Browser User Sign-in Policy
1. Overview
MiTech's intentions for publishing a Browser User Sign-in Policy are not to impose restrictions that are contrary to our established culture of openness, trust, and integrity. MiTech is committed to protecting our employees, partners, and the districts from illegal or damaging actions by individuals, either knowingly or unknowingly.
Browsers that allow a user to sign in should be limited to organizational accounts only.
Effective security is a team effort involving the participation and support of every employee and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these guidelines and to conduct their activities accordingly.
Web browsers, such as Chrome, Edge, Firefox, and others are an indispensable part of our daily routines and tasks. However, 85% of all malicious software (or "malware") is spread through web browsers. Even more alarming, 94% of fully undetectable malware is delivered via web browsing. The results of these infections can range from minor annoyances like adware to the ransomware that has shut down schools and colleges across the state and country, most recently KVCC and KCC in our area.
2. Purpose
This policy aims to outline the reasons for only allowing work-related logins on computer equipment managed by MiTech. These rules are in place to protect the employee, MiTech, and our partner districts. Inappropriate use exposes the district to risks including virus attacks, compromise of network systems and services, and legal issues. For example, if a user logs into the browser with a personal account, that browser would be able to load any extension, including extensions that are malicious, inappropriately track information, or even get access to student data, putting the district in violation of FERPA or other laws.
3. Scope
This policy applies to the use of information, electronic and computing devices, and network resources to conduct district business or interact with internal networks and business systems, whether owned or leased by the district, the employee, or a third party. All employees, contractors, consultants, temporary, and other workers at the district and its subsidiaries are responsible for exercising good judgment regarding appropriate use of information, electronic devices, and network resources in accordance with MiTech policies and standards, and local laws and regulation.
This policy applies to employees, contractors, consultants, temporaries, and other workers at the district, including all personnel affiliated with third parties. This policy applies to all equipment that is owned or leased by the district.
4. Policy
4.1 General Use and Ownership
4.2 Security and Proprietary Information
4.3 Compliance Measurement
The Infosec team will verify compliance to this policy through various methods, including but not limited to, business tool reports, internal and external audits, and feedback to the policy owner.
Any exception to the policy must be approved by the Infosec team in advance.
An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
5. Policy FAQ
6. Revision History
|
|
|
|
|
|