Go to main Enterprise Ireland site
 
Advanced Search
 
 
 

 
 
 
Key Messages
How-To Guides
Case Studies
Assessment Tools
Solutions Providers
Library
Advanced How To Guides

Internal IT Security Policy and Procedures

Sample Policy Document

2. PC and NOTEBOOK SECURITY

2.1 General
  • PCs and notebook computers must not be left unattended for long periods while signed-on e.g. during lunch, coffee breaks etc. Users must either logoff or activate a password-controlled screensaver if they are leaving their PC. The screensaver should be set to activate by default after 10 minutes of inactivity.

  • IT equipment must not be removed from "Company Name's" premises unless written approval has been received from the IT Department/relevant IT resource. An exception is made for authorised off-site back-ups providing they are adequately protected against unauthorised access. All notebooks must be signed for before being removed from "Company Name" premises. .
2.2 Software
  • Software must not be copied, removed or transferred to any third party or non-organisational equipment such as home PCs without written authorisation from the IT Department.

  • Only software that has been authorised by the IT Department may be used on PCs and notebook computers connected to the "Company Name" IT network.

  • Downloading of any executable files (.exe) or software from the Internet is forbidden without written authorisation from the IT Department/relevant IT resource. Staff may be given this authorisation based on their specific job requirements.

  • Regular reviews of desktop software are undertaken and the presence of unauthorised software will be investigated. "Company Name" reserves the right to remove any files or data from IT systems including any information it views as offensive or illegal.
2.3 Confidentiality
  • Confidential data held on computer media (e.g. floppy disk) must be stored securely when not in use.

  • PCs and notebooks for disposal must have the hard disk 'wiped clean' before they are distributed outside "Company Name"
2.4 Notebooks and Palmtops
  • All reasonable precautions must be taken to protect equipment against damage, loss and theft. The equipment must not be left unattended in any public place. Damage, loss or theft must be immediately reported to the relevant IT resource

  • "Company Name's" notebook computers are protected by the following arrangements (insert details). These must not be disabled.

  • Anti-virus software is installed on all notebook computers.

  • Data must be backed-up to the network on a regular basis and notebook users must ensure that the data on their notebook computers is adequately backed up.

  • Palmtop computers must be set with a switch on pin number and must not be used to store sensitive information.

  • All notebooks must be locked to a physically secure object when in use using the Kensington lock provided. Notebooks must be stored securely when not in use. Staff must not leave a notebook computer unattended at any time when not secured.
2.5 Computer Viruses
  • Corruption of PC's or notebook's data or software by malicious software (e.g. a computer virus or a worm) must be reported to the IT Help Desk/relevant IT resource.

  • Users are not permitted to disable or remove antivirus software under any circumstances.

  • Unauthorised screen savers are not permitted, as they are a potential source of computer virus. If in doubt, please contact the IT Help Desk/relevant IT resource for advice.
<<<Previous Start of Guide Next>>>


Legal | Contact | Sitemap
National Development Plan The Programmes of Enterprise Ireland are co-funded by EU Structural Funds