|
Communications Equipment Policy
Policy No: 1.05
Printable Version
PURPOSE
The purpose of
the Communications Equipment Policy is to advise acceptable
use with regard to devices and systems used for the purposes
effecting business communication. With the convergence of
data and voice systems, the ability to connect remotely to
internal systems and the wide range of options offered by
personal assistants (PDAs, smart cellphones etc), it is
essential that these systems be used by authorised persons
for legitimate business activities.
SCOPE
This policy
affects all users of the corporate telephone system, those
that have been allocated a portable communications device
such as a cellular phone and those who connect remotely to
The Fake Chicken Company’s internal computer systems and networks through a
wireless, cdma or gprs connection.
POLICIES
1.1.1 The Fake Chicken Company
communications equipment and systems are provided to
facilitate business activities. Cellular telephones,
personal digital assistants and other devices must not be
used for personal purposes unless authorised by the IT
Manager.
 Computer
Systems and Equipment use Policy
Top
...and more
1.2 Corporate Telephone Systems
1.2.1
Employees
of The Fake Chicken Company must not leave messages containing
sensitive information on answering machines or voicemail
systems.
...and more
1.3.1 The
Blackberry may be used to transmit information providing
the information is not classified above Restricted.
...and more
2.1
Allocation and Recovery of
Communications Equipment
2.1.1 If
communications equipment is provided by The Fake Chicken
Company to third
parties a Loan Equipment Form must be completed and the
Equipment Loan Agreement signed by
authorised
persons.
Computer
Systems and Equipment Use Policy
Top
2.2
Risk Assessment
2.2.1 Before
mobile devices with networking capabilities are
introduced into the computing environment Management must
ensure that a risk assessment is conducted to confirm that
these devices do not create additional security
vulnerabilities which are unacceptable to The Fake Chicken
Company.
2.3
Training for Users
2.3.1 Managers
approving the use of PDAs, smart phones and other portable
devices with networking capabilities must ensure that users
are aware of the security implications of using these
devices and are fully trained in its proper use.
Business
Continuity Policy
Computer
Systems and Equipment Use Policy
3.1
Corporate Telephone Systems
3.1.1 To reduce the
potential for unauthorised use of The Fake Chicken Company's communications
systems, unused and unconfigured mailboxes must be deleted.
...and more
3.2 Remote Access
To Systems
3.2.1 Staff, contractors, consultants and other third
parties operating in the field or remotely
using a portable device will be connected to the computer systems and networks...
Explanation
This policy states that only those who have been authorised
to access the computer systems and networks of The Fake
Chicken Company will be provided with the means to effect
this access...
Computer
Systems and Equipment Use Policy
...and more
3.3.1 The Fake Chicken Company computer and
communications equipment must have an identification number
attached to the equipment. This code will assist the
equipment to be identified for asset management purposes.
Hardware Management Policy
...and more
3.4.1 PDAs and other hand-held devices must successfully
identify and authenticate the user before access is granted
to the device and corporate applications. The level of
authentication required is to be commensurate with the
sensitivity of the information being accessed.
Password
and Authentication Policy
Remote Access Policy
...and more
3.5.1 Bluetooth devices must be set to the lowest
necessary and sufficient power level so that transmissions
remain within the secure perimeter of the building.
...and more
3.6.1 The
Enterprise Service must be used when deploying
Blackberries for use at The Fake Chicken Company.
...and more
© 2004 All Rights
Reserved Kaon Security
Ltd
Top |
BS 25999 Standard No
Match
SOX Section 404
No Match
