I. COMPUTER OPERATIONS
The VCSC Network Operations Center (NOC) is restricted to operational and identified vendor support personnel, but because of today’s distributed data processing and computer networks, access is not limited to persons physically entering the area. The computer center operation can also be vulnerable to unauthorized access through telecommunications. Every precaution should be made to prevent unauthorized access to the NOC. Access to computer data, shared within all computer systems, will be controlled for security. The Technology Department is responsible for maintaining security procedures. Violations of this regulation will result in disciplinary action and is considered to be misconduct and could be prosecutable. Violations will be reported to the immediate supervisor, the Technology Director and/or the Human Resources Director.
A. Security and Access
To maintain proper NOC security and safety, the following policies are in force:
1. Access to the NOC is restricted to those persons needed to operate, supervise, or provide maintenance to the area and its equipment. A system allowing authorized personnel only to gain entry to the area is necessary.
2. Access to any VCSC equipment in the operation area from outside the NOC is controlled with proper user accounts and passwords. Passwords are not to be shared, and passwords for production systems should not be used by anyone other than the authorized user. Passwords for accounts that access corporation financial data will be changed every thirty (30) days. Passwords for accounts that access student data will be changed every ninety (90) days. Passwords for accounts that include, but are not limited to, e-mail, file sharing, student folders, course management systems, Web site editing, databases, etc, will be changed on an as needed basis to be determined by the Technology Department. To further limit access, it is necessary to delete accounts that are no longer authorized as soon as possible.
3. The Technology Department will develop governing procedures for computer operations.
4. The Technology Department will be responsible for developing and maintaining systems and procedures for workstation security.
5. Access to data and secure areas will be under the jurisdiction of the administrator of the program involved. Final authority regarding access will be determined by the Superintendent or his/her designee.
A. Development of committee structure to review appropriate software for inclusion on any VCSC computer system –Director of Technology.
B. Personal Hardware and Software
No personal hardware or software is allowed on any VCSC computers or the VCSC network. All equipment and software of any kind, including programs, is the sole property of the corporation. This is to reduce problems with equipment and software failure, damage to data files, and the introduction of mal-ware on the VCSC network. It is also a policy that all electronic storage media belonging to the corporation are not to be used in personal home computers and then returned. This restricts access to the Corporation’s data and/or programs and prevents mal-ware transmission The Technology Department will purge unauthorized software or remove any unauthorized equipment and report it to the appropriate supervisor and the Technology Director. To further aid in the management of unauthorized software installations, monitoring and blocking software will be installed on every VCSC computer.
Adoption Date: August 5, 1996; Revised March 9, 2009
Cross Ref: GBLA, IIBG