Category: Information Technology
Last Modified: May 2017
Review Date: November 2018
Approved By: Executive
Author: Insert your name here, ADA Services Manager
Contact Person: Insert your name here, ADA Services Manager
Person Responsible: Imran Khan, Director of Corporate Services: Directorate
ADA Goal Statement: “To ensure everyone everywhere knows what the security policy is
when it comes to information technology and achieve their potential through this.”
Policy Title: Security Policy for IT
Author: Insert your name here
Updated May 2017
Due for Review November 2018
,EXECUTIVE SUMMARY: Our security policy for information technology explains the ways of
security when it comes to information technology. Both physically and virtually. Our information
about security is basically an index for security when it comes to information technology.
Policy Title: Security Policy for IT
Author: Insert your name here
Updated May 2017
Due for Review November 2018
,ADA SECURITY POLICY
Contents
1 Physical Security.................................................................................................................................5
1.1 CCTV................................................................................................................................................5
1.2 Good locks.......................................................................................................................................5
1.3 Bio metrics.......................................................................................................................................5
1.4 Security guards................................................................................................................................6
1.5 Fire extinguishers & sprinkler system..............................................................................................6
1.6 Flooding...........................................................................................................................................6
1.7 Bars on vulnerable parts of a building.............................................................................................6
1.8 Intrusion detection system .............................................................................................................6
1.9 Staff and visitor identification..........................................................................................................6
1.10 Access control (sign in/out) systems..............................................................................................6
1.11 Port Locking (USB).........................................................................................................................7
1.12 Cable shielding...............................................................................................................................7
2 Network security................................................................................................................................7
2.1 Network Operations........................................................................................................................7
2.2 Encryption keys................................................................................................................................7
2.3 Call back...........................................................................................................................................8
2.4 Handshaking....................................................................................................................................8
2.5 Diskless workstation........................................................................................................................8
2.6 Use of backups.................................................................................................................................8
2.7 Audit logs.........................................................................................................................................8
2.8 Firewall............................................................................................................................................8
2.9 Virus checking software...................................................................................................................9
2.10 Virtual private network..................................................................................................................9
2.11 Intruder detection systems............................................................................................................9
2.12 Passwords......................................................................................................................................9
2.13 Levels of access to data................................................................................................................10
2.14 Software updating.......................................................................................................................10
3 Disaster recovery..............................................................................................................................10
3.1 Back-ups stick................................................................................................................................10
3.2 Restore Points................................................................................................................................11
3.3 Imaging..........................................................................................................................................11
Policy Title: Security Policy for IT
Author: Insert your name here
Updated May 2017
Due for Review November 2018
,4 Encryption.........................................................................................................................................11
4.1 Private Key.....................................................................................................................................11
4.2 RSA.................................................................................................................................................11
4.3 Public key.......................................................................................................................................12
4.4 Triple Bolt Lock..............................................................................................................................12
4.5 Double Bolt Lock............................................................................................................................12
4.6 Single Bolt Lock..............................................................................................................................12
5 Policy and guidelines for IT security issues.......................................................................................12
5.1 Disaster recovery policies..............................................................................................................12
5.2 Updating security procedures........................................................................................................13
5.3 Scheduling of security audits.........................................................................................................13
5.4 Codes of conduct...........................................................................................................................13
5.5 Surveillance policies.......................................................................................................................13
5.6 Risk Management..........................................................................................................................14
5.7 Budget setting................................................................................................................................14
6 Employment contracts which can affect security.............................................................................14
6.1 Hiring policy...................................................................................................................................14
6.2 Separation of obligations...............................................................................................................15
6.3 Ensuring compliance involving disciplinary procedures.................................................................15
6.4 Training and communication with staff as their responsibilities....................................................16
6.5 How we can use staff employment contracts and company codes of conduct to help keep our
systems secure....................................................................................................................................16
7 laws related to security and privacy of data.....................................................................................17
7.1 Data Protection Act (1998)............................................................................................................17
7.2 Computer Misuse Act (1990).........................................................................................................17
7.3 Freedom of Information Act (2000)...............................................................................................17
7.4 Copyright Legislation (1998)..........................................................................................................18
Policy Title: Security Policy for IT
Author: Insert your name here
Updated May 2017
Due for Review November 2018
, 1 Physical Security
1.1 CCTV
CCTV which stands for closed-circuit television can be installed in good hiding positions to
put off any hackers or thieves and prevent them from doing anything dodgy and will help
keep the systems secure.
1.2 Good locks
The lock and key security and good use of high quality locks on doors and entrances into any
organisations buildings. Locks can also have passkeys associated with them making them
even more secure then they usually are.
1.3 Bio metrics
Bio metric security is a security used to authenticate and give access to a facility or system
based retinal scanning, voice and fingerprint technology. Because bio metric security takes a
scan at someone bodily features or biological data, it is the strongest and most fool proof
physical security technique used for identity verification. Making it very good for keeping
systems secure.
Policy Title: Security Policy for IT
Author: Insert your name here
Updated May 2017
Due for Review November 2018
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller 1999b. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.55. You're not tied to anything after your purchase.