Here is the third part of a sample security policy for end users, submitted by searchSecurity member Nap van Zuuren. Give it a read and tell us what you think by rating it at the bottom of the page. And, don't miss the rest of the policy; follow the link below.
The remote access control to the
All hardware devices acquired for or on behalf of the company or developed by company employees or contract personnel on behalf of the company is, and shall be, deemed company property. All such hardware devices must be used in compliance with applicable licenses, notices, contracts and agreements. VIII.a. Purchasing
All purchasing of company computer hardware and software shall be centralized with the assigned
The following list shows the standard hardware configuration for company computers (excluding test computers) that are fully supported by the assigned
1) Desktop equipment
1a) Peripheral equipment, such as (Network) Printer(s)
IX. Outside equipment
No outside equipment may be plugged into the company's network without the express authorization of the Network Administrator (1). X. Outside connections
It is the end user's responsibility to disconnect any type of modem connection when also having an activated
(2) Administration of the
(3) Purchasing Hardware & Software: x
(4) Installation of Software: x XII. Violations and penalties
Penalties for violating the Software/Hardware Policy will vary depending on the nature and severity of the specific violation. Any employee who violates the Software/Hardware Policy will be subject to: (i) Disciplinary action as described in the company's employee handbook, including but not limited to reprimand, suspension and/or termination of employment. (ii) Civil or criminal prosecution under applicable law(s).
This sample policy is continued in Part Four.
Dig Deeper on Security Awareness Training and Internal Threats-Information