|
Data Security Policy
|
The Security aspects will be delivered
using the following element within the overall solution.
|
|
|
There are no Floppy Drives in the Workstations
|
|
|
Personally owned Computers, handheld devices, tapes,
CDs and DVDs are prohibited from use on the dedicated
LAN
|
|
|
It is probibited to install software that is not authorized
by CLIENT for use on the dedicated workstations and
servers used for CLIENT
|
|
|
Copying of software or copyright materials for use
within the dedicated environment for CLIENT is illegal
|
|
|
Company confidential Information should not be taken
outside the dedicated environment for CLIENT on any
device (and whether by electronic or other means) without
approval of their Design Manager.
|
|
|
Virus protection must be used on all workstation and
servers used in the dedicated environment
|
|
|
All workstation and server should be kept in a safe,
secure and reliable environment.
|
|
|
Backup up daily and offsite storage is preferable.
|
|
|
Exchange of Design data between ABTS and CLIENT should
be over dedicated file share and not via public data
exchange, FTP, SMTP
|
|
Network Security
|
|
|
Internet VPN is established between Clients and ABTS
|
|
|
ABTS LAN is totally isolated from ABTS infrastructure
|
|
|
Direct access to CLIENT network by ABTS staff/systems
is blocked
|
|
|
ABTS email server is located on DMZ
|
|
|
ABTS file server is located on ABTS LAN
|
|
|
Internet access for workstations or server in the dedicated
LAN, except for AV updates and windows security updates,
is blocked
|
|
|
Data transfer or copy directly from Internet to dedicated
LAN is blocked
|
|
|
Stand-alone PC with R/RW CD drive will be provides
for Internet Access for Skype and data collection
|
|
|
CLIENT approved Configuration & Software is adopted
|
|
|
Remote access to the ABTS LAN is blocked
|
| |
Security Overlays for Network
|
Operational Check List
|
|
|
Each employee submits a signed 'new user creation'
form to Networking and Systems(N & S) team at the
time of joining ABTS
|
|
|
Based on this form N & S creates user name and
password
|
|
|
Each desktop access is controlled through a user name
and password
|
|
|
Each employee is given a unique user name to access
to desktop and the network
|
|
|
Each employee connects to the mail server designed
from its desktop for communicating within ABTS as well
as outside
|
|
|
Each employee uses his desktop hard disk for keeping
temporary / personal / help file
|
|
|
The contents of desktop hard disk are not considered
for backup
|
|
|
N & S team Sets-up password based BIOS parameters
access as well as changes for all the desktops
|
|
|
Employees cannot change the BIOS setting by themselves
|
|
|
Each desktop is connected to the local area network
|
|
|
Each desktop USB, CDROM drive and floppy drive are
disable
|
|
|
N & S team will control each desktop so as not
to access Internet
|
|
|
N & S team would arrange one stand alone Desktop
to access Internet
|
| |
Network Access Controls ---
|
|
|
Each employee is given a unique user name to access
the desktop and the network
|
|
|
N & S Person assigns the fileserver server access
to the project team members only. Not to another network
members
|
File Sychronisation
|
Common files system
between ABTS and Client will be achieved using avail(C)
Wide Area File System Software. This System will be
provide the following features :
|
|
|
Real - Time Mirroring
|
|
|
File -Locking across sites
|
|
|
Bit level replication
|
| |
| |
