Page 24 - DCAP516_COMPUTER_SECURITY
P. 24
Computer Security
Notes 2.5.1 User Policies
Define what users can and must do to use your network and organization’s computer equipment.
It defines what limitations are put on users to keep the network secure such as whether they can
install programs on their workstations, types of programs they can use, and how they can access
data. Some policies include:
Password Policies: This policy is to help keep user accounts secure. It defines how often
users must change their passwords, how long they must be, complexity rules (types of
characters used such as lower case letters, upper case letters, numbers, and special
characters), and other items.
Proprietary Information Use: Acceptable use of any proprietary information owned by
the company. Defines where it can be stored and where it may be taken, how and where it
can be transmitted.
Internet Usage: Use of internet mail, Use of programs with passwords or unencrypted data
sent over the internet.
System Use: Program installation, No Instant Messaging, No file sharing such as Kazaa,
Morpheus. Restrictions on use of your account or password (not to be given away).
VPN and remote user system use (remote access): Must be checked for viruses/trojans/
backdoors. Must have firewall, must have AV.
Acceptable use of Hardware such as Modems: No use of modems to internet without a
personal firewall.
2.5.2 IT Policies
These policies include general policies for the IT department which are intended to keep the
network secure and stable.
Virus Incident and Security Incident: Intrusion detection, containment, and removal.
1. prepare (policies, checklists/procedures)
2. identify (get evidence)
3. contain (pull off network, modify passwords)
4. eradicate (fix, determine cause, improve defenses, test for vulnerabilities)
5. recover (validate the system, monitor for re-infection)
6. lessons learned (make recommendations to prevent a similar incident)
Backup Policy: Define what to back up, who backs it up, where it is stored, how long it is
stored, how to test backups, what program is used to do backups.
Client Update Policies: Update clients how often and using what means or tools.
Server Configuration, Patch update, and Modification Policies (Security): Remove
unneeded services (harden server). What servers should have IDS. How is it determined to
do an update? What is done when someone works on the server?
Firewall Policies: What ports to block or allow, how to interface to it or manage it, who
has access to the control console.
Wireless, VPN, router and switch security, dmz policy, email retention, auto forwarded
email policy, ability for IT to audit and do risk assessment, acceptable encryption algorithms
18 LOVELY PROFESSIONAL UNIVERSITY
