SU_ITS1103_W2_Project_Keegan_D

docx

School

South University, Savannah *

*We aren’t endorsed by this school

Course

1103

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

3

Uploaded by Dkeegan755

Report
David Keegan ITS1103 February 25, 2024 Computer Usage and Security Guidelines Training An ounce of prevention is worth a pound of cure. This old adage is as appropriate in the realm of computer usage as it is in the medical realm. All employee users should have an intimate knowledge of the procedures and protocols related to safe and responsible computer usage. This training will be implemented in two parts. The first part will be a general outline presentation encompassing the entirety of company practices and expectations regarding computer usage. This presentation will be followed by a closed-book exam that will test the employees’ comprehension of the content. Finally, employees will sign a user agreement verifying that they understand and agree to the company’s expectations. The initial training will cover: Login procedures. Download restrictions. Security Risks. Integrity Expectations. Confidentiality. This document will also serve as an accountability medium for any policy violations. Second, the employee will undergo bi-monthly E-Training to reinforce their understanding of federal policies as outlined by various agencies. These training sessions will also serve to increase the employee knowledge base by providing them with real world examples of security breaches and their fallout to corporate networks. Bi-monthly E-Training will cover: The Computer Fraud and Abuse Act (CFAA) Guidelines and penalties. o This act makes accessing a computer, or exceeding authorized access, a federal crime. The Gramm-Leach-Bliley Act (GLBA) Guidelines. o This act requires businesses to take steps to protect financial information. The Federal Trade Commission (FTC) Guidelines. o An act prohibiting fraudulent or dishonest business practices. Crime fighting vs. Civil Liberties o As outlined by the American Civil Liberties Union (ACLU). Passwords All employee usernames and passwords for logging onto the company network will be set by the network administrator and meet the following guidelines: Minimum of 8 characters.
Contain at least one of the following: capital letter, number, and symbol. Passwords will be changed at least every 21 days unless the administrator deems it necessary to change them more frequently. Employee users will not be permitted to share their password with anyone. Any employee caught sharing their password deliberately, or with an exposed password (such as a sticky note on their monitor or under their keyboard) will have their password changed immediately and be subject to disciplinary action. If an employee has reason to believe their password has been compromised, they are required to notify the administrator immediately so they may be assigned a new one. Downloading Downloads may be allowed, and even required in some cases. However, employees will be prevented from downloading any content without approval from the network administrator. Attempting to circumvent this policy will result in disciplinary action. Email Employees will have access to a company email account, which is only to be used for business purposes. The network administrator will be exclusively responsible for approving email contacts. Group policy features will prevent employees from following links or opening attachments from unapproved contacts. Storage Employees will be allowed a limited amount of network storage for work-related documents. These documents will be limited to files with approved extensions such as doc., xls., pdf, and jpeg. Approved document types will be managed by the network administrator. While employees will be allowed to save documents to the shared drive, they will only be allowed read/write access. They will not be allowed to delete or execute files. Countermeasures If a user even suspects a malware incursion, they are to notify the network administrator IMMEDIATELY! Under no circumstances are they allowed to troubleshoot the problem themselves. Red flags all employees should watch out for include (but are not limited to): Inability to access services such as email, and authorized applications. Unexpected and unscheduled shutdowns. Unauthorized deletion of files. Degradation of resources such as applications. Rapid and inexplicable OS behavior such as screen glitches or an inability to interact with desktop items. The network administrator, while abiding by established procedures, will isolate the device— along with any peripherals (scanners, printers, etc.)—from the rest of the network to prevent the problem from spreading. Once isolated, the admin will diagnose the problem. If malware is determined to be the cause, the admin will identify the type of malware (Example: worms and spyware), as well as the method of incursion (Example: email attachment or link).
The investigation will be documented in detail. This information will be used to generate proactive improvements for protection against similar incursions. All users will be prohibited from accessing the network until the admin gives an “all clear” notice. At this point, all users will be assigned new passwords before regaining access to the company network.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Access Control Q2.png
DAD_220_-_4-1_QUIZ.docx
DAD_220_-_1-3_QUIZ.docx
The effectiveness of resource histograms in managing project resources.docx
QUAL8241 Assignment 3 instructions W24.docx
Case 11 - IndyCar_ Jacob Fiero.docx
SU_ITS1103_W4_Project_Keegan_D.docx
HLT 520-Topic 5 DQ 1.docx
Ebooks - Cengage eReader 18.pdf
IMG_0755.jpeg
IMG_0755.jpeg
Mod-4-asssignment.docx