Simple Guide for network security

Hi Experts,

I have been asked to type up a 'Janet & John' handbook on PC security, including- not attaching phones, logging off, shutting down and updates, password control etc.  we want a guide that can be rolled out to existing staff but more importantly can be given to all new starters.

can you guys take a look over my draft and suggest anything to add or any changes.

all suggestions welcome!

Best Regards,

Peggiegreg

__________________________________________________________________________________________________________________________

PC & Network Security at Sky Insurance

This document outlines briefly how we should interact with the work network via your devices. Remember it is the responsibility of the individual using the device to make sure it is not compromising security as well as being in a good working order. If your device is not working correctly then please report this straight away.

All PC's within the building handle confidential information, it is our responsibility to keep that information secure. Please follow the bullet points  below to make sure that your PC is functioning correctly.

- Turn it off every night.

Although this might sound obvious you will need to make sure that your PC is fully shutdown each night after use. This is to make sure that the PC has a chance to cool down and allows any security updates / patches to be implemented to the PC.

- Connecting devices.
Be very careful when plugging any device into your computer, any device could potentially be carrying a virus, this could directly attack our network and could cause huge problems. Think carefully if your device needs attaching before you do. For example, if you are able to charge your phone using a power socket then please use this instead off a USB port on the computer. If you do plug your phone/tablet in then make sure when the dialog box appears on the PC you click 'DO NOT TRUST'

- locking & logging on/off
Please make sure that you log your PC off if you are intending to leave your desk, at the least make sure you put the PC into a 'locked' state. Do not just turn the monitors power off. A shortcut to lock your PC is to press the 'Windows Key' at the same time as the 'L' button. It is your responsibility to make sure your account is not accessible by others.

- Passwords
All members off staff will have a password assigned to them, this password should not be changed as this can cause issues for management and IT if access to the account is needed. Do not disclose your password to anyone else, this is for your account only. Also make sure that you don't disclose any information regarding passwords and usernames to visitors or anyone outside of the organisation.

- Virus's & Malicious Software
Do not download or try to install any software on your PC's without consulting someone first. If your PC is underperforming or is experiencing from anything below then immediately escalate the issue;
- Pop Ups
- Webpage Change
- Icons changed
- Software opening up or asking to update which you haven't seen before
- slowness and crashing after installing an application
- Attachments on E-Mails that do not seem legit - DO NOT OPEN THE ATTACHMENT

- E-Mail, Faxing & Scanning
The easiest way to get information into the building/network and out by accident is through E-mail, faxing or scanning. Please be very carefully when doing these that you fully understand how to carry out the task. If you are using a scanner which also has a fax function then make sure you do not send any confidential information out of the building. In most cases it is not possible to retrieve data once it has left the building. If in doubt speak to a manager.

- Work Network
This is a work network, which means it is setup and operates in such a way that it is compliant in the areas it needs to be. The setup and security of the network does not operate in the same way that your home broadband would. With this in mind, do not use your PC's or the internet for anything other than what is meant to be used for, an example of miss-using this would be to download a music over the internet connection.
LVL 2
peggiegregAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
I changed quite a bit below to help make the document read smoothly. Please see what you think.



PC & Network Security at Sky Insurance

 This document outlines briefly how your devices should interact with our work network. Remember that it is your responsibility to make sure your device is not compromising network and office security and also to make sure that your device is in good working order. If your device is not working correctly, please report this right away [to ... give phone number or...].

 All computers within the building handle confidential information and it is our responsibility to keep that information secure. Please follow the bullet points  below to make sure that your computer is functioning correctly.

 - Turn it off every night.
 Although this might sound obvious you will need to make sure that your computer has been fully shut down each night after use. This is to make sure that the computer has a chance to cool down and allows any security updates / patches to be implemented to the computer.  [ how will this happen if off?  perhaps just log off ]

- Connecting devices.
 Be very careful when plugging any device into your computer because a device could potentially be carrying a virus. This could directly attack our network and could cause a significant problem. Think carefully if your device really needs to be attached before you do attach it. For example, if you are able to charge your phone using a power socket, then please refrain from using a USB port on the computer. If you do plug your phone or tablet into the computer, then make sure when the dialog box appears on the computer, you click 'DO NOT TRUST'

- locking & logging on/off
 Please make sure that you log off your computer if you are intending to leave your desk. At the very least make sure you put the computer into a 'locked' state. Do not just turn the monitor off. A shortcut to lock your computer is the 'Windows Key' and 'L' button at the same time. It is your responsibility to make sure your account is not accessible by others.

- Passwords
 All members of staff will have a password assigned to them.  This password should not be changed as this can cause issues for management and the IT staff if access to the account is needed. Do not disclose your password to anyone else as this is for your account only. Also make sure that you do not disclose any information regarding passwords and usernames to visitors or anyone outside of the organization.

- Virus's & Malicious Software
 Do not download or try to install any software on your computers without consulting a member of the IT staff first. If your computer is underperforming or is experiencing anything listed below, then please notify IT staff immediately:
 - Pop Ups
 - Webpage Change
 - Icons changed
 - Software opening up or asking to update which you haven't seen before
 - slowness and crashing after installing an application
 - Attachments on E-Mails that do not seem legitimate. Do not open attachments you do not understand or know where they come from

- E-Mail, Faxing & Scanning
 The easiest way to get information into and out of the building or network by accident is through E-mail, faxing or scanning. Please be very carefully when doing these things that you fully understand how to carry out the task. If you are using a scanner which also has a fax function then make sure you do not send any confidential information out of the building. In most cases it is not possible to retrieve data once it has left the building. If in doubt speak to a manager.

- Work Network
 This is a work network, which means it is setup and operates in such a way that it is compliant in the areas it needs to be. The setup and security of the network does not operate in the same way that your home broadband would. With this in mind, do not use your computers or the internet for anything other than normal work activities. An example of misuse of our network would be to download music or video over the internet connection.

Please let us know if we can help you in any way.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
peggiegregAuthor Commented:
@John Hurst,

this helped a lot, with regards to shutting the PC down for the updates. I meant to implement windows updated then by shutting the PC down and powering it back on in the morning it will apply updates.

I have taken most of the changes you put in on my amended document.

can you think of anything else that I should add in the guide? maybe another section that I haven't covered in the guide?
JohnBusiness Consultant (Owner)Commented:
@peggiegreg

You might consider adding a section on IT responsibilities (so users know you are part of a team).

IT staff are here to help you. We have XX members and YY members are available 5 days a week to help you with problems, install software you need and to assist with updates. They can be reached at phone1 and/or phone 2.

A sentence like this will help user know who to turn to. Most users are careful and responsible and just need assistance.
JohnBusiness Consultant (Owner)Commented:
@peggiegreg - Thanks and good luck with your guide. It should help users a lot.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Operations

From novice to tech pro — start learning today.