Scribd Logo
Upload

Welcome to Scribd!

  • Access Control Document

    Uploaded by

    Manas Ranjan Sahoo
    10 views5 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views5 pages

    Access Control Document

    Uploaded by

    Manas Ranjan Sahoo

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Error!

    Unknown

    Access Control document property


    name.008
    Process Version: 1.1

    Access Control Document


    Velocis System Pvt Ltd.

    Document Version: 1.1


    Document Date: [08-July-2023]

    Document Summary:

    Policy Category Common

    Policy ID

    Version Number Version 1.0

    Effective Date 08-July-2023

    Owner Manas Ranjan Sahoo

    Approved By Sagar Sharma

    Document Status Final Release

    Confidential © Velocis Systems Pvt. Ltd 2009 Page 1 of 5


    Error! Unknown

    Access Control document property


    name.008
    Process Version: 1.1

    Document Label Internal

    Revision History

    Version Date Prepared/ Reviewed by Approved by Reason for Change


    Revised by

    1.0 08-07-2023 Vivek Rajnish Manrai Rajnish Manrai Initial Draft


    Sankhyan

    1.1 20-12-2023 Vivek Rajnish Manrai Rajnish Manrai Reviewed only


    SANKHYAN

    Access Control Document for NOC

    1. Overview This document outlines access control guidelines and procedures for
    managing access to the following technology and devices within the Network
    Operations Center (NOC):

    • Routers
    • Firewalls
    • Switches
    • Servers
    • ACI

    Confidential © Velocis Systems Pvt. Ltd 2009 Page 2 of 5


    Error! Unknown

    Access Control document property


    name.008
    Process Version: 1.1

    • DNAC
    • CUCM
    • HX
    • Umbrella
    • DUO
    • AMP
    • IT Service Management (ITSM) & Network Management System (NMS)
    tools
    2. Access Control Policies for Specific Devices

    Routers, Firewalls, and Switches:

    • Access to router, firewall, and switch configurations and management


    interfaces will be restricted to authorized network engineers and
    administrators.
    • Access will be granted based on role-based access control (RBAC)
    principles, ensuring that only personnel with specific job roles requiring
    access will be provided permissions.
    • Remote access to these devices will be secured using encrypted protocols
    (such as SSH, HTTPS) and multifactor authentication where feasible.
    Servers:

    • Access to servers within the NOC will be controlled based on the principle
    of least privilege.
    • Server access will be limited to system administrators, network engineers,
    and relevant support personnel.

    Confidential © Velocis Systems Pvt. Ltd 2009 Page 3 of 5


    Error! Unknown

    Access Control document property


    name.008
    Process Version: 1.1

    • Physical access to server rooms will be restricted to authorized personnel


    only, monitored by access control systems.
    ITSM & NMS Tools:

    • Access to ITSM and NMS tools will be granted to authorized NOC personnel
    responsible for network monitoring and management.
    • Access permissions will be assigned based on job roles and responsibilities.
    • Usage and access to these tools will be logged and monitored regularly to
    detect any unauthorized activities.
    3. Access Control Procedures

    a. Access Provisioning i. Requests for access to these devices and tools must be
    submitted through a formal access request process. ii. Access requests will
    require appropriate approvals from supervisors or department heads.

    b. Access Review and Monitoring i. Regular reviews of access permissions will be


    conducted to ensure alignment with job roles and responsibilities. ii. Logs and
    audit trails of access activities will be monitored for any anomalies or
    unauthorized access attempts.

    c. Password Management i. Strong password policies will be enforced for device


    and tool access, including regular password changes, complexity requirements,
    and avoiding password sharing.

    d. Physical Access Controls i. Physical access to server rooms and critical


    infrastructure housing these devices will be restricted through biometric access,
    keycards, or other secure measures. ii. Visitor access to these areas will be
    escorted and supervised at all times.

    4. Responsibilities

    Confidential © Velocis Systems Pvt. Ltd 2009 Page 4 of 5


    Error! Unknown

    Access Control document property


    name.008
    Process Version: 1.1

    a. IT Department: Responsible for implementing and enforcing access control


    measures, conducting regular audits, and managing access permissions.

    b. Managers and Supervisors: Responsible for authorizing access requests based


    on job roles and overseeing access reviews for their respective teams.

    c. Employees and Users: Responsible for adhering to access control policies,


    safeguarding access credentials, and promptly reporting any security incidents or
    breaches.

    5. Enforcement and Compliance Violations of this Access Control Document may


    result in disciplinary actions in line with the organization's policies. This document
    complies with industry standards (e.g., ISO 27001) and relevant regulatory
    requirements.

    6. Document Control This document will be reviewed and updated as necessary


    by the IT Security team. All revisions will be appropriately documented and
    communicated to relevant stakeholders.

    Confidential © Velocis Systems Pvt. Ltd 2009 Page 5 of 5

    You might also like