IT Employment

General discussion


security produres

By Prana7 ·
Any laptop that contains senitive data on its hard drive, the data is strictly prohibited from accessing any non company network including wireless networks.

the problem is "senitive" made me think and it needs more specify.

Any one can help?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Let me take a stab

by JamesRL In reply to security produres

Think financial and proprietary.

Any information about revenue, profitability, financial results, P&L - Financial

Any information about sales, bids, RFPs/RFQs - Sales

Any source code.

Any internal only data about your products or sevices - proprietary.

Any personnel information subject to privacy legislation or internal security policies - HR.

Any information from a customer or partnering organiztion, especially those where a non-disclosure agreement has been signed.

Thats a pretty good start.


Collapse -


by Prana7 In reply to Let me take a stab

Any information about ssn, health information, reasonable accomedation like that.

should i say:

Any laptop that contains (any privacy information about) data on its hard drive, the data is strictly prohibited from accessing any non company network including wireless networks.

Collapse -

Are you writing a company policy?

by stress junkie In reply to BUT

I had to read your quote about twenty times to figure out exactly what you mean. Your English is terrible. I only mention it because your profile says that you are in Colorado. If you were writing a policy in a different language then that would be different. Presumably you are writing a policy in English. If your corporate documentation is in English then you are the last person that should be contributing to it.

And you aren't even taking data encryption into account. Here are a couple of ideas to get you started.

Any laptop computer that contains sensitive information must encrypt that information such that it cannot be accessed by unauthorized parties. Further, you must log out when the computer is not being used and you must use a password protected screen saver.

Any computer that contains sensitive information may not connect to any network outside of the company by any means for any reason.

As far as the definition of "sensitive" goes, I agree with JamesRL. Additionally, people who are authorized to access sensitive information should be told that this or that information is sensitive when they are first given access to the information. If people who access customer information, for example, don't realize that it is sensitive then the company needs to have educational seminars to teach people about these things. The same goes for any other sensitive information.

Related Discussions

Related Forums