Policy for password protection of college-issued computers to faculty and staff.
August 22, 2007
Policy:
All employees are responsible for locking their college-issued computer prior to leaving the computer unattended. All college-issued computers shall be configured to have a standardized password-enabled display. This security feature shall automatically initiate after the computer remains idle from user interaction after 15 minutes. The user must then reenter their password to gain access to the computer.
Rationale for the Policy:
College issued computers are the entry point into ICC’s Enterprise system. The Enterprise system provides access to both private and confidential information in addition to the data located on the computer’s hard drive. A standardized password-enabled display protects the information visible on the screen, stored on the computer’s hard drive, and accessible from the computer.
Procedures:
Employees will lock their college-issued computer prior to leaving the computer unattended by keying in “ctrl-alt-del” and then “lock computer”.
In the event that the employee forgets to lock their computer, password protection will be initiated automatically after 15 minutes. Upon return to the computer, the employee keys in “crtl-alt-del” and types in their password to return to the screen.
Responsibilities:
Users are responsible for taking steps to protect the information that is viewable on their computer screen and accessible from the computer. The Director of Technology Services is responsible for ensuring that the time periods for the security lockout feature are sufficient to meet prevailing standards for data integrity and meeting the needs of the College. When an exception to this policy is granted, Technology Services is responsible for making appropriate changes to the system to enable updating the security protocols on the college-issued computer to match the approved time periods.