Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Technology Acceptable Usage. What you should know… Employees provide the first and final defense in addressing and mitigating day-to-day security.

Published byJohnathan Crawford Modified over 8 years ago

Similar presentations

Presentation on theme: "Information Technology Acceptable Usage. What you should know… Employees provide the first and final defense in addressing and mitigating day-to-day security."— Presentation transcript:

1 Information Technology Acceptable Usage

2 What you should know… Employees provide the first and final defense in addressing and mitigating day-to-day security risks Security is everyone’s responsibility 6/14/2016Security Awareness2

3 PS 1103: IT Acceptable Use Policy Created in 1999, revised in 2002 – Being reviewed, and plans are to update in 2010 Guides users of the Government of Saskatchewan’s IT infrastructure Employees are to follow this policy to ensure that their use of the Government’s IT resources are appropriate 6/14/2016Security Awareness3

4 Government Policy Three usage types for the Government of Saskatchewan’s IT infrastructure 1.Core activities required to conduct business of government e.g. emailing an agenda for upcoming meeting 2. Incidental neither explicitly permitted nor explicitly denied e.g. personal photocopies – employees are to cover costs 3. Unacceptable impedes work of others or needlessly squanders IT resources e.g. objectionable internet sites 6/14/2016Security Awareness4

5 Unacceptable Use Unacceptable use impedes the work of others or needless squanders IT resources The definition of unacceptable use will vary between ministries It is unacceptable to: Use the Government’s IT infrastructure for activities that contravene the law, existing policies or regulations Use any part of the Governments IT infrastructure for personal or financial gain 6/14/2016Security Awareness5

6 Email – Appendix B E-mail is accessible under the terms of The Freedom of Information and Protection of Privacy Act if information is requested that includes e-mail records Employees should have no reasonable expectation of privacy in e-mail transmitted – In government policy government reserves the right to access the contents of messages transmitted through its information technology infrastructure 6/14/2016Security Awareness6

7 Incidental Use… reminder Incidental Use neither explicitly permitted nor explicitly denied e.g. personal email accounts – checking occasionally is incidental However, when you are monitoring it constantly, it is no longer incidental 6/14/2016Security Awareness7

8 An Example of Core, Incidental & Unacceptable usageTechnologyCoreCore/IncidentalIncidentalIncidental/Unacceptable Un- acceptable Against Existing Policy Illegal Phone Answering an inquiry from a member of the public Make a brief personal call You make many personal calls & your work calls are answered by your busy co- workers Accessing 1- 900 lines on gov’t phones Using the office phone during office hours to buy and sell stocks Recording phone conversations without permission 6/14/2016Security Awareness8

9 An Example of Core, Incidental & Unacceptable usage TechnologyCoreCore/IncidentalIncidentalIncidental/Unacceptable Un- acceptable Against Existing Policy Illegal Computer Sending an email to all the members of the department OH & S Committee with minutes of the last meeting. Emails to co-workers with birthday wishes, holiday greetings. Playing solitaire while on break. Sending department- wide emails with puppies 4 sale type messages Distributing chain- emails with attachment that waste limited computing resources and/or contain viruses. Distributing a racist or obscene joke via email. Making a libellous or slanderous statement about a co- worker in an e-mail. 6/14/2016Security Awareness9

10 Questions? 6/14/2016Security Awareness10

Download ppt "Information Technology Acceptable Usage. What you should know… Employees provide the first and final defense in addressing and mitigating day-to-day security."

Similar presentations

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Northside I.S.D. Acceptable Use Policy 2009-2010.

Northside I.S.D. Acceptable Use Policy
Woodland Hills School District Computer Network Acceptable Use Policy.

Woodland Hills School District Computer Network Acceptable Use Policy.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Uintah School District Acceptable Use for Computer and Network Access.

Uintah School District Acceptable Use for Computer and Network Access.
Boyertown Area School District Acceptable Use Policy.

Boyertown Area School District Acceptable Use Policy.
Phoenix Union High School District Governing Board Policy In-Service Technology Usage Electronic Information System (EIS) 2014/2015 School Year.

Phoenix Union High School District Governing Board Policy In-Service Technology Usage Electronic Information System (EIS) 2014/2015 School Year.
IST346: Information Ethics. Ethics  Ethics are the principles of conduct that govern a group of people.  Ethics are not morals.  Morals are the proclamation.

IST346: Information Ethics. Ethics  Ethics are the principles of conduct that govern a group of people.  Ethics are not morals.  Morals are the proclamation.
Access to Electronic Media Acceptable Use Policy August 8, 2011 Meece Middle School.

Access to Electronic Media Acceptable Use Policy August 8, 2011 Meece Middle School.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
ICAICT202A - Work and communicate effectively in an IT environment

ICAICT202A - Work and communicate effectively in an IT environment
VISD Acceptable Use Policy

VISD Acceptable Use Policy
AUP Acceptable Use Policy

AUP Acceptable Use Policy
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
For Students of Humble ISD

For Students of Humble ISD
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA HIPAA Basic.

HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

Similar presentations

Ads by Google