You are on page 1of 6

Nicholas Diley

This Is a Company LTD


Network Access Policies (NAPs)
Purpose
The purpose of the Network Access Policy is to establish the rules for the
access and use of the network infrastructure, of which are necessary to
preserve the integrity, availability and confidentiality of This is a Company
LTD information.
The Network Access Policy applies to all individuals with access to any This is
a Company LTD Information or Network Resource.

Definition
Information Resources (IR):
Any and all computer printouts, online
display devices, magnetic storage media and all computer-related activities
involving any device capable of receiving email, browsing Websites or
otherwise capable of receiving, storing, managing, or transmitting electronic
data. These include, but are not limited to, mainframes, servers, personal
computers, notebook computers, hand-held devices, personal digital
assistants (PDA), pagers, telecommunication resources, telephones, fax
machines, and printers. Additionally it is the procedures, equipment,
facilities, software, and data that are designed, built, operated and
maintained to create, collect, record, process, store, retrieve, display, and
transmit information.

Information Security Officer (ISO): Agency Responsible to executive


management for administering the information security functions within. The
ISO is the agencys point of contact for all security matters.

Nicholas Diley

Information Services (IS): The Agency responsible for computers, networking


and data management.

Nicholas Diley

Network Access Policy

Copyright and Intellectual


Property
All users must respect Copyrights
and Trademarks

Integrity and Fair Use


Users should consult appropriate
resources for guidance.

Protection of Resources
Users are expected to respect the
integrity of resources of which they
have access.

Copyright or Trademarked works


include, but not limited to, respective
computer programs, movies, television
programs, music, photographs and
published materials (e.g. books,
journals) must not be copied,
distributed or shared without prior
permission from the copyright or
trademark holders.
Staff of This is a Company LTD are
responsible for upholding the
confidentiality and integrity of data to
which they have access. All users are
prohibited from inspecting, copying,
altering, distributing or destroying
anyone elses files or network traffic
without proper authorization from not
only the person whom the data
originated, but also from Information
Management.
Protection of resources includes all but
is not limited to the modification of
software, systems or networks that are
not owned or managed by the user;
accessing systems that the user is not
authorized to access or knowingly and
willingly installing or running malicious
software.
All users have a responsibility to ensure
the security and integrity of personally
owned or managed systems, including
the data access through such systems..

Sensitive Data
In receiving access to privileged or
sensitive data, authorized users accept
the responsibility to protect the
information access.

Users may have access to privileged


information that must be protected.
These Authorized Users will have the
responsibility and integrity to take
necessary steps to prevent
unauthorized access to this information.

Nicholas Diley

Accounts and Passwords


Users are individually responsible for
the security of their accounts and
passwords.

Unauthorized Access
Users may not access resources, run
software or hardware without
appropriate authorization or permission.

Illegal Activity
All Users are expected of to have
integrity and to respect security
measures implemented.

Integrity and Respect


Users must have the responsibility to
uphold respect for others and abide by
security measures implemented.

All Users are required to keep their


accounts and passwords secure. As
such All Users are prohibited to share
their provided account or password
information with anyone without the
express written permission of their
leading supervisor. Users that choose to
do so accept the risks that come with,
including but not limited to, the access
of resources other than the mail
account, information that may be
available in directories that can be
access through the account.
Employees of This is a Company LTD
may not intentionally allow nonemployees of This is a Company LTD
resources. Unauthorized access to
company resources is explicitly denied.

Users are prohibited from attempting to


circumvent or subvert security
measures; under no circumstances is a
User authorized to engage in any
activity that is illegal under local, state,
federal or international law.

All employees are expected to use


proper ethics and procedures while
using Network Resources provided.

Nicholas Diley

Pondered Ideals
The Approach to the Security concepts behind Network Access was well
defined in the integrity and reason behind the User. It is mainly the User who
is in power in this scenario, however with all of this, they must choose to
abide the security measures laid before them, and choose not to abuse or
take advantage of the privilege. It can be involving, and not be limited to,
limiting network access, limit access privileges or restricted use, but also the
authorization of certain aspects or documents.
The focus was Network Access Security, and as such, we must prepare to
keep unauthorized Users out, and to keep the Authorized User information
safe and protected. This also involves the process of keeping the Authorized
and Private Documents private, and keeping resources and other Company
Wide privileges inside. Almost like the School Intranet, we have many
resources made readily available to us through the School, but what we can
do with it, is up to not only our, but the schools digression too.
I learned firstly that almost all of the measures had to be centered around
the user, and how much of an asset they become with protecting these
documents and privileges. It is a heavy burden to hold by the User, but they
must accept the responsibility.
Questions that surface becomes the integrity of the User. Would they abide
by the Security measures? Can we trust them? But that is all in human
nature. In essence, we are all given the benefit of the doubt with each other,
and until proven otherwise, perhaps they really can be an ethical person in
our eyes.
Most of the information spiraled down to illegal activity at times, which
seemed to be the main point of the Network Access Policies..
This is very relevant because it can easily show how certain information can
become compromised within a single network. It would only take one User
with privileges to mess up the network, possibly by running into illegal
activity or the downloading or intentional use of malicious software for other
illegal activity. We have security measures in place for a reason, and specific
authorization for many for a reason. We want there to be access by the few,
but we cannot work against the network or try to circumvent the security for
our own benefit. We need people in the field to be able to track this activity
and stop it. But thats just a start.

Nicholas Diley

Sources
Lummis, J. (2011 February). Computer and Network Usage and Security.
GATech.edu. Retrieved December 8, 2013, from http://policies.gatech.edu/computerand-network-usage-and-security.
Unknown Publisher. (2013 December). Types of Information Security Policies.
B13Networksecuritysolutions.com. Retrieved December 8, 2013, from
http://www.b13networksecuritysolutions.com/types_of_information_security_policies
.html.

Unknown Publisher. (2013 December). Policy Samples for Network Security


and Computer Security. CpsTech.com. Retrieved December 8, 2013, from
https://www.google.com/url?
sa=t&rct=j&q=&esrc=s&source=web&cd=2&cad=rja&sqi=2&ved=0CEQQFj
AB&url=http%3A%2F%2Fwww.dir.state.tx.us%2FSiteCollectionDocuments
%2FSecurity%2FPolicies%2520and%2520Standards
%2Fnetwork_access_security_policy.doc&ei=tjylUrPGMpXeoASB1ICgAQ&usg
=AFQjCNFx6s7QbxAkV4Em5WgQxJPCy28rDA&sig2=kKnq8_PK052oACXx1Cg
mwQ.