LAPTOP AND DESKTOP SECURITY POLICY
|
Document Identification |
HSNZ/POL/25 |
|
|
Document Name |
Laptop Security Policy |
|
|
Master Copy |
CISO |
|
|
Version Number |
1.3 |
|
|
Date Of Release |
15 Aug 2023 |
|
|
Prepared By |
Eparama Tuibenau |
CISO |
|
Approved by |
Kevin McAfee |
Managing Director |
VERSION HISTORY
|
Sl No |
Version No. |
Prepared by |
Approved by |
Description of Version |
Date |
Reason for Version Change |
|
|
From |
To |
||||||
|
1 |
1.0 |
- |
CISO |
MD |
First Release |
14 Apr 2020 |
No changes made |
|
1 |
1.0 |
1.1 |
CISO |
MD |
Updated |
2 Aug 2021 |
Modifications due to changes in HealthSafe |
|
1 |
1.1 |
1.2 |
CISO |
MD |
Reviewed |
28 Jul 2022 |
Annual review |
|
1 |
1.2 |
1.3 |
CISO |
MD |
Reviewed |
15 Aug 2023 |
Annual review |
DOCUMENT STATUS
|
Date |
Document Status |
|
14 Apr 2020 |
Modified |
|
2 Aug 2021 |
Reviewed |
|
28 Jul 2022 |
Reviewed |
|
15 Aug 2023 |
Current |
Table of Contents
1 Purpose
2 Scope
3 Input
4 Output
5 Interacting Process
6 Abbreviations, Acronyms and Definitions
7 Procedure
8 Monitoring the Process
9 Records
- PURPOSE
The purpose of this document is to establish and maintain a policy for Laptop Security for HealthSafe NZ. - SCOPE
These procedures applies to all aspects of Laptop Security - ABBREVIATIONS, ACRONYMS AND DEFINITIONS
|
Abbreviation |
Description |
|
FH |
Functional Head |
|
IT |
Information Technology Department |
|
TL |
Team Lead |
|
CISO |
Chief Information Security Officer |
4 INPUT
HealthSafe NZ will be responsible for the safety of all information that is stored or accessed through the laptop.
5 OUTPUT
All users shall comply with the laptop policy in order to secure the information
6 INTERACTING PROCESS
Functional Head
7 PROCEDURE
- Users shall ensure that they comply with the policy without fail.
- Users shall ensure that laptops issued from HealthSafe are used only for HealthSafe company business purposes
- CISO reserves the right to withdraw the laptop privileges on conclusive evidence of activities beyond acceptable usage
Boot Controls
- Laptop systems shall be configured to require a unique password before the system boots.
- Laptops shall only be able to boot from the onboard hard-disk and not any other external media.
Physical Security
- Laptops shall be kept physically secure at all times.
- Laptop shall be carefully guarded when taken outside the office environment.
- Laptops should not be left unattended outside of business hours in any environment without being secured.
- Users shall be accountable for the theft or any damage to the laptop and their peripherals with the support of company insurance where required.
- Any such damage / theft of laptops shall be immediately reported to CISO or FH.
Antivirus
- The IT team ensures that laptops installed with the current updated version of CleanMyMac or CleanMyPC antivirus before giving the laptop to users.
- Users shall ensure that anti-virus software is updated regularly with the help of the IT team
Limitations
- Users shall not install / uninstall any hardware / software on the laptop that is not authorisation
- Laptop shall be subject to periodic inspections for appropriate usage by the IT team
Backup
- The sole responsibility of taking backups to the users' Google Drive for any critical information lies with the laptop users.
Network connectivity
- The laptop provided by HealthSafe will be part of HealthSafe domain
8 MONITORING THE PROCESS
- The IT department and FH monitor these processes
9 RECORDS
- NIL