Information Security Management
Education and Awareness
Computer User's Security
Guide
Developed to inform users of their role
in protecting the state's informationresources.
ITSD Confidentiality Agreement
Formally documents a user's agreement
to protect the confidentiality of the state's information
resources and comply with information security policies and procedures.
- A logon banner is in the implementation process to remind users
of the proper uses for the state's information resources.
- The Information Security Management Office has championed a
legislative amendment to the state's Sunshine Law to exempt security
information from public disclosure. The current law is not clear
on how "public" passwords, PIN's and other confidential
system security codes are.
- ITSD Security Policies are being developed. These policies will
cover Access Control, Organizational Roles and Responsibilities,
Asset control and Classification, Business Continuity, Compliance
and Software and Hardware.
- At the direction of the ITAB Security Subcommittee, statewide
policies are being developed. These policies will cover Acceptable
Use, Trusted Networks, Firewall, Network Surveillance, Monitoring
and Anti-Cyberterrorism, Incident Handling and Response, Network
Certification and Auditing.
|
