close

Вход

Забыли?

вход по аккаунту

?

Office Security, Facility and After Hour Access

код для вставкиСкачать
Office Security, Facility and
After Hour Access/ Visitor
Control and Guest Procedures
Security Awareness Series
Information Security Office
Visitor Control and Guest
Procedures
• Commercial or public buildings, like the
buildings on campus, are often the target of
opportunistic thieves.
• Thieves take advantage or the fact that
many trusting, unaware people often leave
their personal belongings in open, visible
places.
• Wallets and checkbooks are sometimes left
on a desktop or in a jacket on the back of a
chair or door; purses are often on the floor
next to a desk.
Information Security Office
Visitor Control and Guest
Procedures
• Unfortunately, these habits are an
invitation for trouble.
• No matter what type of security
program is implemented, there are no
foolproof measures, and nothing is
effective without the support of every
individual not to violate those
measures.
Information Security Office
Visitor Control and Guest
Procedures
• GUESTS must be checked in through
the proper procedures. This is for the
guests' protection as well as the
protection of the others.
• Politely ask anyone suspicious “May I
help you?”
• REPORT any suspicious unescorted
person or stranger at once.
Information Security Office
Visitor Control and Guest
Procedures
• DO NOT LEND the keys to your office or your
identification card to anyone.
• UNDER NO CIRCUMSTANCES should you
prop open any exterior door.
– Although it may seem harmless and convenient,
you are endangering both yourself and everyone
else.
– The exterior doors are locked for your safety.
– Neither should interior fire doors be propped
open. Doing so eliminates their effectiveness in
preventing the spread of fire or smoke.
Information Security Office
Office and Building Security
Information Security Office
Office and Building Security
Small offices and casual environment
and camaraderie can lead to false
sense of security.
Information Security Office
General Rules for Office
Security
• Id Badges worn at all times in visible
location.
• Escort visitors both to and from your
office.
• Prevent access of unauthorized visitors
(tailgating and piggybacking).
• Do not prop secured doors open.
Information Security Office
Tailgating and Piggybacking
• Tailgating occurs when an unauthorized
person enters a secure area by
following closely behind an authorized
cardholder.
• Piggybacking occurs when an
authorized person gains access to a
secure area and allows others to
follow—by holding open a secured door,
for example.
Information Security Office
General Rules for Office
Security
•
•
•
Don’t let anyone in if they can’t get
in themselves.
Everyone must show ID and insist
on seeing ID from people you don’t
know.
Don’t let strangers “mess” with
anything even if they do have an ID.
Information Security Office
General Rules for Office
Security
•
•
•
If access into your area requires a
badge, always keep the door
closed.
Politely challenge visitors.
Employees required to wear
badges should have them visible at
all times.
Information Security Office
General Rules for Office
Security
•
•
•
Escort visitors to departments. Don’t let
them wander around.
Lock office doors while not there.
Lock your workstation when away from
desk or cubicle.
Information Security Office
General Rules for Office
Security
• Don’t leave confidential data at printers,
fax and other equipment.
• Follow your defined process for
informing all necessary areas when an
employee leaves.
– Revoke access immediately when an
employee or contractor is terminated
or leaves for any reason.
Information Security Office
Suggestions To Reduce Your
Risk of Theft
• Keep your purse or wallet in a locked drawer
at all times.
• Carry only as much cash as you need for the
day, and only one credit card and check.
• Don't "flash your cash" or any credit cards or
personal information.
• Make a list of credit cards with pertinent
phone numbers and keep it in a safe place.
Update the list as needed.
Information Security Office
Suggestions To Reduce Your
Risk of Theft
• Don't leave packages or other valuables on or
around your desk or work area. Lock them in
the trunk of your car.
• Be attentive to any visitors who seem
confused or out of place. Address anyone you
don't know who may be wandering or looking
around your office. Note their appearance,
behavior, etc., and report any unusual activity
immediately.
Information Security Office
Suggestions To Reduce Your
Risk of Theft
• Immediately report any theft or other
criminal activity, inform your supervisor
or manager.
Information Security Office
After Hour Access
• After 5:30 PM, or on weekends.
• Plan in advance.
• If unplanned after hours access is
necessary, let someone know.
Information Security Office
ID Badges
It’s 9:00 p.m…..do you know where your ID
card is?
Information Security Office
Employee Identification
•
•
•
•
•
Photo ID’s assist in visual identification
of individuals at facilities.
Worn by all employees.
Politely request others to show you their
badge if it is not visible.
If ID badge is also access card, be
aware of access restrictions (after hours,
remote sites).
Report lost ID badge immediately.
Information Security Office
Visitor Control
Information Security Office
Visitor Control
•
•
•
•
Always escort visitors. Have them wait
in lobby for you and escort them back
when your business is completed.
Politely ask any stranger, “May I help
you?”
Encourage “sign in and out” and return
of visitor badge.
Notify visitor of applicable security
information (emergency exits, etc.)
Information Security Office
Incident Response
Information Security Office
Incident Response
Planning responses for different violation
scenarios in advance – without the burden
of an actual event – is good practice.
• Know who to report any attempted security
violation to – keep the number readily available
• Know what type of information to report (who, what,
when, where)
• Timing is important – you need to be prepared to
act quickly and accurately
Information Security Office
Some Simple Steps To
Protect Your Home While
On Holidays
The holiday season is a wonderful time of
year. It is also a time when people may
become careless and vulnerable to theft and
other crime. Use these tips as a guide to
holiday security.
Information Security Office
ATM Security
Information Security Office
пѓ�
пѓ�
пѓ�
пѓ�
пѓ�
пѓ�
Don't count your money at the ATM machine. If you
must use an ATM, choose one that is located inside
a police station, mall, or well-lighted location.
Withdraw only the amount of cash you need.
Do not throw your ATM receipt away at the ATM
location.
Using the drive-up is usually safer than walking up or
into a facility.
Remember to scan around you as you make your
withdrawal. If anyone is loitering, or you don't like
their looks, go to another ATM.
Protect your PIN by shielding the ATM keypad from
anyone who is standing near you.
Information Security Office
Shopping Security
Information Security Office
пѓ�
пѓ�
пѓ�
пѓ�
When using credit cards, make sure that only
one credit slip is printed with your charge
card.
Also, be sure to tear up any carbons that may
be used to complete the transaction.
Shop during daylight hours whenever
possible. If you must shop at night, go with a
friend or family member.
If you stop for a bite to eat be especially
aware of your wallet or handbag. Don't leave
handbags or shopping bags behind you.
Place them in front of you where you can see
them.
Information Security Office
пѓ�
пѓ�
пѓ�
пѓ�
Keys should not be carried in your purse. In the event
of a purse snatching, the thief will have your address
and keys to your home.
At this time of year, "con-artists" may try various
methods of distracting you with the intention of taking
your money or belongings. Avoid overloading
yourself with packages.
Be extra careful if you do carry a wallet or purse.
They are the prime targets of criminals in crowded
shopping areas, transportation terminals, bus stops,
on buses and other rapid transit.
Notify the credit card issuer immediately if your credit
card is lost, stolen or misused. Keep cash in your
front pocket. Pay for purchases with a check or credit
card when possible.
Information Security Office
пѓ�
пѓ�
пѓ�
пѓ�
пѓ�
Carry a minimal amount of credit cards and
avoid carrying large sums of cash.
Keep a record of all of your credit card
numbers in a safe place at home.
Do not carry a purse or wallet, if possible.
If you carry a purse, keep it in front of you and
close to your body.
When using public washrooms, use extreme
caution. Try to avoid putting your purse on
hooks or door handles.
Information Security Office
Workplace Security
Information Security Office
Keep personal items such as wallets,
handbags etc. in a locked and secure
area.
пѓ� Small electronic items such as laptops,
Palm Pilots, etc. should never be left
unattended.
пѓ� When leaving your office, even for a
short period, secure your valuables and
lock your office.
пѓ�
Information Security Office
Charity
Information Security Office
пѓ�
пѓ�
пѓ�
пѓ�
If solicited by an individual for personal charity, don't
give cash; offer to buy the individual food or drink or
refer them to local assistance resources.
Confine your charitable giving to reputable
established organizations, preferably those with a
local branch.
If solicited for an unfamiliar organized charity, ask for
literature so you can make an informed decision
about giving; any reputable organization will be glad
to provide material.
If solicited by telephone, do not give out credit card
numbers or personal information not listed in the
telephone directory, and don't allow the organization
to come to your home until you are certain of their
reliability. Instead, ask them to send you information
so you can make an informed decision and mail in
your donation.
Information Security Office
SEC-
-Y
If not you, who? If not now, when?
Information Security Office
Resources at the University of Arizona
Kerio Firewall
https://sitelicense.arizona.edu/kerio/kerio.shtml
Sophos Anti Virus
https://sitelicense.arizona.edu/sophos/sophos.html
VPN client software
https://sitelicense.arizona.edu/vpn/vpn.shtml
Policies, Procedures and Guidelines
http://w3.arizona.edu/~policy/
Security Awareness
http://security.arizona.edu/awareness.html
Information Security Office
Security Awareness
Presentations
Customization available
Information Security Office
• Passwords/ Social Engineering
• Identity Theft/ Telephone Fraud
• Passwords/ Social Engineering
• E-mail Usage and Encryption, E-mail
Etiquette
• PC Security, Workstation and Desktop
Security (up to date patching and anti-virus),
Password Protected Screensavers, Laptop
security, Viruses and Worms
• Proper/Improper Internet Use, Internet
Security and Safe Web Browsing
Information Security Office
•
•
•
•
•
•
•
Software Piracy and Copyright Infringement
Blaster Worm and So big Virus
Firewall Basics for the beginning user
Disaster Recovery/ Data Backups, Incident
Reporting, Risk Assessment/ Data
Classification Guidelines,
Palm Pilots / PDAs / Cell Phones/Wireless
Security
Security Basics , Privacy in the New
Millennium
Office Security, Facility and After Hour
Access/ Visitor Control and Guest
Procedures
Information Security Office
University Information Security
Office
Bob Lancaster
пЂґUniversity Information Security Officer
Co-Director – CCIT, Telecommunications
пЂґLancaster@arizona.edu
пЂґ621-4482
Security Incident Response Team (SIRT)
пЂґsirt@arizona.edu
пЂґ626-0100
Kelley Bogart
пЂґInformation Security Office Analyst
пЂґBogartk@u.arizona.edu
пЂґ626-8232
Information Security Office
Документ
Категория
Презентации
Просмотров
5
Размер файла
358 Кб
Теги
1/--страниц
Пожаловаться на содержимое документа