SlideShare a Scribd company logo

200711 002

Nhựt Đình
Nhựt Đình
1 of 2
Software Installation Policy 1.0 Overview Allowing employees to install software on company computing devices opens the organization up to unnecessary exposure. Conflicting file versions or DLLs which can prevent programs from running, the introduction of malware from infected installation software, unlicensed software which could be discovered in an audit, and programs which can be used to hack the organization’s network are examples of the problems that can be introduced when employees install software on company equipment. 2.0 Purpose To minimize the risk of loss of program functionality, the exposure of sensitive information contained within <Company Name’s> computing network, the risk of introducing malware, and the legal exposure of running unlicensed software. 3.0 Scope This policy covers all computers, servers, PDAs, smartphones, and other computing devices operating within <Company Name>. 4.0 Policy Employees may not install software on <Company Name’s> computing devices operated within the <Company Name> network. Software requests must first be approved by the requester’s manager and then be made to the Information Technology department or Help Desk in writing or via email. Software must be selected from an approved software list, maintained by the Information Technology department, unless no selection on the list meets the requester’s need. The Information Technology Department will obtain and track the licenses, test new software for conflict and compatibility, and perform the installation. 5.0 Enforcement Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. 6.0 Definitions DLL: Dynamically Linked Library. A shared program module used by one or more programs, often installed as part of a program installation. If the current version of a DLL is overwritten by a newer or older version, existing programs that relied upon the original version may cease to function or may not function reliably.
Malware: A wide variety of programs created with the explicit intention of performing malicious acts on systems they run on, such as stealing information, hijacking functionality, and attacking other systems. PDA: Personal Digital Assistant. A portable, hand held computing device capable of running software programs. It may connect to host computers or to wired or wireless networks. Smartphone: A cellular phone with qualities of a computer or PDA. It is capable of running software programs and connecting to computer networks. 7.0 Revision History Original Issue Date:

Recommended

Vulnerabilities In Industrial Control System
Vulnerabilities In Industrial Control SystemVulnerabilities In Industrial Control System
Vulnerabilities In Industrial Control SystemCentextech
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas companyLiora R. Herman
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesLeMeniz Infotech
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesLeMeniz Infotech
 
Effective multi factor authentication for people soft
Effective multi factor authentication for people softEffective multi factor authentication for people soft
Effective multi factor authentication for people softAppsian
 
Byod
ByodByod
Byodstormshadow24
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
Ieee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsIeee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsSteph Cliche
 

Recommended

Vulnerabilities In Industrial Control System
Vulnerabilities In Industrial Control SystemVulnerabilities In Industrial Control System
Vulnerabilities In Industrial Control SystemCentextech
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas companyLiora R. Herman
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesLeMeniz Infotech
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesLeMeniz Infotech
 
Effective multi factor authentication for people soft
Effective multi factor authentication for people softEffective multi factor authentication for people soft
Effective multi factor authentication for people softAppsian
 
Byod
ByodByod
Byodstormshadow24
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
Ieee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsIeee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsSteph Cliche
 
legalworkspace-infographic 0116
legalworkspace-infographic 0116legalworkspace-infographic 0116
legalworkspace-infographic 0116Melissa Ek
 
JPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile DevicesJPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile Deviceschennaijp
 
Ekran 4.1
Ekran 4.1Ekran 4.1
Ekran 4.1Oleg Shomonko
 
Access control policy
Access control policyAccess control policy
Access control policyBsmah Fahad
 
Security communication
Security communicationSecurity communication
Security communicationSay Shyong
 
Chapter 4
Chapter 4Chapter 4
Chapter 4NorazlinaAbdullah4
 
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODRoadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODSierraware
 
Biometric devices & Malware
Biometric devices & MalwareBiometric devices & Malware
Biometric devices & MalwareFarhan Atta
 
Types Of Computer Security Attacks
Types Of Computer Security AttacksTypes Of Computer Security Attacks
Types Of Computer Security AttacksCentextech
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
Mobile Phone & Tablet Support
Mobile Phone & Tablet SupportMobile Phone & Tablet Support
Mobile Phone & Tablet SupportFelix Yanko
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesSymantec
 
Octree securapro mauleverer case study
Octree securapro mauleverer case studyOctree securapro mauleverer case study
Octree securapro mauleverer case studyTony Richardson CISSP
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Aviva Spectrum™
 
Courion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk AttitudesCourion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk AttitudesCourion Corporation
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019African Cyber Security Summit
 
Internet Security Agent
Internet Security AgentInternet Security Agent
Internet Security AgentInternational Journal of Engineering Inventions www.ijeijournal.com
 
ZERO DAY PLUS presentation
ZERO DAY PLUS presentationZERO DAY PLUS presentation
ZERO DAY PLUS presentationAlexander Rogan
 
Website security
Website securityWebsite security
Website securityRIPPER95
 
determinacion caulitativa de hormona gonadotropina corionica humana(HCG)
determinacion caulitativa de hormona gonadotropina corionica humana(HCG)determinacion caulitativa de hormona gonadotropina corionica humana(HCG)
determinacion caulitativa de hormona gonadotropina corionica humana(HCG)Cristina Mendoza
 
Minh can can cac anh chi lam giup minh bai toan nay
Minh can can cac anh chi lam giup minh bai toan nayMinh can can cac anh chi lam giup minh bai toan nay
Minh can can cac anh chi lam giup minh bai toan naynguyen tinh
 

More Related Content

What's hot

legalworkspace-infographic 0116
legalworkspace-infographic 0116legalworkspace-infographic 0116
legalworkspace-infographic 0116Melissa Ek
 
JPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile DevicesJPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile Deviceschennaijp
 
Access control policy
Access control policyAccess control policy
Access control policyBsmah Fahad
 
Security communication
Security communicationSecurity communication
Security communicationSay Shyong
 
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODRoadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODSierraware
 
Biometric devices & Malware
Biometric devices & MalwareBiometric devices & Malware
Biometric devices & MalwareFarhan Atta
 
Types Of Computer Security Attacks
Types Of Computer Security AttacksTypes Of Computer Security Attacks
Types Of Computer Security AttacksCentextech
 
Mobile Phone & Tablet Support
Mobile Phone & Tablet SupportMobile Phone & Tablet Support
Mobile Phone & Tablet SupportFelix Yanko
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesSymantec
 
Octree securapro mauleverer case study
Octree securapro mauleverer case studyOctree securapro mauleverer case study
Octree securapro mauleverer case studyTony Richardson CISSP
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Aviva Spectrum™
 
Courion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk AttitudesCourion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk AttitudesCourion Corporation
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019African Cyber Security Summit
 
ZERO DAY PLUS presentation
ZERO DAY PLUS presentationZERO DAY PLUS presentation
ZERO DAY PLUS presentationAlexander Rogan
 
Website security
Website securityWebsite security
Website securityRIPPER95
 

What's hot (20)

legalworkspace-infographic 0116
legalworkspace-infographic 0116legalworkspace-infographic 0116
legalworkspace-infographic 0116
 
JPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile DevicesJPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile Devices
 
Ekran 4.1
Ekran 4.1Ekran 4.1
Ekran 4.1
 
Access control policy
Access control policyAccess control policy
Access control policy
 
Security communication
Security communicationSecurity communication
Security communication
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODRoadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
 
Biometric devices & Malware
Biometric devices & MalwareBiometric devices & Malware
Biometric devices & Malware
 
Types Of Computer Security Attacks
Types Of Computer Security AttacksTypes Of Computer Security Attacks
Types Of Computer Security Attacks
 
Mobile security
Mobile securityMobile security
Mobile security
 
Mobile Phone & Tablet Support
Mobile Phone & Tablet SupportMobile Phone & Tablet Support
Mobile Phone & Tablet Support
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
 
Octree securapro mauleverer case study
Octree securapro mauleverer case studyOctree securapro mauleverer case study
Octree securapro mauleverer case study
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
 
Courion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk AttitudesCourion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk Attitudes
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
 
Internet Security Agent
Internet Security AgentInternet Security Agent
Internet Security Agent
 
ZERO DAY PLUS presentation
ZERO DAY PLUS presentationZERO DAY PLUS presentation
ZERO DAY PLUS presentation
 
Website security
Website securityWebsite security
Website security
 

Viewers also liked

determinacion caulitativa de hormona gonadotropina corionica humana(HCG)
determinacion caulitativa de hormona gonadotropina corionica humana(HCG)determinacion caulitativa de hormona gonadotropina corionica humana(HCG)
determinacion caulitativa de hormona gonadotropina corionica humana(HCG)Cristina Mendoza
 
Minh can can cac anh chi lam giup minh bai toan nay
Minh can can cac anh chi lam giup minh bai toan nayMinh can can cac anh chi lam giup minh bai toan nay
Minh can can cac anh chi lam giup minh bai toan naynguyen tinh
 
Responsabilidad social tarea 2
Responsabilidad social tarea 2Responsabilidad social tarea 2
Responsabilidad social tarea 2Juan Perez
 
Q&A: Everything You Need to know About the National Debt
Q&A: Everything You Need to know About the National DebtQ&A: Everything You Need to know About the National Debt
Q&A: Everything You Need to know About the National DebtFix the Debt Campaign
 
5 s implementation and its effect on physical workload
5 s implementation and its effect on physical workload5 s implementation and its effect on physical workload
5 s implementation and its effect on physical workloadeSAT Publishing House
 
A novel way of verifiable redistribution of the secret in a multiuser environ...
A novel way of verifiable redistribution of the secret in a multiuser environ...A novel way of verifiable redistribution of the secret in a multiuser environ...
A novel way of verifiable redistribution of the secret in a multiuser environ...eSAT Publishing House
 
Analysis and connection designs of precast load bearing wall
Analysis and connection designs of precast load bearing wallAnalysis and connection designs of precast load bearing wall
Analysis and connection designs of precast load bearing walleSAT Publishing House
 
Manajemen Bipolar dengan penggunaan Kanabis
Manajemen Bipolar dengan penggunaan KanabisManajemen Bipolar dengan penggunaan Kanabis
Manajemen Bipolar dengan penggunaan KanabisAzimatul Karimah
 
Osteoarth & Rheumatoid arthritis
Osteoarth & Rheumatoid arthritisOsteoarth & Rheumatoid arthritis
Osteoarth & Rheumatoid arthritisKemUnited
 
Aplicacion - Informe ESCA - Traductor.pdf
Aplicacion - Informe ESCA - Traductor.pdfAplicacion - Informe ESCA - Traductor.pdf
Aplicacion - Informe ESCA - Traductor.pdfsebca77
 
Toepassing smartboard compaan
Toepassing smartboard compaanToepassing smartboard compaan
Toepassing smartboard compaanStebo vzw
 
A survey on congestion control mechanisms
A survey on congestion control mechanismsA survey on congestion control mechanisms
A survey on congestion control mechanismseSAT Publishing House
 
Paul olteanu inovolt
Paul olteanu inovoltPaul olteanu inovolt
Paul olteanu inovoltRevistaBiz
 

Viewers also liked (16)

determinacion caulitativa de hormona gonadotropina corionica humana(HCG)
determinacion caulitativa de hormona gonadotropina corionica humana(HCG)determinacion caulitativa de hormona gonadotropina corionica humana(HCG)
determinacion caulitativa de hormona gonadotropina corionica humana(HCG)
 
Minh can can cac anh chi lam giup minh bai toan nay
Minh can can cac anh chi lam giup minh bai toan nayMinh can can cac anh chi lam giup minh bai toan nay
Minh can can cac anh chi lam giup minh bai toan nay
 
Responsabilidad social tarea 2
Responsabilidad social tarea 2Responsabilidad social tarea 2
Responsabilidad social tarea 2
 
Q&A: Everything You Need to know About the National Debt
Q&A: Everything You Need to know About the National DebtQ&A: Everything You Need to know About the National Debt
Q&A: Everything You Need to know About the National Debt
 
Derrame pleural
Derrame pleuralDerrame pleural
Derrame pleural
 
5 s implementation and its effect on physical workload
5 s implementation and its effect on physical workload5 s implementation and its effect on physical workload
5 s implementation and its effect on physical workload
 
A novel way of verifiable redistribution of the secret in a multiuser environ...
A novel way of verifiable redistribution of the secret in a multiuser environ...A novel way of verifiable redistribution of the secret in a multiuser environ...
A novel way of verifiable redistribution of the secret in a multiuser environ...
 
Analysis and connection designs of precast load bearing wall
Analysis and connection designs of precast load bearing wallAnalysis and connection designs of precast load bearing wall
Analysis and connection designs of precast load bearing wall
 
Manajemen Bipolar dengan penggunaan Kanabis
Manajemen Bipolar dengan penggunaan KanabisManajemen Bipolar dengan penggunaan Kanabis
Manajemen Bipolar dengan penggunaan Kanabis
 
Osteoarth & Rheumatoid arthritis
Osteoarth & Rheumatoid arthritisOsteoarth & Rheumatoid arthritis
Osteoarth & Rheumatoid arthritis
 
Aplicacion - Informe ESCA - Traductor.pdf
Aplicacion - Informe ESCA - Traductor.pdfAplicacion - Informe ESCA - Traductor.pdf
Aplicacion - Informe ESCA - Traductor.pdf
 
Toepassing smartboard compaan
Toepassing smartboard compaanToepassing smartboard compaan
Toepassing smartboard compaan
 
A survey on congestion control mechanisms
A survey on congestion control mechanismsA survey on congestion control mechanisms
A survey on congestion control mechanisms
 
Paul olteanu inovolt
Paul olteanu inovoltPaul olteanu inovolt
Paul olteanu inovolt
 
Elit 10 class 17
Elit 10 class 17Elit 10 class 17
Elit 10 class 17
 
The New Al Capone
The New Al CaponeThe New Al Capone
The New Al Capone
 

Similar to 200711 002

Software control and distribution
Software control and distributionSoftware control and distribution
Software control and distributionInno Ye
 
Mobile App Security: Enterprise Checklist
Mobile App Security: Enterprise ChecklistMobile App Security: Enterprise Checklist
Mobile App Security: Enterprise ChecklistJignesh Solanki
 
License
LicenseLicense
Licenseyopui
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention GuideBrian Honan
 

Similar to 200711 002 (20)

License
LicenseLicense
License
 
License
LicenseLicense
License
 
LicenseFs 4
LicenseFs 4LicenseFs 4
LicenseFs 4
 
License
LicenseLicense
License
 
Anajli_Synopsis
Anajli_SynopsisAnajli_Synopsis
Anajli_Synopsis
 
Software control and distribution
Software control and distributionSoftware control and distribution
Software control and distribution
 
License
LicenseLicense
License
 
Securing mobile apps in a BYOD world
Securing mobile apps in a BYOD worldSecuring mobile apps in a BYOD world
Securing mobile apps in a BYOD world
 
Mobile App Security: Enterprise Checklist
Mobile App Security: Enterprise ChecklistMobile App Security: Enterprise Checklist
Mobile App Security: Enterprise Checklist
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention Guide
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
Dtl 2012 kl-app_ctl1.2
Dtl 2012 kl-app_ctl1.2Dtl 2012 kl-app_ctl1.2
Dtl 2012 kl-app_ctl1.2
 

200711 002

  • 1. Software Installation Policy 1.0 Overview Allowing employees to install software on company computing devices opens the organization up to unnecessary exposure. Conflicting file versions or DLLs which can prevent programs from running, the introduction of malware from infected installation software, unlicensed software which could be discovered in an audit, and programs which can be used to hack the organization’s network are examples of the problems that can be introduced when employees install software on company equipment. 2.0 Purpose To minimize the risk of loss of program functionality, the exposure of sensitive information contained within <Company Name’s> computing network, the risk of introducing malware, and the legal exposure of running unlicensed software. 3.0 Scope This policy covers all computers, servers, PDAs, smartphones, and other computing devices operating within <Company Name>. 4.0 Policy Employees may not install software on <Company Name’s> computing devices operated within the <Company Name> network. Software requests must first be approved by the requester’s manager and then be made to the Information Technology department or Help Desk in writing or via email. Software must be selected from an approved software list, maintained by the Information Technology department, unless no selection on the list meets the requester’s need. The Information Technology Department will obtain and track the licenses, test new software for conflict and compatibility, and perform the installation. 5.0 Enforcement Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. 6.0 Definitions DLL: Dynamically Linked Library. A shared program module used by one or more programs, often installed as part of a program installation. If the current version of a DLL is overwritten by a newer or older version, existing programs that relied upon the original version may cease to function or may not function reliably.
  • 2. Malware: A wide variety of programs created with the explicit intention of performing malicious acts on systems they run on, such as stealing information, hijacking functionality, and attacking other systems. PDA: Personal Digital Assistant. A portable, hand held computing device capable of running software programs. It may connect to host computers or to wired or wireless networks. Smartphone: A cellular phone with qualities of a computer or PDA. It is capable of running software programs and connecting to computer networks. 7.0 Revision History Original Issue Date: