Upload
joeblow1234
View
344
Download
0
Tags:
Embed Size (px)
Citation preview
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions E-mail and usage Policy
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions E-mail and usage Policy
______________________________________________________ Lisa Wessel
Prepared by Lisa Wessel
______________________________________________________ Rick Kramer President
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 PREFACE
LSR Tech Solutions has strict e-mail policies and believes in keeping its customers and employee up to date and safe from e-mail scams, fraud, privacy, and to provide guidelines to a acceptable use policy. It is essential for LSR Tech Solutions employees, staff, customer, contractors by providing guidance, support, and technical expertise in the proper use of its e-mail. This particular document, LSR Tech Solutions Policy guidelines, is a supporting document designed to help employees, staff, customers, and contractors to understand the policies and standards required to use LSR Tech Solutions any and all e-mail servers including e-mail set-up processes. Understanding these policies and standards is an ongoing process, so we encourage customers, employees, and contractors to contact the IT department in order to ensure their successful use of LSR Tech Solutions E-mail Servers.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
TABLE OF CONTENTS
Table of Contents DOCUMENT HISTORY LOG .................................................................. ERROR! BOOKMARK NOT DEFINED.
LSR TECH SOLUTION E-MAIL ACCEPTABLE USE POLICY .................................. ERROR! BOOKMARK NOT DEFINED.
PREFACE ................................................................................................... ERROR! BOOKMARK NOT DEFINED.
1.0 INTRODUCTION ...................................................................................................................................................... 51.1 PURPOSE ................................................................................................................................................................ 51.2 SCOPE .................................................................................................................................................................... 51.3 ACCOUNT ACTIVATION/TERMINATION ................................................................................................................. 5DEFINITIONS AND ACRONYMS ..................................................................................................................................... 62.0 DEFINITIONS .......................................................................................................................................................... 62.1 ACRONYMS ............................................................................................................................................................ 72.2 GENERAL EXPECTATIONS OF END USERS ............................................................................................................. 72.3 APPROPRIATE USE ................................................................................................................................................. 72.4 INAPPROPRIATE USE .............................................................................................................................................. 72.5 MONITORING AND CONFIDENTIALITY ................................................................................................................... 82.6 RETENTION POLICY ............................................................................................................................................... 93.2 REPORTING MISUSE .............................................................................................................................................. 93.3 FLOW CHART APPROPRIATE USE OR INAPPROPRIATE ........................................................................................ 10
3.4 Disclaimer ........................................................................................................................................................... 11LSR Tech Solution assumes no liability for direct and/or indirect damages arising from the user’s use of LSR Tech Solutions e-mail system and services. Users are solely responsible for the content they disseminate. LSR Tech Solutions is not responsible for any third-party claim, demand, or damage arising out of use the LSR Tech Solution’s e-mail systems or services. .............................................................................................................................................. 11
3.5 FAILURE TO COMPLY .......................................................................................................................................... 113.6 E-MAIL USER AGREEMENT .................................................................................................................................. 12
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 E-mail Acceptable Use Policy 1.0 Introduction In order to protect its customer’s and its employees and staff and all other suppliers LSR Tech Solutions e-mail is perhaps the most commonly used application in our companies workplace. It is essential business tool for LSR Tech Solutions, but a potentially dangerous one if mismanaged. Conscientious management by way of a clear and comprehensive policy is essential. This policy provides a structure for defining our organization’s e-mail Acceptable Use Policy. 1.1 Purpose E-mail is a critical mechanism for business communications at LSR Tech Solutions. However, use of LSR Tech Solution’s electronic mail systems and services are a privilege, not a right, and therefore must be used with respect and in accordance with the goals of LSR Tech Solutions. The objectives of this policy are to outline appropriate and inappropriate use of LSR Tech Solutions e-mail systems and services in order to minimize disruptions to services and activities, as well as comply with applicable policies and laws. 1.2 Scope This policy applies to all e-mail systems and services owned by LSR Tech Solutions all e-mail account users/holders at LSR Tech Solutions (both temporary and permanent), and all company e-mail records. 1.3 Account Activation/Termination E-mail access at LSR Tech Solutions is controlled through individual accounts and passwords. Each user of LSR Tech Solutions e-mail system is required to read and sign a copy of this E-mail Acceptable Use Policy prior to receiving an e-mail access account and password. It is the responsibility of the employee to protect the confidentiality of their account and password information. All employees of LSR Tech Solutions will receive an e-mail account. E-mail accounts will be granted to third-party non-employees on a case-by-case basis. Possible non-employees that may be eligible for access include:
Contractors.
Customers.
Outside Sales Staff.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 Applications for these temporary accounts must be submitted to management or e-mail [email protected] for all terms, conditions, and restrictions governing e-mail use must be in a written and signed agreement. E-mail access will be terminated when the employee or third party terminates their association with LSR Tech Solutions unless other arrangements are made. LSR Tech Solutions is under no obligation to store or forward the contents of an individual’s e-mail inbox/outbox after the term of their employment has ceased. Definitions and Acronyms 2.0 Definitions
Term Definition
Appropriate
Use
Communicating with fellow employees, business partners of LSR Tech Solutions, and clients within the context of an individual’s assigned responsibilities.
Inappropriate
Use
Excessive personal use of LSR Tech Solutions e-mail resources. LSR Tech Solutions allows limited personal use for communication with family and friends, independent learning, and public service so long as it does not interfere with staff productivity, pre-empt any business activity, or consume more than a trivial amount of resources.
Monitoring and
Confidentiality
The e-mail systems and services used at LSR Tech Solutions are owned by the company, and are therefore its property. This gives LSR Tech Solutions the right to monitor any and all e-mail traffic passing through its e-mail system.
Organization A company, corporation, firm, enterprise or institution, or part thereof (whether incorporated or not, public or private) that has its own function(s) and administration.
Policy E-mail Acceptable use policy is intended to provide a safe and enjoyable e-mail service to LSR Tech Solutions e-mail use.
General Expectations of
end users
E-mail users are responsible for mailbox management, including organization and cleaning.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 2.1 Acronyms Acronym Description
CEO
chief executive officer
2.2 General Expectations of End Users The enterprise often delivers official communications via e-mail. As a result, employees of LSR Tech Solutions with e-mail accounts are expected to check their e-mail in a consistent and timely manner so that they are aware of important company announcements and updates, as well as for fulfilling business and role-oriented tasks. E-mail users are responsible for mailbox management, including organization and cleaning. If a user subscribes to a mailing list, he or she must be aware of how to unsubscribe from the list, and is responsible for doing so in the event that their current e-mail addresses changes. E-mail users are expected to remember that e-mail sent from the company’s e-mail accounts reflects on the company. Please comply with normal standards of professional and personal courtesy and conduct. 2.3 Appropriate Use Individuals at LSR Tech Solutions are encouraged to use e-mail to further the goals and objectives of LSR Tech Solutions. The types of activities that are encouraged include: 2.4 Inappropriate Use
LSR Tech Solutions e-mail systems and services are not to be used for purposes that could be reasonably expected to strain storage or bandwidth (e.g. e-mailing large attachments instead of pointing to a location on a shared drive). Individual e-mail use will not interfere with others’ use and enjoyment of LSR Tech Solutions e-mail system and services. E-mail use at LSR Tech Solutions will comply with all applicable laws, all LSR Tech Solutions policies, and all LSR Tech Solutions contracts. The following activities are deemed inappropriate uses of LSR Tech Solutions e-mail systems and services, and are strictly prohibited:
Communicating with fellow employees, business partners of LSR Tech Solutions, and clients within the context of an individual’s assigned responsibilities. Acquiring or sharing information necessary or related to the performance of an individual’s assigned responsibilities. Participating in educational or professional development activities.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 2.5 Monitoring and Confidentiality
The e-mail systems and services used at LSR Tech Solutions are owned by the company, and are therefore its property. This gives LSR Tech Solutions the right to monitor any and all e-mail traffic passing through its e-mail system. This monitoring may include, but is not limited to, inadvertent reading by IT staff during the normal course of managing the e-mail system, review by the legal team during the e-mail discovery phase of litigation, observation by management in cases of suspected abuse or to monitor employee efficiency. In addition, archival and backup copies of e-mail messages may exist, despite end-user deletion, in compliance with LSR Tech Solutions records retention policy. The goals of these backup and archiving procedures are to ensure system reliability, prevent business data loss, meet regulatory and litigation needs, and to provide business intelligence. Backup copies exist primarily to restore service in case of failure. Archival copies are designed for quick and accurate access by company delegates for a variety of management and legal needs. Both backups and archives are governed by the company’s document retention policies. These policies indicate that e-mail must be kept for up to 1 year.
Use of e-mail for illegal or unlawful purposes, including copyright infringement, obscenity, libel, slander, fraud, defamation, plagiarism, harassment, intimidation, forgery, impersonation, soliciting for illegal pyramid schemes, and computer tampering (e.g. spreading of computer viruses). Use of e-mail in any way that violates LSR Tech Solutions policies, rules, or administrative orders, including, but not limited to, to the laws put in place by the federal or local State agency. Viewing, copying, altering, or deletion of e-mail accounts or files belonging to LSR Tech Solutions or another individual without authorized permission. Sending of unreasonably large e-mail attachments. The total size of an individual e-mail message sent (including attachment) should be 10MB or less. Opening e-mail attachments from unknown or unsigned sources. Attachments are the primary source of computer viruses and should be treated with utmost caution. Sharing e-mail account passwords with another person, or attempting to obtain another person’s e-mail account password. E-mail accounts are only to be used by the registered user. Excessive personal use of LSR Tech Solutions e-mail resources. LSR Tech Solutions allows limited personal use for communication with family and friends, independent learning, and public service so long as it does not interfere with staff productivity, pre-empt any business activity, or consume more than a trivial amount of resources. LSR Tech Solutions prohibits personal use of its e-mail systems and services for unsolicited mass mailings, non-LSR Tech Solutions commercial activity, political campaigning, dissemination of chain letters, and use by non-employees.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 2.6 Retention Policy The records of LSR Tech Solutions and e-mail records are important assets. Corporate record includes essentially all records documents you produce as an employee whether paper or electronic. A record may be as a memorandum, an e-mail, a contract or a case study, or something not as obvious, such as computerized desk calendar, an appointment book or an expense record. If LSR Tech Solutions discovers or has good reason to suspect activities that do not comply with applicable laws or this policy, e-mail records may be retrieved and used to document the activity in accordance with due process. All reasonable efforts will be made to notify an employee if his or her e-mail records are to be reviewed. Notification may not be possible, however, if the employee cannot be contacted, as in the case of employee absence due to vacation. Use extreme caution when communicating confidential or sensitive information via e-mail. Keep in mind that all e-mail messages sent outside of LSR Tech Solutions become the property of the receiver. A good rule is to not communicate anything that you wouldn’t feel comfortable being made public. Demonstrate particular care when using the “Reply” command during e-mail correspondence to ensure the resulting message is not delivered to unintended recipients. 3.2 Reporting Misuse Any allegations of misuse should be promptly reported to admin or Henry Cookie [email protected] . If you receive an offensive e-mail, do not forward, delete, or reply to the message. Instead, report it directly to the individual named above.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
3.3 Flow Chart Appropriate use or Inappropriate
What is the process for Inappropriate Use of the e-mail system?
Communicating with fellow employees, business partners of LSR Tech Solutions, and clients within the context of an individual’s assigned responsibilities.
Acquiring or sharing information necessary or related to the performed of an individual’s assigned responsibilities.
LSR Tech Solutions Appropriate Usage
Inappropriate Complete
Participating in educational or professional development activities
Use of e-mail for illegal or unlawful purposes, including copyright infringement, obscenity. These could be considered improper use of LSR Tech Solutions mail server or service, and will start the process of monitoring the e-mail account.
Use of LSR Tech Solutions to send unreasonably large e-mail attachments. The total size of an individual e-mail message sent (including attachment) should be 10MB or less.
Opening e-mail attachments form unknown or unsigned sources. Attachments are the primary source of computer viruses and should be treated with utmost caution.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 3.4 Disclaimer
LSR Tech Solutions assumes no liability for direct and/or indirect damages arising from the user’s use of LSR Tech Solutions e-mail system and services. Users are solely responsible for the content they disseminate. LSR Tech Solution is not responsible for any third-party claim, demand, or damage arising out of use the LSR Tech Solutions e-mail systems or services.
3.5 Failure to Comply Violations of this policy will be treated like other allegations of wrong doing at LSR Tech Solutions. Allegations of misconduct will be adjudicated according to established procedures. Sanctions for inappropriate use on LSR Tech Solutions e-mail systems and services may include, but are not limited to, one or more of the following:
1. Temporary or permanent revocation of e-mail access;
2. Disciplinary action according to applicable LSR Tech Solutions policies;
3. Termination of employment; and/or Discipline
4. Legal action according to applicable laws and contractual agreements.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 3.6 E-mail User Agreement
E-mail User Agreement
I have read and understand the E-mail Acceptable Use Policy. I understand if I violate the rules explained herein, I may face legal or disciplinary action according to applicable laws or company policy.
___________________________________________
Employee Name (print)
___________________________________________ __________________________
Employee Signature Date
_____________________________________________________
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions Employee Access to IPhone and IPad
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions Employee Access IPhone and IPad
______________________________________________________ Lisa Wessel
Prepared by Lisa Wessel
______________________________________________________ Rick Kramer President
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 PREFACE
A centralized LSR Tech Solutions Employee Access for iphone and ipad approval policy will help the IT department run efficiently and cost effectively. Absence of a well defined policy leaves the company open to numerous vulnerabilities, including employees having access to the appropriate systems for their job duties and responsibilities to keep LSR Tech Solutions against competitive competition. This policy will help the employees do their job and have the necessary access to the proper system to do their job accurately and stay competitive. Opening up access to the system will allow employees proper assistance to our customers.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
TABLE OF CONTENTS
PREFACE .................................................................................................................................................................. 13
1.0 SCOPE & PURPOSE ...................................................................................................................................... 51.1 Scope .............................................................................................................................................................. 51.2 Purpose .......................................................................................................................................................... 5
2.0 JOB TITLES, REFERENCES, DEFINITIONS AND ACRONYMS ............................................................... 52.1 Job Titles Workflow 2.2 References ...................................................................................................................................................... 52.3 Definitions ...................................................................................................................................................... 62.4 Acronyms ........................................................................................................................................................ 6
PROCESS ..................................................................................................................................................................... 7
PROCESS FLOWCHART ...........................................................................................................................................
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 1.0 SCOPE & PURPOSE 1.1 Scope This document applies to all employees that have access to IPhones and IPad and software programs to be able to perform their job duties to the fullest.
1.2 Purpose
The purpose of this policy is to address issues related to authorization and installation of any software that has yet to be approved by the IT department. The responsible party to authorize any access on LSR Tech Solutions systems will be the Network Administrator. 2.0 JOB TITLES, REFERENCES, DEFINITIONS and ACRONYMS 2.1 Job Titles
LSR Tech Solutions
President
Executive Vice President (CLO)
Vice President Internal Audit
VP/Human Resources
Customer Service Manager
Accounting Manager
Sales Manager
Sales Assistant
Receptionist
Customer Service
Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Network Admin
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 2.2 References
1. Policy – “All software to be installed must be approved by the IT department prior to installation and the designated supervisor.”If there is new software installed all templates will have to be updated according to job descriptions. All employees with the job description will have the same access on all of the LSR Tech Solutions software systems.
2. Level 3 Documents – LSR Tech Solutions Employee Access Authorization Request Form. All templates are stored in the G: Information Systems/Reports/Authorization Forms for ipad and iphone. All the templates have been developed and marked for all the systems that the employee will need access to. All of the templates have been approved by management and are reviewed on an annual basis. The management that reviews the templates are as follows: President, Executive Vice President, and Vice President.
3. Management will make the decision on employees who will have the the ability to have access to the iphone and ipad. The iphone will be rotated for the sales, customer service, warehouse and administration departments.
2.3 Definitions
Software Systems
Definition
Iphone Phone with the ability to have internet access and Ipod into one package Ipad A mobile device bigger than smart phone and smaller than a laptop. Also a
mobile device to have the ability to access the internet.
2.4 Acronyms Acronym Description IT Information Technology
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 Process Employee who would like the opportunity to learn the dynamics of the IPhone or IPad can request the option of trying out the IPhone or IPad. LSR Tech Solutions would like the employees and staff to be able to use the IPhone or IPad for selling and troubleshooting the product.
1. E-mail the help desk with the request of the access for IPhone or IPad. The e-mail address is [email protected].
2. The IT department will e-mail the appropriate employee access form for IPhone or
IPhone. The forms are stored in the G: Information System/Reports/Authorization Forms
3. The management will review the appropriate template, sign and return to the department to the Network Administration.
4. The Network Administrator will then issue the appropriate IPhone or IPad and create the phone number, user id and password depending on the IPad or IPhone access. The Network Administrator will give the IPhone or IPad to the employee and demonstrate how to use the IPhone or IPad works.
5. The IPhone and IPad should be used for business purposes only with limited personal usage. The IPhone and IPad usage will be monitored on a monthly basis. If the Network Administrator recognizes any illegal activity on the system the IPhone or IPad usage will be terminated immediately. Illegal activity includes any gambling, viewing any pornographic material or any other inappropriate materials.
6. Once the employee either terminates their position or no longer would like the IPhone or IPad the IPhone or IPad will have to be turned in to the Network Administration and passwords and authority and systems will have to be changed on the devices.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
Set Up User for Iphone or Ipad
Is the employee granted access for the iphone by one
of the management team
Yes No
Is the employee graned access for the ipad by one of the management
team
The Network Administrator will
setup and review the ipad rules and policy
No
End of Process
The Network Administrator will setup
the iphone and demonstrate and review
the rules and policy
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
Employee Name:
Supervisor Signature: __________________________
Management Approval: __________________________
Position and Location (Branch):
Date Needed By:
Date:
Termination Date: (if applicable)
Time Restrictions SignonTimes during the week 2:00 am - 03:00 am.
Times on Saturday 2:00 am - 03:00 am.Times on Sunday 2:00 am - 03:00 am.
Access to System Acct MaintenanceIphone xIpad
EMPLOYEE SYSTEM ACCESS FORM IPHONE OR IPAD
All Employees
Place an X in the box next to each system you have access to. Application/Service or support systems
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions Employee Access Authorization on Systems
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions Employee Access Authorization on Systems
______________________________________________________ Lisa Wessel
Prepared by Lisa Wessel
______________________________________________________ Rick Kramer President
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 PREFACE
A centralized LSR Tech Solutions Employee Access authorization approval policy will help the IT department run efficiently and cost effectively. Absence of a well defined policy leaves the company open to numerous vulnerabilities, including employees having access to the appropriate systems for their job duties and responsibilities to keep LSR Tech Solutions against any inhabited systems restrictions. This policy will help the employees do their job and have the necessary system to do their job accurately.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
TABLE OF CONTENTS
PREFACE .................................................................................................................................................................. 13
1.0 SCOPE & PURPOSE ...................................................................................................................................... 51.1 Scope .............................................................................................................................................................. 51.2 Purpose .......................................................................................................................................................... 5
2.0 JOB TITLES, REFERENCES, DEFINITIONS AND ACRONYMS ............................................................... 52.1 Job Titles Workflow 2.2 References ...................................................................................................................................................... 52.3 Definitions ...................................................................................................................................................... 62.4 Acronyms ........................................................................................................................................................ 6
PROCESS ..................................................................................................................................................................... 7
PROCESS FLOWCHART ...........................................................................................................................................
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 1.0 SCOPE & PURPOSE 1.1 Scope This document applies to all employees that have access to all the companies systems and computers and all the companies owned computers and related software programs.
1.2 Purpose
The purpose of this policy is to address issues related to authorization and installation of any software that has yet to be approved by the IT department. The responsible party to authorize any access on LSR Tech Solutions systems will be the Technical Analyst. 2.0 JOB TITLES, REFERENCES, DEFINITIONS and ACRONYMS 2.1 Job Titles
LSR Tech Solutions
President
Executive Vice President (CLO)
Vice President Internal Audit
VP/Human Resources
Customer Service Manager
Accounting Manager
Sales Manager
Sales Assistant
Receptionist
Customer Service
Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Network Admin
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 2.2 References
1. Policy – “All software to be installed must be approved by the IT department prior to installation and the designated supervisor.”If there is new software installed all templates will have to be updated according to job descriptions. All employees with the job description will have the same access on all of the LSR Tech Solutions software systems.
2. Level 3 Documents – LSR Tech Solutions Employee Access Authorization Request Form. All templates are stored in the G: Information Systems/Reports/Authorization Forms. All the templates have been developed and marked for all the systems that the employee will need access to. All of the templates have been approved by management and are reviewed on an annual basis. The management that review the templates are as follows: President, Executive Vice President, and Vice President
2.3 Definitions
Software Systems
Definition
Remote Deposit Capture
Electronic Banking of statement deposit to the bank through electronic scanning of checks received from our customers
Online Banking
Viewing transactions and statement through the internet connections
Pay Expert Payroll System to use to generate direct deposit for employees
2.4 Acronyms Acronym Description IT Information Technology
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 Process New employee hires or employees who change their job titles or job description will need the employee system access form.
1. E-mail the help desk on the with the new employees name and job title. E-mail [email protected].
2. The IT department will e-mail the appropriate employee system access form. The forms
are stored in the G: Information System/Reports/Authorization Forms
3. The management will review the appropriate template, sign and return to the department to the Technical Analyst.
4. The Technical Analyst will then issue the appropriate system and create the user ID and password. The Technical Analyst will e-mail the department supervisor with the user ID and password for the system the employee will be granted access to.
5. The department supervisor or employee in that designated department will train the employee on the appropriate system.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
Set Up User in LSR Tech Solutions
Is Internet Access
requested
Yes Go to Internet and grant Access
No
Is Accounting systems
requested
Yes Go to Accounts Payable, Online
banking and General Ledgers
No
Is Orders systems
requested
No Yes Go to
Internet and grant Access
End of Process
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
Employee Name:Supervisor Signature:
Position and Location (Branch): Date Needed By:
Date:
Time Restrictions SignonTimes during the week 2:00 am - 01:00 am.
Times on Saturday 2:00 am - 01:00 am.Times on Sunday 2:00 am - 01:00 am.
Computer Core System Acct Maintenance New Accounts Parameter Transaction InputInquiry x x x
General LedgerOrders x x x
Customer Service x x xPayroll x x xSales
AccountingEnd of Year Processing x x x
Accounts Payable/Accounts Receivablex x xx x x
All Employees/Human ResourcesPayroll ADP/EzlaborPayroll x
SupervioryPay Expert
Internet SystemsPlace X in the box next to system
LSR website designOnline Banking
Remote Deposit Capture Account
Application/Service or support systemsPlace an X in the box next to each system you have access to.
EMPLOYEE SYSTEM ACCESS FORM PRESIDENT
All Employees
_____________________________________________________
Place an X in the box next to each system you have access to. Application/Service or support systems
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions Password Policy
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
LSR Tech Solutions Password Policy
______________________________________________________ Lisa Wessel
Prepared by Lisa Wessel
______________________________________________________ Rick Kramer President
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 PREFACE
LSR Tech Solutions passwords are designed to secure LSR Tech Solutions computer systems. A poor password makeup may result in easy access and can compromise the entire computer network. Absence of a well defined policy leaves the company open to numerous vulnerabilities, including employees having access to the appropriate systems for their job duties and responsibilities to keep LSR Tech Solutions against any inhabited systems restrictions.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
TABLE OF CONTENTS
PREFACE .................................................................................................................................................................. 13
1.0 SCOPE & PURPOSE ...................................................................................................................................... 51.1 Scope .............................................................................................................................................................. 51.2 Purpose .......................................................................................................................................................... 5
2.0 JOB TITLES, REFERENCES, DEFINITIONS AND ACRONYMS ............................................................... 52.1 Job Titles Workflow........................................................................................................................................ 52.2 Definitions ...................................................................................................................................................... 52.3 Acronyms ........................................................................................................................................................ 6
PROCESS ..................................................................................................................................................................... 7
PROCESS FLOWCHART ...........................................................................................................................................
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 1.0 SCOPE & PURPOSE 1.1 Scope This document is designed for all personnel of LSR Tech Solutions who have or responsible for access that requires a password.
1.2 Purpose
The purpose of this policy is to establish a standard for strong password and protection of password and the changing of passwords. This is all set to protect LSR Tech Solutions systems. 2.0 JOB TITLES, REFERENCES, DEFINITIONS and ACRONYMS 2.1 Job Titles
LSR Tech Solutions
President
Executive Vice President (CLO)
Vice President Internal Audit
VP/Human Resources
Customer Service Manager
Accounting Manager
Sales Manager
Sales Assistant
Receptionist
Customer Service
Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Sales Assistant
Network Admin
2.2 Definitions
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
Software Systems
Definition
Web Passwords
Any sign on or membership on the internet.
Voicemail Telephone security for messages left over the phone Email Communication electronically through computer
2.3 Acronyms Acronym Description IT Information Technology
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010 Process All employees are required to have passwords to gain access to all computer systems that are available on the LSR Tech Solutions systems.
1. All system levels passwords must be changed every 90 days.
2. All user level passwords must be changed every 90 days.
3. User accounts accessed through websites must have unique password and should be changed periodically.
4. Passwords must not be sent in an email
5. All passwords us be use the preferred guidelines.
Guidelines Common usage of password include: user, web, email and voicemails.
1. Passwords should contain eight to fifteen characters both upper and lowercase characters along with a symbol ($, #, !).
2. Passwords should not use words in the dictionary.
3. Do not use personal information in your password.
4. Password should never be written down.
5. Do not user the remember password option when prompted.
If your password is compromised please report to Network Administrator and they can reset your password to change to new secure password.
Responsible Employee: Technical Analyst Subject: LSR Tech Solutions Effective Date November 27, 2010
Password for LSR Tech Solutions
Do you have a strong
password: See guideline
Yes No
Change the password to be secure. Is it secure password
Yes
No
End of Process
End of Process