IT244: Information Security Policy

1375 Words6 Pages
Information Security Policy Name Omitted School Omitted IT244 Intro to IT Security Instructor Name Omitted August 9, 2009 Executive Summary A powerful security position is upheld by defining data ownership responsibilities, employing security controls, and maintaining the security infrastructure. This policy outlines requirements that aid management in creating a framework that defines a secure environment. “This framework provides the overarching structure for safeguarding Information Technology (IT) Resources, achieving confidentiality, integrity and availability of the data and IT Resources used to manage the services provided by Commonwealth agencies, authorities, and business partners” (MASS.Gov, 2009).…show more content…
After passing through an outer door, employees must then pass through a second door. Validation by a second card will be necessary to gain entry through the second door. Four video cameras will be installed at each location. The first camera will be positioned to view the area between the first and second front doors, the second camera will show the entrance to the server closet, the third camera will view the company parking area for the safety of employees, and the fourth camera will monitor the delivery entrance and loading area. Security monitoring will be subcontracted with a local security outfit. On-site video monitoring and routine patrol will help ensure the grounds are secure. The loading dock will need to be physically secured, as well. High security areas will have some type of lighting as a deterrent, such as streetlights, floodlights or…show more content…
Access to private information will be limited to authorized persons whose job responsibilities require it, as determined by an appropriate approval process, and to those authorized to have access by state or federal law. Access is given through the establishment of a unique account in accordance with account request procedures. Users are expected to become familiar with and abide by Bloom policies, standards and guidelines for appropriate and acceptable usage of the networks and systems. All users will have access to expectations, knowledge, and skills related to information security. Every user must maintain the confidentiality of information assets even if technical security mechanisms fail or are absent. Users electing to place information on digital media or storage devices or maintaining a separate database are responsible for ensuring that security, confidentiality, and integrity are maintained in accord with this policy. Users are obligated to report instances of non-compliance (Old Dominion University Technology Policies, Standards, Procedures and Guidelines,

More about IT244: Information Security Policy

Open Document