Tft2 Task 1

1519 Words7 Pages
Updated Heart Healthy Information Security Policy Due to personnel, policy and system changes, and audits, Heart Healthy has voluntarily updated their information security policy to be in-line with the current information security laws and regulations. Currently Heart-Healthy Insurance, a large insurance company, plans to review and provide recommendations for an updated information security policy in the area ‘s of: Current New Users Policy The current new user section of the policy states: “New users are assigned access based on the content of an access request. The submitter must sign the request and indicate which systems the new user will need access to and what level of access will be needed. A manager’s approval is required…show more content…
Heart-Healthy’s Information Security Office will be responsible for management and administration of Heart-Healthy’s information security function(s). Heart-Healthy’s Information Security Office will be the chief point of contact for any and all security related functions. User Access Policy * Heart-Healthy users will be permitted access based on the principle of least privileges’ * Remote access or dial-in-services will be requested by Manager level positions and up, and approved by the Information Security Department. * End users are not allowed to re-transmit or extend any of Heart-Healthy’s network services. E.g. users will not attach hubs, switches, firewalls, access points to Heart-Healthy’s network without prior written authorization. * Users are not allowed to install any additional hardware or software without the express written consent from the Heart-Healthy information technology department. * All Heart-Healthy computer systems will conform to agency standards * End users are not allowed to download, install or run any programs that could potentially reveal or undermine Heart-Healthy’s in-place security system, e.g. packet sniffers, password crackers or network mapping tools are strictly forbidden. * All Heart-Healthy employees, 3rd party contractors are responsible for managing their information resources and will be held accountable for any information security violations or infractions Current

More about Tft2 Task 1

Open Document