Staff contracts & code of conduct ensuring secure organisation systems

Started by mrapoc, Jun 25, 2009, 00:00:36

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

mrapoc

Jun 25, 2009, 00:00:36
Hey guys

I'm a bit stuck on this little question which I need to answer for college.

QuoteHaving a staff contracts and a code of conduct can assist the production of a secure organisation computer system in these ways:
1.   A staff contract can legally bind staff to appropriate use of the computers. If at any point the staff member breaks this contract, knowingly or unknowingly, they can be disciplined according to the contract. This should generally ask as a deterrent too as staff will/should be aware their limitations.
2.   A code of conduct does a similar job. It will be in place so that staff either initially know what they can or cannot do, to avoid the trouble of breaking the rules, or the code of conduct can be used as evidence in the occurrence of somebody actually breaking the rules.

Is what I have so far, I need five reasons however and I'm stumped as to how much more I can add  :rant2:

Any guidance/hints what so ever appreciated  :)

Simon

#1
Jun 25, 2009, 00:14:28
Well, the first two have got me worried!  ;D

How abou mentioning security, confidentiality, privacy issues?
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

mrapoc

#2
Jun 25, 2009, 00:20:24
Sorry I did not include the actual question:

QuoteContinue your report to describe at least 5 ways staff contracts and a code of conduct can assist the task of ensuring secure systems at an organisation.


So yeh its basically all about how they can make the system secure

perhaps i could say about how it can detail the type of sites that are off limits to prevent infection from trojans etc.

could also say how content on usb drives could be limited, again to avoid the spread of trojans etc.

perhaps the contract/code of conduct could make some areas off limits to staff so that they don't have access to server rooms and the like

Simon

#3
Jun 25, 2009, 00:27:44
Yup, it's also about confidentiality though, not letting passwords slip, keeping portable data safe, etc.
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

john

#4
Jun 25, 2009, 00:31:10
A code of conduct defines what staff can and cannot cannot use a computer for. Staff may not be permitted to use IT equipment for purposes  other than in connection with their work but are usually prohibited from using it to transmit confidential data external to the company. Where they are permitted to use it for private use this usually excludes anything deemed to be offensive or criminal or which may bring the company into disrepute.

Staff are not normally allowed to download software etc which may contain malicious code or otherwise circumvent the companies IT security software/hardware.

mrapoc

#5
Jun 25, 2009, 00:31:55
Thanks guys sorted it now hopefully  :thumb:

karmic
Print
Go Up Pages1
User actions