Network Security Policy

 

Documentation Strategies, Inc is a consulting company that relies on its network and computer systems for its business.  Certain precautions and policies must be followed to ensure a safe computing environment for the business and our employees.

Workstation Security and Use

Each person is assigned a unique logon name for the network.  This logon name and associated password is not to be shared with anyone else, or left in a place where others may see this information.  Each person will log into the network with his or her own given logon name.  Working at a computer using some one else’s logon name is not permitted.  When away from a computer for any long period of time, the computer should be protected using one of the following methods:

• Utilize a screensaver with a password to automatically lock the workstation when away.
• Press Control-Alt-Delete, then click on LOCK WORKSTATION
• Log off the machine.

Anti-virus

Each computer on our internal network has multiple levels of protection against virus or worm behaviors.  Although the chance of being affected by a virus is small, there are some precautions that you should be aware of:

• Do not delete files on your computer system just because an email told you to.  A popular virus hoax would tell you to remove a particular file from your system because it is a virus – instead the file is actually a system file and deleting the file will cause problems to your computer.
• Do not forward email that claims you will get money if you forward it.
• Do not respond to emails that you suspect may contain a virus.
• Be aware of attachments in email from an address you are not expecting.  Although we all use attachments in email, the common way viruses are spread is simply as attachments to email from someone you know.

Network Security

Network security is very important in maintaining the business.  Each person has access to different parts of the network as appropriate for his or her job.  The network permissions on files and folders are controlled per user.  Some of the security measures in place include:

• Logging all failed logon attempts.
• Logging all failed attempts to access network files or folders.
• After several bad logon attempts, the account is locked out.
• The logon password is required to be changed periodically.

Additionally, our internal network is separated from the Internet through a router/firewall to protect our resources.

Confidential Information

The network and computer systems are continuously connected to the Internet.  This means that given enough information and with the right skills, our network can be attacked from the Internet. Although reasonable steps are taken with regards to hardware and software, it is no substitute for keeping information secure.  To help prevent network attack or intrusion (hacking), the following information is should not be discussed outside of the company:

• Logon names
• User names and groups
• Logon passwords
• Computer names
• IP addresses of company equipment (network or computer addresses)

Computer monitoring

All employees’ computer use is subject to monitoring.  This includes email, Internet usage and file access.  We reserve the right to monitor any network communications on our network even if the computer equipment involved is not owned by Documentation Strategies, Inc.  All usage of computer equipment provided by Documentation Strategies, Inc. either directly or indirectly (such as through a client) may be monitored.  Inappropriate information is not allowed and includes (but is not limited to):

• Sexually explicit pictures, stories and references regardless of the age involved.
• Derogatory references to a person or business.
• Profane language.

Software Installation

Only authorized software installed by the Network or Systems Administrators is permitted.  Users are not permitted to download or install any software from the Internet or other means without explicit permission.  This includes updates or patches to existing or installed programs, windows update, or media player.  All installed software must have a license.  No shareware programs may be used past their trial period without being formally licensed or registered without authorization.

Computer use at client sites

When using a computer attached to a network at a client’s facility, you will be required to follow their requirements for appropriate computer and network use in addition to this policy.  It is understood that different clients may have different software requirements and additional software or configurations may be necessary for operation at a client site.

 

 

Your signature below acknowledges that you have read this policy.

 

 

Employee  ___________________________________­­____ Date ____________