Information Technology Acceptable Use An Overview

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Baltic High School Classroom Connections Presentation.
Let’s Talk About Cyber Security
1 of 2 By observing the guidelines below and performing regular maintenance on your computer, you can help keep your computer safe and maintain optimum.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Acceptable Use By: Keith R. Watson CoC Information Security Manager.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
1 Computer Security: Protect your PC and Protect Yourself.
Safe Surfing Tips Internet Safety Tips for Teens By: LaQuacious Garrett.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.
Electronic Use Policies.   Social Media  Internet.
PLUG IT IN 7 Protecting Your Information Assets. 1.How to Protect Your Assets: The Basics 2.Behavioral Actions to Protect Your Information Assets 3.Computer-Based.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
© 2007 The McGraw-Hill Companies, Inc. All rights reserved The Complete PC Tech Chapter 24.
Security and Ethics Safeguards and Codes of Conduct.
Security Issues and Ethics in Education Chapter 8 Brooke Blanscet, Morgan Chatman, Lynsey Turner, Bryan Howerton.
Office 365 is cloud- based productivity, hosted by Microsoft. Business-class Gain large, 50GB mailboxes that can send messages up to 25MB in size,
Staff Induction Log On Credentials & Security Resources Web Applications / Software LanSchool Projectors / Cameras / Printing Laptops / WiFi.
2.2 Interfacing Computers MR JOSEPH TAN CHOO KEE TUESDAY 1330 TO 1530
Information Technology Acceptable Use An Overview CSTMC All Staff Meeting February 10, 2014.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
Intro to Digital Technology Review for Final Introduction to Digital Technology Finals Seniors Monday, 5/16 – 2 nd Tuesday 5/17 – 1 st,3 rd Underclassmen.
Somerset ISD Online Acceptable Use Policy. Somerset Independent School District Electronic Resources Acceptable Use Policy The purpose of this training.
Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
What is Cloud Computing?
Managing Windows Security
Securing Network Servers
Office 365 is cloud-based productivity, hosted by Microsoft.
How to use the internet safely and How to protect my personal data?
Backdoor Attacks.
How to use the internet safely and How to protect my personal data?
Unit 4 IT Security.
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
Objectives Overview Explain why computer literacy is vital to success in today's world Describe the five components of a computer Discuss the advantages.
Avira Antivirus Support via a Dedicated Helpline Number The antivirus software of Avira is recommended as a reliable as well as a proficient software security.
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
Information Security Awareness 101
Get Office 2016 with Office 365 and get down to business
Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
Objectives Overview Explain why computer literacy is vital to success in today’s world Define the term, computer, and describe the relationship between.
Which is right for your business, Office 365 or Microsoft 365?
Red Flags Rule An Introduction County College of Morris
Which is right for your business, Office 365 or Microsoft 365?
CHAPTER 2: OPERATING SYSTEMS (Part 2) COMPUTER SKILLS.
Protecting Your Information Assets
Internet law Business law.
Dos and Don’ts.
Internet Safety and Security Curtis Shaw nwtel.ca November 2012
IS4680 Security Auditing for Compliance
24/7/365 Remote Computer Support
Who We Are Pitt Information Technology provides resources at the University for students, faculty, and staff Technology Support Computer Accounts .
Windows 10 An Operating System
Presentation transcript:

Information Technology Acceptable Use An Overview CSTMC All Staff Meeting February 10, 2014

Our goals for today Review policies related to IT acceptable use Explain how monitoring and follow-up work Look at your role as an employee Look at some practical tips (do’s and don’ts) Q and A

Policies Guideline 400-A Information Technology Objectives Guideline 400-B Information Technology Standards Guideline 400-C Corporate Internet Use Guideline 400-D Use and Management of Electronic Mail Guideline 400-E Information Technology Security Guideline 401-C Security of Information Policy 550 Code Of Ethics Policy 700 Risk Management Policy Policy 900 Policy on Information Management The Corporation reserves the right to monitor use of IT, as per our Corporate policies All our policies are on ECHO Several are new IT policies are being updated They need to address the issues you are facing as managers They are important tools to help you as a manager

Acceptable use IT tools are intended for you to do your work “All informatics assets are to be used for corporate business activities…” (400-E, 3.0) Limited personal use is allowed… “…employees are allowed limited personal use provided such use is conducted on personal time… all personal use of informatics assets should be cleared by the employee’s supervisor” (400-E, 3.0) “Personal browsing of the Internet is allowed provided it is conducted during personal time, no additional costs are incurred by the Corporation, and the usage remains compliant with this guideline.” (400-C, 5.0)

Changing expectations…

Social media The Corporation needs to be present in these spaces It is important to experiment We also need to be mindful of productivity and operational requirements Manager awareness and discretion is important

Streaming audio and video

Everything in the cloud

Bandwidth Buzzword worth taking a moment to define It’s one of these terms you may hear used a lot – e.g. “high bandwidth” Amount of data moved in a period of time Bits per second Can refer to capacity Can also refer to consumption Streaming audio and video are a major consumer of bandwidth

Why limitations on how we use IT? Resources are limited Bandwidth Storage Wi-Fi Etc... Safeguarding corporate assets IT security Managing information Productivity and operational requirements To help keep systems working properly So everyone can be productive And to safeguard Corporate information assets

Monitoring “Infrastructure components will be monitored to ensure their smooth operation and to detect any problems” (Guideline 400-A, 4.1)

Monitoring Why? To ensure normal operation of systems To follow up on anomalies or “incidents” To assist managers in their responsibilities As part of a formal investigation

Monitoring Examples of what is monitored Internet use Logs, reports, alerts Devices on our networks (including Wi-Fi) Computers and other devices Running programs, files, screen views, etc. as warranted Software What is installed on all computers Anti-virus On computers, servers, mail system, anti-spam system, firewall Detections, alerts

Monitoring and follow-up “Incidents” “An incident is an unplanned interruption to an IT service or reduction in the quality of an IT service.” (ITIL version 3)

Monitoring and follow-up Examples of “Incidents” Issues reported to the Computer Helpline Questions and queries System failures Web site blocked by the firewall High bandwidth use Virus infection Policy breach Patterns in system reports Events automatically detected by monitoring tools Note: an incident is not the same thing as wrongdoing

Monitoring and follow-up Who? Computer Helpline is our main point of contact for any issues All Informatics Services staff play a role Each system has a “prime” and one or more backups IT Security Coordinator

Monitoring and follow-up Process IT Staff first follow-up with employee IT include manager if it is a repeat or serious issue IT advise HR if issue persists or if there is a serious issue related to breach of Corporate policy Labour relations issue? > Handled by HR

Trust Expect employees to be professional and ethical Encourage employees to experiment and innovate Internet access is more open than at most Federal institutions

Tools are intended to help us do our work…

Your Role Respect policies on ethics, IT, and IM Help us use resources efficiently Keep your manager informed Report IT and IT security issues to the “Computer Helpline” Report IM issues to the “IM Office” Disclose wrongdoing

Do’s and Don’ts Streaming audio and video Stream audio and video only for work purposes YouTube, Vimeo, Internet radio, etc. This also includes use of public Wi-Fi We do not have the bandwidth capacity to allow personal streaming of audio and video

Do’s and Don’ts Web sites blocked by the firewall Let us know if you need a blocked site for work Default filters are not perfect You can send requests to the Computer Helpline

Do’s and Don’ts Personal files Personal audio and video files Don’t store your music and movie collection on Corporate resources, including your PC Personal photos Don’t put these on the O-Drive, Y-Drive or work computers and devices

Do’s and Don’ts Personal devices Personal thumb drives and hard drives Do not connect these to work computers Personal computers and devices Don’t bring your home computer to work If you use a personal smart phone or tablet, remember our Information Management Policy Managers have responsibility for their operations and must exercise their discretion

Do’s and Don’ts Software Advise the Computer Helpline of all non-standard software Maintainability Ask Computer Helpline to help you with software installations Avoid exposure to malicious code (viruses, Trojan horses, etc) Never install unlicensed software Legal exposure

Do’s and Don’ts Consumer cloud services Respect our Information Management Policy Corporate documents and records must be stored in OpenText Enterprise Never place sensitive or Protected documents in the cloud Advise your manager on how you are working with information You and your manager must work together to safeguard Corporate information assets Do not synchronize personal files Music, movie collections, photos Do not synchronize large amounts of data Video, large numbers of files

Q & A