SEHD Wiki

A source for policies, procedures, handbooks and other resources from the School of Education and Human Development

User Tools

Site Tools

You are here: Welcome to the SEHD Wiki! » SEHD Policies and Procedures » Data Privacy Policies » Workstation Security Configuration
policy:data_privacy:workstation_security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
policy:data_privacy:workstation_security [2019/03/28 19:24] – created tonyromeropolicy:data_privacy:workstation_security [2019/06/13 17:26] (current) tonyromero
Line 1: Line 1:
-====== Policy Template ======+====== Workstation Security Configuration ======
  
-Here's some formatting stuff to show off what a policy could look like.+===== Applicable University of Colorado Denver Policies =====
  
-===== Sub Heading =====+==== University of Colorado IT Security Program Policy ====
  
-:!: **Important: **Lorem ipsum dolor sit amet, consectetur adipiscing elitAenean eu eleifend orci, vel scelerisque nisiPraesent finibus euismod auctor. Cras leo massa, auctor eu cursus nec, volutpat eu sapien. Cras mollis euismod diam, eu viverra elit ornare sit amet. Mauris vel dolor vel magna molestie eleifend tempor vitae massa. Phasellus at lacus a libero pharetra imperdiet vitae sed lorem. Pellentesque eu dictum sem.+All data and information resources of the SEHD are subject to University of Colorado's IT Security Program policy, [[https://www.cu.edu/ope/aps/6005|APS-6005]]The policy states:
  
-**Note:** Lorem ipsum dolor sit ametconsectetur adipiscing elit. +> OrdinarilyHighly Confidential information shall not be stored on workstations and mobile computing devices (laptops, flash drives, backup disks, etc.) unless specifically justified for business purposes and adequately secured. If Highly Confidential information is stored on a workstation or mobile computing device or transmitted to an external network or organization, IT resource users shall encrypt or adequately protect that information from disclosure. If Confidential information is stored on a workstation or mobile computing device or transmitted to an external network or organization, IT resource users shall adequately protect that information from disclosure. In addition to encryption, adequate protections may include the use of passwords, automatic logoffs, and secure Internet transmissions.
-===== Headline =====+
  
-Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean eu eleifend orci, vel scelerisque nisi. Praesent finibus euismod auctor. Cras leo massa, auctor eu cursus nec, volutpat eu sapien. Cras mollis euismod diam, eu viverra elit ornare sit amet. Mauris vel dolor vel magna molestie eleifend tempor vitae massa. Phasellus at lacus a libero pharetra imperdiet vitae sed lorem. Pellentesque eu dictum sem.+==== University of Colorado Denver HIPPA Policy ====
  
-----+The most secure SEHD data are subject to the [[http://www.ucdenver.edu/research/Research Administration Documents/9.4 Workforce Security.pdf|UCD Workforce HIPPA policy]]. The policy states
  
-===== Various Underlines =====+> Computer workstations accessing ePHI must maintain security configurations that restrict access to ePHI to only those workforce members that have been legitimately granted access. Recommended security configurations include, but are not limited to:
  
-Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean eu eleifend orci, vel scelerisque nisi. Praesent finibus euismod auctor. Cras leo massa, auctor eu cursus nec, volutpat eu sapien. Cras mollis euismod diam, eu viverra elit ornare sit amet. Mauris vel dolor vel magna molestie eleifend tempor vitae massa. Phasellus at lacus libero pharetra imperdiet vitae sed lorem. Pellentesque eu dictum sem.+  * enabling password protected screen saver; 
 +  * setting computers or applications to automatically terminate a computing session after a set period of idle time; 
 +  * the use of campus standard anti-virus products; and 
 +  * applying security patches to computer software applications and operating systems
  
-===== List Items =====+> UCD ITS will disconnect workstations from the network that pose a threat to UCD information systems due to a suspected policy violation, workstation intrusions, virus infestations, and other conditions which might jeopardize UCD information or work.
  
-  - One +> Workstations storing ePHI or that may be used to access ePHI must be located in areas with controlled access. An electronic audit trail of access must be maintained. It is the responsibility of unit administrators to establish and enforce a facility security plan to ensure access to workstations under their jurisdiction is restricted to authorized users.
-  - something +
-  - three +
-  - eleven +
-  - five hundred((I'm adding a footnote to this list item, it will show up at the bottom.))+
  
-Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean eu eleifend orci, vel scelerisque nisi. Praesent finibus euismod auctor. Cras leo massa, auctor eu cursus nec, volutpat eu sapien. Cras mollis euismod diam, eu viverra elit ornare sit amet. Mauris vel dolor vel magna molestie eleifend tempor vitae massa. Phasellus at lacus a libero pharetra imperdiet vitae sed lorem. Pellentesque eu dictum sem.+==== SEHD Secure Data Server ====
  
----- +Any workstation that has access to the SEHD Secure Data Server must meet the requirements of the UCD HIPPA Policy.
- +
-==== Slightly Lower Header ==== +
- +
-|We can also use tables|for describing various policies| +
-| | | +
-| | | +
- +
-\\+
  
  
policy/data_privacy/workstation_security.1553801078.txt.gz · Last modified: 2019/03/28 19:24 by tonyromero