Workstation Security Policy
The purpose of this policy is to provide guidance for workstation security for Tuxis workstations in order to ensure the security of information on the workstation and information the workstation may have access to.
This policy applies to all Tuxis's employees, contractors, workforce members, vendors and agents with a Tuxis-owned or personal-workstation connected to the Tuxis office network.
Appropriate measures must be taken when using workstations to ensure the confidentiality, integrity and availability of sensitive information and that access to sensitive information is restricted to authorized users.
- Workforce members using workstations shall consider the sensitivity of the information that may be accessed and minimize the possibility of unauthorized access.
- Tuxis will implement physical and technical safeguards for all workstations that access sensitive information to restrict access to authorized users.
Appropriate measures include:
- Restricting physical access to workstations to only authorized personnel.
- Securing workstations (screen lock or logout) prior to leaving area to prevent unauthorized access.
- Enabling a password-protected screen saver with a short timeout period to ensure that workstations that were left unsecured will be protected. The password must comply with the Tuxis Password Policy.
- Ensuring workstations are used for authorized business purposes only.
- Never installing unauthorized software on workstations.
- Never store sensitive information on workstation unencrypted.
- Ensuring workstations are left on but locked or logged off in order to facilitate after-hours updates.
- Exit running applications and close open documents