If in doubt contact C&MS team firstname.lastname@example.org
The DO'SDO Understand that Information Systems Security and Confidentiality is EVERYONE's responsibility. DO Ensure that new and existing staff members who are your responsibility, read and understand all the relevant policies and procedures.DO Report immediately any threat to, or breach of information system security to your line manager.DO Ensure that the equipment on your desk, in your office or work area and which you use as part of your job is kept as secure as possible. DO Ensure that all visitors are supervised and do not gain access to restricted areas (e.g. Data Communication Rooms, Computer Rooms) without prior approval from CS.DO Ensure that equipment taken off-site is booked in and out using the approved system(s). DO Ensure that 'condemned' equipment follows the "Disposal policy for IT Equipment". DO Ensure that data held on local disks of PC's, laptops or notebook computers are backed up regularly. Preferably, do not store any data on local disks at all. DO Store floppy disk(s), USB drives, tapes and CDs et al in a secure environment. DO Be selective when transferring information to removable disks, tapes or CDs for use on other systems. Always ensure that such media is kept in a secure environment. DO Keep your password(s) secure and change them regularly. DO 'Lock' or Log out of your PC when leaving your desk or work area (use the Windows + L keys together to lock the machine). DO Dispose of printouts containing personally identifiable data securely by shredding. DO Report any emails containing obscene material to your line manager or supervisor. DO Delete or forward emails containing obscene material to your line manager or supervisor. The DONT'SDON'T Assume that the responsibility for information systems security rests with someone else. DON'T Position or leave computer equipment where it may be easily overlooked, damaged or stolen. DON'T Leave visitors unattended in areas where computer equipment is kept or used. DON'T Allow visitors to enter secure areas (e.g. Computer Rooms) without the prior approval of a member of CSDON'T Dispose of computer equipment without consulting and following the "Disposal policy for IT Equipment". DON'T Ignore potential or actual breaches of security or confidentiality. DON'T Install modems onto computers or connect your PC to any external data communications network without obtaining authorisation and necessary security software (secure login & virus software). DON'T Forget to make back-up copies of data held on internal disks (e.g. C: Drive). DON'T Leave removeable disks, tapes CDs or print outs on your desk unattended. DON'T Throw removeable disks, tapes or CDs away unless they have been reformatted. If in doubt ask for assistance. DON'T Reveal your password to anyone else. DON'T Provide access to applications to other users.