Versions Compared

Old Version 26

changes.mady.by.user Adam Slagell

Saved on

compared with

New Version 27

changes.mady.by.user Adam Slagell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The privacy of other staff must also be respected, and unauthorized snooping of traffic or communications of fellow staff is a serious offense that will be reported to HR. This includes unauthorized video and audio recording as well as network traffic recording or any means of superseding ones authorizations to look at digital files they should not access. Some types of unauthorized recording are a criminal offence in Illinois and could also be reported to the authorities.

Only the NCSA Public Affairs department or Director's Office has the authority to speak to the public about an ongoing security incident investigation. While the Security Office may share information with trusted partners or law enforcement to resolve an incident, they do not speak to the public about an ongoing incident. And even after the incident, they only do so while respecting the anonymity of individuals.

Appropriate use of NCSA Systems & Services

...

NCSA accounts may or may not be deactivated, depending on the role they maintain with the Center. However, they must be removed from all staff groups in NCSA authorization systems and staff email lists. They will also be removed from any non-staff NCSA email lists unless the list owner approves of their continued membership.

...

  • revoked accounts, privileges, taken off network, reported to HR
  • PA only has authority to speak with the public directly or the DO

...

Violations

The NCSA Security Office has the right and responsibility to take systems offline that are either attacking or causing harm to others and those of persons violating NCSA security policies. While due effort is made to notify system owners before taking a host offline, this is not always possible in an emergency.

Depending upon the severity, type and recurrence of a violation, the Security Office may report the issue to supervisors, HR, senior management or even law enforcement.

Exceptions Process

There are exceptions and special cases to any policy. Requests for exceptions should be made to the Security Office and may be approved by either that office or the NCSA Director's Office.

Updates

This policy is reviewed annually by the Security Office. Feedback is solicited from the IT Operations Board for any recommended changes. New versions are approved by the NCSA Director's Office.

References

 

...