Professional Documents
Culture Documents
Desktop Security Policy
Desktop Security Policy
1 OBJECTIVE
Desktops are an important source of information and their use allows them to be an ideal staging point
for intrusions and attacks. Desktop users use services like the Internet and e-mail, which can potentially
result into threats like viruses being downloaded, worms exploiting un-patched systems, hostile websites
exploiting data and so forth. This policy is intended to ensure minimum acceptable level of protection to
all desktops within Goldstone technologies and an enhanced standard of protection to critical desktops.
2 SCOPE
This policy covers all desktops used within all Goldstone Technologies facilities.
3 APPLICABILITY
All information, IT assets (both Hardware and Software) and physical infrastructure assets shall be
provided adequate security.
5 DETAILED POLICY
This policy shall be implemented and enforced through processes and procedures set by Goldstone
Technologies.
The classification for desktops within Goldstone is as below:
Critical: The systems, compromise of which will result into loss of business or legal breaches or
render an important business function or project disrupted for an unacceptable/long period.
Page 1
-------------------------------------------------------------------------------------------------
Common for all Desktops
All desktops shall have password protected Screen Savers with timeouts of 5 minutes or less.
The operating system of all desktops in Goldstone shall remain up to date with latest Service packs,
Patches, Hot-fixes.
All desktops shall be sited behind the main firewalls and protected from external networks. Desktops
outside the Goldstone firewall must have personal firewalls and hardened configurations.
All desktops shall have authorised anti-virus software installed and configured with latest signature
updates.
All desktop users should not share their hard drives. The GH should approve any exceptions.
All desktop users shall take back up of the critical data in the space allotted on project or allocated file
servers.
Asset list of critical and non-critical desktops must be maintained. GIM must maintain traceability of the
owner.
All project related desktops shall be logically segregated based on clients requirements. Physical
segregations shall be as per Goldstone Physical Security policy.
All desktops media shall be formatted before re-allocating to other user.
All desktop users shall follow the Acceptable Usage Guidelines.
All desktop users shall change LAN, and other passwords, as recommended in the - Logical access
management policy.
Critical Desktops
All critical desktop users shall rigorously update all latest patches and hot fixes.
Critical desktops within Goldstone shall not have network shares.
All desktops shall have a boot-up (BIOS) password.
Critical or sensitive data shall be password protected and transferred to a folder, the inherited access right
to this folder shall be only to the user
GIM would audit desktops every three months on a sample basis.
For network shares on all non-critical desktops within Goldstone, appropriate rights shall be assigned.
Password protection shall be mandatory for all shares.
GIM would audit desktops every six months on a sample basis.
Page 2
-------------------------------------------------------------------------------------------------
Information Security Group Policy Ownership, Development and Maintenance
Desktop Management
Page 3