|
------- INDEX AND GLOSSARY. DO NOT CHANGE OR DELETE! ----------
Open IT Policy Index
-
Acceptable Use, Administrative or Special Access (Policy)
-
Acceptable Use, Email (Policy)
-
Acceptable Use, Internet (Policy)
-
Acceptable Use, Virtual Private Network (VPN) (Policy)
-
Access Controls, Account (Policy)
-
Account Management (Policy)
-
Change Management (Policy)
-
Computer Virus Prevention (Policy)
-
Contingency Planning (Policy)
-
Data Backup and Storage (Policy)
-
Data Marking, Handling, Processing, Storage, and Disposal (Policy)
-
Deferral of System Security Certification or Accreditation, Annual (Form)
-
General Information Security Management (Procedure)
-
Green Computing (Policy)
-
Incident Response (Policy)
-
Intrusion Detection (Policy)
-
Logging and Audit Trails (Policy)
-
Mobile Computing and Network Access (Policy)
-
Network Access (Policy)
-
Network Access Controls (Standard)
-
Network Configuration (Policy)
-
Network Data Privacy (Policy)
-
Password Management (Policy)
-
Personnel Security (Policy)
-
Physical Security (Policy)
-
Policy Application Checklist (Administrative Utility)
-
Secure Media and Data Handling (Procedure)
-
Secure Software Development Lifecycle (Standard)
-
Social Computing and Networking (Policy)
-
Software and Hardware Security Controls (Policy)
-
Spam and Unsolicited Commercial Email Prohibition (Policy)
-
System Security Certification/Accreditation, Annual (Form)
-
System Security Certification/Accreditation, Annual (Policy)
-
Telecommuting Agreement, Employee (Form)
-------------------------------------------------------------------------------------------------
Overview and Purpose
The [variable: Covered organization] network infrastructure is a central utility for employees, contractors, partners, and vendors. It connects people, business processes, offices, and systems. To protect the network, as well as systems available through the network, it is important for all employees to observe rules that safeguard access to and use of the network infrastructure. These rules exist to preserve the integrity, availability and confidentiality of critical information that supports business functions.
Coverage
All individuals with access to any [variable: Covered organization] Information Resource.
Definitions
Network Access Policy
-
Users may use only those network addresses issued to them by [variable: covered Organization] IT management
-
All remote dial-in access (dial in services) must be either through an approved modem pool or via an Internet Service Provider (ISP).
-
Remote users may connecting to [variable: covered Organization] through an ISP must use protocols approved by IT management
-
Users inside the [variable: covered Organization]
firewall may not be connected to the internal network at the same time they are connected to an external network.
-
Users must not extend or re-transmit network services via routers, switches, hubs, wireless access points, etc., without prior approval from IT management.
-
Users must not install network hardware or software that provides network services without prior approval from IT management.
-
Non-[variable: covered Organization] computer systems that require network connectivity must conform to [variable: covered Organization] IT standards.
-
Users must not download, install or run security programs or utilities that reveal weaknesses in system security (for example, password cracking programs, packet sniffers, network mapping tools, or port scanners) while connected in any manner to [variable: covered Organization] network infrastructure.
-
Users must not alter network hardware in any way.
Enforcement
Violation of this policy may result in disciplinary action which may include termination for employees and temporaries; a termination of employment relations in the case of contractors or consultants; dismissal for interns and volunteers; or suspension or expulsion in the case of a student. Additionally, individuals are subject to loss of [variable: covered Organization]
Information Resources access privileges, civil, and criminal prosecution.
Supporting Documentation
This policy is supported by the following rules, standards, and procedures:
-
[variable: internal documents (with links, if available)]
-
[variable: external documents (with links, if available)]
Policy Support Contact
-
[variable: title (not personal name) of role responsible for overseeing this procedure]
-
[variable: Contact information of office responsible for overseeing this procedure]
References
Policy Models(s)
State of Texas, Department of Information Resources
|
Open IT Policy Project 
