Please enable JavaScript.
Coggle requires JavaScript to display documents.
Topic:Policy Requirement (Area:Campus), AHMAD FAKHRURIZZUDIN, Ivan Khoo -…
Topic:Policy Requirement (Area:Campus)
User Security Policies for Campus:
An User Security Policy identifies the rules and procedures for all individuals accessing and using an organization's IT assets and resources. Effective IT Security Policy is a model of the organization’s culture, in which rules and procedures are driven from its employees' approach to their information and work. Thus, an effective IT security policy is a unique document for each organization, cultivated from its people’s perspectives on risk tolerance, how they see and value their information, and the resulting availability that they maintain of that information.
The objectives of an User security policy is the preservation of confidentiality, integrity, and availability of systems and information used by an organization’s members. These three principles compose the CIA triad:
Confidentiality involves the protection of assets from unauthorized entities
Integrity ensures the modification of assets is handled in a specified and authorized manner
Availability is a state of the system in which authorized users have continuous access to said assets
The User Security Policy is a living document that is continually updated to adapt with evolving business and IT requirements. Institutions such as the International Organization of Standardization (ISO) and the U.S. National Institute of Standards and Technology (NIST) have published standards and best practices for security policy formation. As stipulated by the National Research Council (NRC), the specifications of any company policy should address:
Objectives
Scope
Specific goals
Responsibilities for compliance and actions to be taken in the event of noncompliance.
Working Hours Policy for Campus:
Sample Work Hours Policy:
By implementing an employee work hours policy, you ensure both that your business operations run smoothly and that your employees, both in-office and remote, stay happy and engaged. .
Start your policy with the number of hours per day and week for each type of employee.. If your workplace is seasonal, denote season-specific scheduling plans.
Next, outline expectations about when to arrive and when to leave the office, plus the amount of time you allow for lunch breaks and rest throughout the day.
Student can divide their time within to study or use it for part-time work.
You should also consider explaining overtime and whether you will allow workers to reach that number or if the cap will be 40 hours per week
If you set work standards and stick to them, your staff will be inclined to give their best efforts at the time you expect them to work
Physical security policy
Campus security: The Security Team operates a number of security systems in order to keep the School
premises and surrounding environs safe and secure for staff, students and visitors.
Closed circuit television (CCTV) - LSE uses CCTV systems around the campus (outside and inside buildings) covering many of the vulnerable areas, public access points and adjacent streets. The CCTV system and all its recordings are owned by LSE and the system is operated by the School's Security Team.
Purpose of CCTV - The LSE Security Team uses CCTV to protect life and property and to prevent crime. It is used for no other purpose. The images captured are recorded and retained in the event that they may be needed as evidence of criminal activity.
Privacy and Disclosure of Images - All images from the CCTV system are treated in accordance with the Data Protection Act of 1998. Under the Data Protection Act individuals, who have been monitored by a CCTV system, have a right of access to their recorded images. Requests to access recorded images must be made to the Head of Security. Futher information on the Data Protection Act and the School's policy can be found here:
http://www2.ise.ac.uk/aboutLSE/dataProtection/Home.aspx
Convert Cameras - Convert cameras are not in general use around the campus. However, on occasion it may be necessary to operate such cameras for the purposes of detecting crime and/or apprehension of offenders. Before use, permission to use covert cameras will be obtained through the head of the relevant department or division. It will sited only for a specific time period and as necessary to the operation. Recordings from convert CCTV cameras will be treated in accordance with The Data Protection Act of 1998.
Alarms - The Security Team operates a number of perimeter breach, intruder and panic alarms which are monitored 24/7/365 from the Security Control Room. Security will respond immediately to the activation of these alarms.
Security Patrols - Members of the Security Team will carry our regular overt patrols of the buildings and campus environs in order to provide a visible deterrence to criminal activity. They will also carry out covert operations as part of the efforts to keep the campus crime free.
FATIN NUR ATHIRA
DATA PROTECTION SECURITY IN CAMPUS
Big data comes with big responsibilities beyond that of having the technical infrastructure and tools that make data analytics possible.
As the value of data increases, so do information security risks. To mitigate those, campuses have to tighten their cybersecurity measures, which should also prompt on-campus discussions about related privacy measures.
For example,We need to began use phone sensors and Wi-Fi networks to monitor student performance and behavior, some campus community members expressed immediate concern.
emerging best practice
is to establish a separate privacy program led by a privacy officer who can monitor and advocate for data privacy compliance, training and enforcement.
Layering transparent policies
data collection, access, monitoring and sharing with security systems is also key to upholding stakeholder trust.
campuswide training on data privacy for staff, faculty and students can educate them on data management risks.
learn about state and federal laws
the Family Educational Rights and Privacy Act and understand security protocols such as different forms of encryption and authentication.
By recognizing how security and privacy work together, along with being transparent about student data, colleges and universities
develop best practices for data protection while keeping their students’ best interests in mind.
SYMBOL
FAIQAH BINTI FAIZAM
IT Security policy in campus
provide policy to secure sensitive information of campus employees , students and other affiliated with the university and to prevent the loss information that is critical to the operation of university
protect the integrity and validity of campus data
assure the security and protection of sensitive information in the campus whether in electronic, paper or other forms
prescribe mechanism which help identify and prevent the compromise of information security and the misuse of campus data , applications , networks , and computer systems
users will ensure sensitive information is secure and the integrity of records is safeguard in storage and transmission
users who handle sensitive information are responsible for The proper handling of this data while under their control .
refers to data security section of appendix B for specific data security requirement
AHMAD FAKHRURIZZUDIN
Ivan Khoo