Connection to the local area network (LAN): personal computers that have been out of office shall be automatically updated with the latest antivirus signature file by a server.
Computers: users should terminate active sessions or log out of their computers when moving away from the workstation unless they lock the computer in which case they would be required to re-enter the password. Offices, computer rooms and storage facilities should always be locked when unattended. Failure to apply necessary protection for equipment shall constitute neglect and the user may be held liable for the loss. In addition, all users should be responsible for the safety and custodianship of the laptop in the office and outside the office..
Standardization of hardware and software: IT administrators shall standardize computer software and hardware for users based on but not limited to job function, division and the least privilege principle.
Password requirement: minimum password recommended length is 8 characters; minimum complexity of password should use lowercase, uppercase, numbers, special characters such as!@#${}:”>?<; passwords should be created keeping the sensitivity in mind; maximum password age should not exceed 60 days; minimum password age is 2 days; a password safe should be used to keep the passwords in a safe. Computers should be locked and enabled when the user is not attending it or there is inactivity. Rules being applied to password should also apply to passphrases that are used for public/private key authentication such as VPN, or any other system.
Printers and scanners operation: users shall be required to share printers on the network based on physical proximity and division in order for resources optimization where applicable. IT administrators should ensure that all management interfaces of printers are protected by a password to prevent unauthorized use or configuration. Individuals must take care of efficient management of printing resources by only printing when a paper copy is necessary. Sensitive or classified printed documents shall immediately be removed from the printer after printing to prevent unwanted information disclosures. Only authorized maintenance personnel should carry out printer repairs.
No Comments