mirror of
https://github.com/strongdm/comply
synced 2024-11-10 18:04:54 +00:00
52 lines
1.7 KiB
Markdown
52 lines
1.7 KiB
Markdown
name: Workstation Policy
|
|
acronym: WP
|
|
satisfies:
|
|
TSC:
|
|
- CC6.8
|
|
majorRevisions:
|
|
- date: Jun 1 2018
|
|
comment: Initial document
|
|
---
|
|
|
|
# Purpose and Scope
|
|
|
|
a. This policy defines best practices to reduce the risk of data loss/exposure through workstations.
|
|
|
|
a. This policy applies to all employees and contractors. Workstation is defined as the collection of all company-owned and personal devices containing company data.
|
|
|
|
# Policy
|
|
|
|
a. Workstation devices must meet the following criteria:
|
|
|
|
i. Operating system must be no more than one generation older than current
|
|
|
|
i. Device must be encrypted at rest
|
|
|
|
i. Device must be locked when not in use or when employee leaves the workstation
|
|
|
|
i. Workstations must be used for authorized business purposes only
|
|
|
|
i. Loss or destruction of devices should be reported immediately
|
|
|
|
i. Laptops and desktop devices should run the latest version of antivirus software that has been approved by IT
|
|
|
|
a. *Desktop & laptop devices*
|
|
|
|
i. Employees will be issued a desktop, laptop, or both by the company, based on their job duties. Contractors will provide their own laptops.
|
|
|
|
i. Desktops and laptops must operate on macOS or Windows.
|
|
|
|
a. *Mobile devices*
|
|
|
|
i. Mobile devices must be operated as defined in the Removable Media Policy, Cloud Storage, and Bring Your Own Device Policy.
|
|
|
|
i. Mobile devices must operate on iOS or Android.
|
|
|
|
i. Company data may only be accessed on mobile devices with Slack and Gmail.
|
|
|
|
a. *Removable media*
|
|
|
|
i. Removable media must be operated as defined in the Removable Media Policy, Cloud Storage, and Bring Your Own Device Policy.
|
|
|
|
i. Removable media is permitted on approved devices as long as it does not conflict with other policies.
|