My PERSONAL Computer
Data Security and Confidentiality Requirements
In order to promote the integrity and confidentiality of data and information of MY COMPUTER etc, ALL USERS OF MY DATA AND INFORMATION SYSTEMS MUST FOLLOW THE PRACTICES OUTLINED BELOW:
Ok, that all seems a bit dramatic, and the following may seem like over-kill. However, this is very similar to the policy you might find in any school, business or government department. It covers many things that the average user probably does not even consider as a security risk.
So read on - If you share your computer, or others have easy access to it, then ask yourself "How vulnerable might my PC, data, personal information (including passwords), really be?"
USE MY DATA ONLY FOR MY BUSINESS
Data originated or stored on MY computer equipment is MY property. Users will access only data which are required for their task. Users will not make or permit unauthorized use of any MY data.
Users will enter, change, and delete data only as authorized within their task responsibilities. They will not knowingly include or cause to be included in any record or report a false, inaccurate, or misleading entry, nor will they knowingly alter or expunge from any record or report, or cause to be altered or expunged, a true and proper entry.
BE RESPONSIBLE IN THE USE AND RELEASE OF MY DATA
Users will not release MY data (in any format) except as required in the performance of their task or as directed in writing by ME. Users will not remove an official record or report, or copy of one, except as may be necessary to perform their task. They will not exhibit or divulge the contents of any record or report to any person except in the conduct of their work assignment and in accordance with MY policies and procedures.
Users will abide by all applicable MY, State, and Federal guidelines, policies, regulations, statutes, and procedures pertaining to confidentiality and privacy. Users will maintain a clear understanding of the types of information which can be released.
MAINTAIN SECURITY FOR MY DATA
Users are responsible for protecting any access authorization and must take steps to prevent others from using such logons. Users will keep all passwords secret and not share them with others. If a user has reason to believe that others have learned any password, the user should contact ME immediately!!
Users will maintain security for MY data in their possession or to which they have access by protecting diskettes, tapes, forms and printouts from unauthorized access, by not leaving the PC signed on when unauthorized people could access it, by protecting files which contain a password, by relinquishing access when it is no longer needed, and by taking other precautionary measures necessary to protect or secure confidential and/or sensitive data.
PROTECT MY SOFTWARE
MY software is any software owned or leased by the ME. MY policy prohibits users from making or using unauthorized copies of MY software or related documentation. Users will access only that MY software required for their task, and will not make or permit unauthorized use of such software. Users will change or delete MY software only as authorized within their task responsibilities. Users will not release MY software (in any format) without explicit permission from ME. Users will maintain security for MY software in their possession or to which they have access by protecting software files (in any format) from unauthorized access.
Users will not aid, abet, or act in conspiracy with another to violate any part of these requirements.
So, "How vulnerable might your PC, data, personal information
(including passwords), really be?"
Ultimately, its only secure as you make it, or as vulnerable as you allow it to
be !