Add to collection(s) Add to saved
  1. No category
Uploaded by Secret Yay

Q&A Security Awareness updated

advertisement 
#
Category
Document
Required
Yes/No/NA
Comments
Access to Data
1
Will you access, store, or process customer data?
No
2
Do you disable USB ports, CD/DVD ROM, and floppy drives on workstations
which may contain customer information? How?
Is physical and electronic access to records immediately revoked upon
employment termination of employees, contractors, temps, etc.?
Yes
All are disable as TMA standard policy
Yes
4
Do you terminate/revoke user IDs after a period of inactivity?
Yes
5
Do you automatically lock workstations after a period of inactivity?
Yes
Access controls: privileged services access granting and revoking
via Ticket System with required approval. Access rights are
reviewed at time of termination, transferring, promotion.
We have Password Standard and Access Control Policy.
After 105 days without a password change, the User ID will be
denied access to the system.
After 120 days without a password change, the account will be
deleted from the system.
Screen lock is applied automatically from Windows domain to all
PC (10 minutes).
6
Do you monitor/track logon violations?
Yes
7
Does your workstation store source code ?
No
All source code stored in customer’s source control and we only
access remotely via VPN channel
8
Are you able to send/share file through communication tool e.g. MS Team,
Skype, etc.
Trellix AV on all Windows PCs/servers, centralized managed,
automatically update daily, scheduled scan weekly
Virus pattern is updated to the latest automatically
All laptops are encrypted by Trellix (McAfee) encryption /
BitLocker as TMA standard.
Workstation is optional.
3
Anti-Virus, Encryption
9
Is Antiā€Virus and Malware protection updated daily?
Yes
10
Is portable media encrypted? How?
Yes
Internet Access, Cybersecurity
11
Are you able to freely access to the internet?
No
If there is specific request for task, need to request IT
12
Are you able to use freely google search or any other browser to research?
No
If there is specific request for task, need to request IT
13
Have you been trained about phishing email attack at work? Please explain
Yes
https://www.vnetwork.vn/news/phishing-email-la-gi
Related documents
Computer Lab Rules
Computer Lab Rules
Policy • Users are required (by policy) to manually set... password protected mode after 10-20 minutes of inactivity.
Policy • Users are required (by policy) to manually set... password protected mode after 10-20 minutes of inactivity.
Flow Chart
Flow Chart
Introduction to Cyber Security The Open University
Introduction to Cyber Security The Open University
Eyes of Janus - Eval L&D - CASE STUDY
Eyes of Janus - Eval L&D - CASE STUDY
OPSEC Guide
OPSEC Guide
Download
advertisement