>

Most Viewed Networking Devices:

  1. Small business firewalls
  2. Computer networking hardware
  3. High speed gigabit PCI adapter
  4. USB 3.0 PCI Card for Super Speed Data Transfer Rate
  5. Small Business Computer Network with Apple Mac Mini Server
  6. NSA 240 Sonicwall Small Business Network Security
  7. Cisco WRVS4400N Wireless Security Router
  8. Cisco RV 120W Wireless-N VPN Firewall and VLAN Router
  9. Cisco RV016 Multi WAN Router For Small Business
  10. Cisco RV220W Small Business Router
  11. Cisco RV082 Dual WAN VPN Router
  12. Edimax EnduraLINK ER-1088 Multi WAN Routers
  13. TL-R4299G Dual WAN Router for Internet Café
  14. New WNDR4500 N900 Vs Tew-692GR N900 Routers
  15. Netgear WNDR4000 and WNDR3800 Dual Band Routers
  16. Linksys E2500 Advanced Dual Band Router Vs E2000
  17. Linksys E-4200 Dual Band Gigabit Router

Most viewed Security Management:

  1. Information security management
  2. Firewalls Security Guidelines
  3. Business Continuity and Disaster Recovery Planning
  4. An Example of LAN Network Risk Assessment
  5. Information security policy guidelines
  6. Network Security Best Practices
  7. IT Security Risk Assessment

Most Viewed Networking Concepts:

  1. Local area network topology
  2. LAN Cable - standard deployment
  3. Easy way to calculate subnet mask
  4. VLAN tutorial
  5. WAN technologies
  6. Route summarization
  7. Understanding firewall with DMZ

 
«  
  »

Office Security Policy


Why Information Security in the Office is Important?

The corporate business premises and office areas have a variety of physical security controls in place, however staff should be vigilant at all times.

People are a very important security measure and a powerful deterrent against unauthorized access. Unauthorized access can lead to loss of life or injury and / or the theft and damage to material assets such as equipment and information.

Need to Know Principle

The Need to Know Principle means that you are provided with access to information and assets needed for you to do your job. No more – no less!

Important tips to remember about the Need to Know Principle:

  • Not everyone has the same access level as you.
  • You should not exceed your level without permission.
  • Don’t provide information to anyone else without authorization.

The following are guidelines or tips about office security policy

Office Security policy #1: Strangers in the Workplace

  • If you have an ID card – always wear it so it can be seen (preferably above the waist).
  • Remind your work mates to wear theirs.
  • Don’t let anyone ‘tailgate’ through doors when you enter, especially if you use an access card.
  • Question ‘strangers’ in the work place and report them to security if they should not be in your office.
  • Always escort your visitors and do not leave them unattended at any time.
  • Verify work orders for unattended maintenance / repair people before allowing them access to the corporate assets.
  • Verify equipment pickups before allowing any equipment or IT assets to be taken away.

Office Security policy #2: Classified Information / Assets

Always be aware of the sensitivity classification of the information you are working on. If you are not sure ask your Manager. Ideally the classification marking should be clearly displayed on all files, documents and media.

Office Security policy #3: Clear Desk

Keep sensitive information locked away when not in use; this includes documents and media etc.

Office Security policy #4: Screen-locking

Always screen-lock your computer when you leave your computer for any length of time.

REMEMBER that your User ID and password allows you access to information that is required for your job and your job only! Not everyone in your area has the same level of access as you!

Office Security policy #5: Secure Faxing

Ring the addressee and let them know that you are sending them a sensitive document and ask them to stand by the fax machine and at the same time confirm the fax number with them. Always double-check the number after you have entered it and after transmission, ring the addressee and make sure that they have received your fax.

Make sure that you remove the original when you have finished and always check the incoming fax tray.

Time and time again, faxes are sent to the WRONG people. Imagine what could happen if you sent your sensitive fax to a newspaper by accident!

Office Security policy #6: Secure Photocopying

Before copying a sensitive document, make sure that you are authorized to do so.

  • Only make the amount of copies that are required to do your job.
  • Stay at the photocopier until the job is completed.
  • Make sure that you remove the original and the copies.
  • If a copy does not turn out properly, dispose of it properly – don’t put in the waste bin.
  • If there is someone else at the photocopier, make sure that they cannot read the document/copies.

Office Security policy #7: Virus Scanning

Make sure that you virus scan all email attachments, Internet downloads, CDs and diskettes etc before opening the files.

Office Security policy #8: Personal Items

Always keep your personal items such as your wallet, purse, mobile phone and any other valuables locked away or kept out of sight. Don’t leave them unattended at any time.

Office Security policy #9: Secure Disposal Of Sensitive Information

  • Highly sensitive and confidential waste should always be shredded (a cross-cut shredder is best).
  • Other business waste should be torn in half and placed in the secure waste containers – not insecure recycle bins or your desk waste paper bin.
  • Don’t throw diskettes and CDs into your bin without destroying the item first.
  • At no time should business documents be placed in your office waste paper bin.

You have no control over what happens to your office rubbish when it leaves the building!

In the previous article, Instant messaging security guideline was discussed. And the next article that you also need to read is about password security guidelines. A good password is something that cannot be easily guessed and should not be a dictionary word. There are password-cracking tools available on the Internet that can crack dictionary word passwords very easily.


See also:

Share
March 30th, 2009 | Tags: , | Category: Information Security, Tips

1 comment to Office Security Policy

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>