Here is the sixth part of a sample security policy for end users, submitted by searchSecurity member Nap van Zuuren. Give it a read and tell us what you think by rating it at the bottom of the page. And, don't miss the rest of the policy; follow the link below.
Complete the following steps:
1. Read the Software/Hardware Policy.
2. Sign and date this form in the spaces provided below.
3. Return this page only to the assigned
- The return of this page can also be carried out by e-mail after PGP signing of this page. RSA SecureID (Token no: x ) You are personally responsible for protecting the authentication factors (SecureID (Key Fob Token and Personal Identification Number (PIN)) entrusted to you. Keep your PIN secret and protect your SecurID (Key Fob) against loss and theft. The authentication factors are strictly personal and may never be issued anonymously (e.g. "SysAdmin") or to a group (e.g. "XYZ, Inc. NOC"). If an unauthorized person learns your PIN and obtains your SecurID(Key Fob), this person can assume your identity. Any action this intruder takes is attributed to you in the system's security log. For your own protection and that of the system, always take the following precautions:
- Never reveal your PIN or user password to anyone. Do not write them down.
- If you think someone has learned your PIN, notify the relevant YYY SOC Manager or Security Administrator, who will clear the PIN immediately. At your next login you will have to receive or create a new PIN to use.
- Exercise care not to lose your SecurID (Key Fob) or to allow it to be stolen. If your Key Fob is missing, tell the relevant YYY SOC Manager or Security Administrator immediately. It will be disabled so that it is useless to unauthorized users.
- Do not let anyone access the system under your identity (that is, log in with your PIN and a token code from your SecurID (Key Fob).
- It is essential to
- Your RSA SecurID (Key Fob) token contains delicate and sophisticated instrumentation. The token casing, LCD and silicon chip will break if abused. Protect your key fob from physical abuse. Do not immerse it in liquids, do not expose it to extreme temperatures, and do not put it under pressure or bend it. I hereby acknowledge receipt of the above numbered SecureID (Key Fob) Token and its associated PIN, and I acknowledge receipt of the instructions and agree to abide by the rules for use. Signature: x
Printed Name: x
This sample policy is continued in Part Seven.
Dig Deeper on Information Security Policies, Procedures and Guidelines