Versions Compared

Old Version 17

changes.mady.by.user Adam Slagell

Saved on

compared with

New Version 18

changes.mady.by.user Adam Slagell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The privacy of other staff must also be respected, and unauthorized snooping of traffic or communications of fellow staff is a serious offense that will be reported to HR. This includes unauthorized video and audio recording as well as network traffic recording or any means of superseding ones authorizations to look at digital files they should not access. Some types of unauthorized recording are a criminal offence in Illinois and could also be reported to the authorities.

...

  • Policy
    • privacy
      • Privacy of users/ customer data
      • Privacy of others & snooping
      • FOIA
      • Security team respects privacy
        • network monitoring
        • Cameras
        • investigations
        • vulnerability scanning, including passwords
    • Appropriate use of systems/accounts/services
      • authentication credentials
        • No sharing
        • no cleartext storage
        • no clear text email/xfer
      • hacking/exceeding authority
        • includes violating permissions & impersonating others
        • using to attack others
      • personal use and ethical consideration
        • University ethics office
        • not making money, inline with mission of the university
    • Service operation
      • BE aware of laws and privacy of users
      • follow network security policies
      • involve security in planning process
      • change control as appropriate
      • production servers belong in a RAF room, see network zone policy
    • Equipment registered to you
      • Follow best practices and maintain updates, follow university policies
      • screen locks on mobile devices, leaving office doors open
      • taking home
      • Done with it, broken or lost
        • surplus & wipe
        • xfer equipment
      • ethical use
      • Personal equipment implications
    • Information/Data
      • Follow university policy
        • includes printed materials and physical locks
      • Notify of high risk or confidential data
      • backup important
      • encryption on backup & mobile
      • approved third parties like box
    • employee exit
      • authorizations
      • keys
      • email lists
      • property return
  • Authority & Consequences
    • revoked accounts, privileges, taken off network, reported to HR
    • PA only has authority to speak with the public directly or the DO
  • Exceptions process
  • Review & update
  • References

...