Workstation Security

Workstation Security

Posted by

VA Policy Home 

 

Workstation Security Policy Effective the 1st March 2008

Version Control Effective on 1st of November 2008

1.0 Purpose

The purpose of this policy is to provide guidance for workstation security for workstations in order to ensure the security of information on the workstation and information the workstation may have access to.

2.0 Scope

This policy applies to all employees, contractors, workforce members, vendors and agents within the network.

3.0 Policy

Appropriate measures must be taken when using workstations to ensure the confidentiality, integrity and availability of sensitivity information, including protected process oriented information and that access to sensitivity information is restricted to authorized users.

3.1 Workforce members using workstations shall consider the sensitivity of the information, including protected process oriented information that may be accessed and minimize the possibility of unauthorized access.

3.2 Vantage Agora will implement physical and technical safeguards for all workstations that access electronic protected health information to restrict access to authorized users.

3.3 Appropriate measures include:

  • Restricting physical access to workstations to only authorized personnel. (UWS ids are provided to the respective authorized persons which will be monitored in the end server using firewall VMware & Workgroup ASKVA)

  • Securing workstations (screen lock or logout) prior to leaving area to prevent unauthorized access.

  • Enabling a password-protected screen saver with a short timeout period to ensure that workstations that were left unsecured will be protected

  • Complying with all applicable password policies and procedures.

  • Ensuring workstations are used for authorized business purposes only.

  • Never installing unauthorized software on workstations.

  • Storing all sensitivity information, including protected process oriented information on client end server

  • Keeping food and drink away from workstations in order to avoid accidental spills.

  • Securing laptops that contain sensitivity information by using cable locks or locking laptops up in drawers or cabinets.

  • Complying with the Anti-Virus policy(Client end and the individual workstation end)

  • Client based applications are reset manually at the end of

  • Ensuring workstations are left logged off in order to save energy

  • Ensuring that all workstations use a surge protector (not just a power strip) or a UPS (battery backup).

  • If wireless network access is used, ensure access is secure by following the Wireless Access policy

  •  Wireless Access policy – Encrypted WEP key enabled (Provided on management’s approval)

4.0 Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

5.0 Definitions

Workstations include: laptops, desktops, PDAs accessing the Vantage Agora network.

Workforce members include: employees, volunteers, trainees, and other persons under the direct control of Vantage Agora

Harsha

Leave a Reply

Your email address will not be published.