Resource Security Policy - Desktops, Terminals, and Devices

Introduction | Purpose | Definitions | Systems | Networks | Desktops, Terminals, and Devices | Data | Applications | Access Control | Notifications | Sanctions | Ongoing

Security of Desktops, Terminals, Client Devices, Voice Devices, Modems and Facsimile Machines

1. Each data or system manager, as appropriate, who is responsible for the maintenance of desktops, terminals, client devices, voice devices, modems and facsimile machines will institute appropriate safeguards to ensure that these devices are not misused, abused, or compromised.
2. Each data or system manager, as appropriate, who is responsible for the maintenance of desktops, terminals, client devices, voice devices, modems and facsimile machines will institute appropriate safeguards to ensure that access to the devices is limited to authorized users.
3. Each data or system manager, as appropriate, who is responsible for the maintenance of desktops, terminals, client devices, voice devices, modems and facsimile machines, will conduct periodic reviews of implemented security plans, measures, procedures and controls.
4. Each data or system manager, as appropriate, who is responsible for the maintenance of desktops, terminals, client devices, voice devices, modems and facsimile machines, must initiate an investigation of any suspected security breach involving those desktops, terminals, client devices, voice devices, modems and facsimile machines and is responsible for documenting the suspected breach and actions taken. Under these circumstances, the data or system manager shall notify his/her dean or supervisor as well as the Information Security Officer regarding the suspected breach.
5. As desktops, terminals, client devices, voice devices, modems and facsimile machines are removed from service or redeployed, each data or system manager, as applicable, is responsible for ensuring that confidential or sensitive information has been removed from the equipment.