4.6 Workstation Policy

00:01

Welcome back to I t Security policy on Cyber eri

00:04

We continue in module for this the work station security policy

00:08

with myself. Troy Lemaire

00:12

Learning objective for this policy. We're gonna look at the requirements on the work station

00:16

policy,

00:20

but we look at this sample policy from Sands

00:24

for work station security. This one is specific for hip hop

00:27

but can also be used as a general policy. Just has some O virgin coverage that will also apply to hip hop.

00:33

And

00:35

so the policies provide guidance work station security

00:38

in order to ensure the security of information on the workstation. Information the workstation may have access to

00:44

the policy provides guidance to ensure the requirements of hippos, Security rule work station security

00:52

If we look at the policy, appropriate measures must be taken when using workstations to ensure the confidential ality integrity and availability of sensitive information, including P. H. I.

01:03

Again, if you don't, if you're not a member of the organization that needs hippo requirements, you could take out this pH I portion and anywhere else inside of here. Or you could replace it with the term sensitive information as well.

01:19

Workforce members using workstations shall considered the sensitivity of the information, including protected health information that may be excess and minimize the possibility of unauthorized access.

01:30

Nobody will permit physical and technical safeguards.

01:34

Appropriate measures include restricting physical access, securing work stations,

01:38

enabling a password protection screen saver

01:42

applying with all optical password policies

01:45

during work. Stations are used for authorized business on Lee. Never insulting unauthorized software,

01:51

storing all sensitive information

01:53

in network server

01:55

and food and drink away scaring laptops,

01:57

lying with the portable workstation encryption policy If you need one of those

02:02

and complying with the baseline workstation configuration standard as well. If you need one of those

02:08

calling privacy screen filters,

02:10

exit running applications and close open documents, ensuring that all work stations use a surge protector

02:17

if wireless network access is used in sure that it meets the wildest communication policy. If you need to have a wireless communication policy, as you can see, looking at this is basically providing. Here's the do's and don'ts that you should have with a workstation on the network. It also has some additional Burbage in it. If you need tohave,

02:37

some type of hip a compliance,

02:38

but again you could be replaced the hip of portions and the pH I portions with just private information, sensitive information, secure information, anything like that. And it will meet your needs for a work station security policy.

02:57

So in summary, we looked at the work station security policy and looked at some of the things that are considered part of the requirements.

03:07

Workforce members using Workstation South consider the blank of the information

03:12

our first policy recap question

03:15

and the answer is sensitivity.

03:17

Our next recap Question

03:21

Company will implement blank and blank safeguards for all workstations that access Elektronik protected health information to restrict access to authorized users.

03:30

And that would be physical and technical safeguards.

03:36

Looking forward in our next lecture, we're gonna move on to module five, which is our last module, and that'll be applications security policies.