際際滷

際際滷Share a Scribd company logo

Policy presentation

Download as PPTX, PDF
H
Hani Allehyani

This document outlines the policies and procedures for user accounts. It discusses basic principles such as assigning each user a unique identity, requiring strong passwords, and adhering to least privilege access. It also covers account creation and removal processes, how accounts are locked after periods of inactivity, and security measures for ports, sharing, antivirus software, and partitions. The document provides guidance for establishing and managing compliance with user account standards.

1 of 22
Download to read offline
Policy and Procedures of the users account Presentation by : Hani Allehyani Ahmed Alluhaybi
OVERVIEW 1 of 21 Introduction Definition What are kind of police? Basic Principles : General Principles : Questions
Introduction 2 of 21 These policies regulate the direct and indirect use of Technology resources across most companies in the world. The success of any information security program lies in policy development
Definition 3 of 21 The basic principles by which a company is guided.
What are kind of polices? 4 of 21 There are two kinds of policies Basic Principles : General Principles :
Basic Principles 5 of 21 Every user should have one identity Connect all users description by ID that has 10 number to make easy to research
Basic Principles 6 of 21 Every user account should be used only by the person who issued to him Not allow to any user give to another user his username and password so If the user Account is misused, the person to whom the account was issued must take sole responsibility for those actions
Basic Principles 7 of 21 User account or email addresses shall not affect after account retirement and after 12 month If the user account retire you will lose it after 12 month. There are two main reasons for this policy . Firstly, it is a requirement for our organization membership. Secondly, experience has shown that re-using an account it means still receives lots of private newsletters and messages.
Basic Principles 8 of 21 All accounts must adhere to the principle of least privilege The level of access to resources granted to all users Account should be commensurate with the privileges required by the owner to do his job
Basic Principles 9 of 21 2 In our organization the password is required to at least meet the following: At least 8 characters long Contain at least one upper case letter and at least one lower case letter Contain at least one number or punctuation character Not be a dictionary word Be less than 12 months old
General Principles 10 of 21 semi-user accounts There are some cases in which two users have the same name Mohammed Abdullah Allehyani M a allehyani or lehyani1 continue
General Principles : 11 of 21 How to create username A good naming convention makes it easy for users to remember their logon names continue
General Principles 12 of 21 Signal user account All user ids should take the form Mohammed Abdullah Allehyani M a lehyani continue
General Principles 13 of 21 semi-user accounts There are some cases in which two users have the same name Mohammed Abdullah Allehyani M a allehyani or lehyani1 continue
General Principles 14 of 21 Service accounts Any users have Service Accounts shall have the prefix svc, followed by a descriptive name of the service the account relates to it . The Exchange service account would be:
Procedures of users account 15 of Account Creation Process: If the individual is not entered into the domain within 60 days after the originally intended start date you will be lost the account . 21
Procedures of users account 16 of Account Removal Process HR will regularly notify IT Services of changes in employee status for remove or increase the privileges it related to the status change 21
Procedures of users account 17 of account is locked Account locked duration 10 minutes and you will remove the screen to screen saver .If you do not touch or remove (keyboard or mouse ) after this time account is locked . 21
Procedures of users account 18 of Ports All ports like CD/DVD ,USB and FLOPY are locked except the ports connect the device like (printer, scanner , barcodeetc.) by using Trend Antiviruses programme 21
Procedures of users account 19 of Sharing You should be chosen the username that give him permission for files, folders or drives. Do not use default shares you should be removed 21
Procedures of users account 20 of Antivirus software Antivirus software should be updated timely in consultation with System Administrator 21
Procedures of users account 21 of Partition Do not give others the opportunity to look over your shoulder if you are working on sensitive data 21

More Related Content

Policy presentation

  • 1. Policy and Procedures of the users account Presentation by : Hani Allehyani Ahmed Alluhaybi
  • 2. OVERVIEW 1 of 21 Introduction Definition What are kind of police? Basic Principles : General Principles : Questions
  • 3. Introduction 2 of 21 These policies regulate the direct and indirect use of Technology resources across most companies in the world. The success of any information security program lies in policy development
  • 4. Definition 3 of 21 The basic principles by which a company is guided.
  • 5. What are kind of polices? 4 of 21 There are two kinds of policies Basic Principles : General Principles :
  • 6. Basic Principles 5 of 21 Every user should have one identity Connect all users description by ID that has 10 number to make easy to research
  • 7. Basic Principles 6 of 21 Every user account should be used only by the person who issued to him Not allow to any user give to another user his username and password so If the user Account is misused, the person to whom the account was issued must take sole responsibility for those actions
  • 8. Basic Principles 7 of 21 User account or email addresses shall not affect after account retirement and after 12 month If the user account retire you will lose it after 12 month. There are two main reasons for this policy . Firstly, it is a requirement for our organization membership. Secondly, experience has shown that re-using an account it means still receives lots of private newsletters and messages.
  • 9. Basic Principles 8 of 21 All accounts must adhere to the principle of least privilege The level of access to resources granted to all users Account should be commensurate with the privileges required by the owner to do his job
  • 10. Basic Principles 9 of 21 2 In our organization the password is required to at least meet the following: At least 8 characters long Contain at least one upper case letter and at least one lower case letter Contain at least one number or punctuation character Not be a dictionary word Be less than 12 months old
  • 11. General Principles 10 of 21 semi-user accounts There are some cases in which two users have the same name Mohammed Abdullah Allehyani M a allehyani or lehyani1 continue
  • 12. General Principles : 11 of 21 How to create username A good naming convention makes it easy for users to remember their logon names continue
  • 13. General Principles 12 of 21 Signal user account All user ids should take the form Mohammed Abdullah Allehyani M a lehyani continue
  • 14. General Principles 13 of 21 semi-user accounts There are some cases in which two users have the same name Mohammed Abdullah Allehyani M a allehyani or lehyani1 continue
  • 15. General Principles 14 of 21 Service accounts Any users have Service Accounts shall have the prefix svc, followed by a descriptive name of the service the account relates to it . The Exchange service account would be:
  • 16. Procedures of users account 15 of Account Creation Process: If the individual is not entered into the domain within 60 days after the originally intended start date you will be lost the account . 21
  • 17. Procedures of users account 16 of Account Removal Process HR will regularly notify IT Services of changes in employee status for remove or increase the privileges it related to the status change 21
  • 18. Procedures of users account 17 of account is locked Account locked duration 10 minutes and you will remove the screen to screen saver .If you do not touch or remove (keyboard or mouse ) after this time account is locked . 21
  • 19. Procedures of users account 18 of Ports All ports like CD/DVD ,USB and FLOPY are locked except the ports connect the device like (printer, scanner , barcodeetc.) by using Trend Antiviruses programme 21
  • 20. Procedures of users account 19 of Sharing You should be chosen the username that give him permission for files, folders or drives. Do not use default shares you should be removed 21
  • 21. Procedures of users account 20 of Antivirus software Antivirus software should be updated timely in consultation with System Administrator 21
  • 22. Procedures of users account 21 of Partition Do not give others the opportunity to look over your shoulder if you are working on sensitive data 21