User devices: institutional devices used by employees should be labeled and recorded. Proper naming should be done, in accordance to advised network set up. They should not be used to illegally process, distribute, or store any data protected by copyright of intellectual property. These devised must not be used in any activities that contribute to decrease employee’s productivity.
Housekeeping rules: offices with ICT equipment should be locked to prevent theft and other risks; ICT equipment should not be placed next to air conditioners as humidity and heat can shorten the life of internal components; users should not eat, drink or smoke next to ICT equipment as these may causes safety risks; only damp cloths with suitable cleaning fluids shall be used when cleaning computer keyboards, screens, printers and other ICT equipment; whenever possible, ICT equipment should not be connected to the same electric power as other power consuming devices; all other ICT equipment taken into government premises should be identified and recorded at entrance security check point.
Stolen computers: in case of a stolen computer, the user should immediately report to the supervisor and to Rwanda investigation bureau (RIB) and to the administrator in charge; institution’s internal rules and regulations should be applied.
User responsibilities: users should ensure proper use of ICT equipment in accordance with all provisions of these guidelines; users are required to report any misuse of ICT equipment or alert IT managers of potential threats to ICT equipment; it is the user’s responsibility to seek guidance from IT department or any related division in the department when in doubt of what constitute acceptable or prohibited use of ICT equipment; while the physical and logical security of ICT equipment and data, is primarily a responsibility of the Government, users as well must take note that they share this responsibility.
IT department’s responsibility: IT departments in every government institution should implement mechanisms and technological controls to ensure, monitor and enforce compliance to ICT policy and these guidelines.
No Comments