee’s email, unless that person gave you express permission. This includes simply reading an email on a screen. If it is on the screen you should avoid as much as possible reading the contents of the email. To protect yourself you should never leave the email system on your screen when you are absent from your desk.

·         Keep your password to yourself, never disclose it to anyone else. If you absolutely have to for some reason then immediately get your password changed.
If another employee tells you their password then advise them they should not do that and that they should now get their password changed.

·         All management personnel are to change their passwords at least once every 60 days. All other personnel should change their passwords every 90 days. All systems maintained by IT West are configured this way...to automatically prompt for a password change as a default.

·         Bank account passwords are to be changed every 60 days

·         Never change settings on your PC or system software without authorisation from management.

·         Never use another employee’s username to gain access to systems not usually accessible from your own username.

·         Any log on barcodes are to be taken home and kept in your direct care at all times

 

 

When a staff member leaves

When a staff member leaves, please advise IT West so that we can ensure:

 

·         Email is either redirected to an appropriate staff member or disabled altogether.

·         The user account is disabled immediately

·         The master administrative account password is changed.

·         The user account is deleted after 3 months

^ Top of page

27 Point network Audit

No featured videos found