Bt Worldwide Network
security.
WN Security BT
^^^^^^^^^^^^^^ by psyclone/med
(This is a security guide which is circulated to BT management personel
who are involved with worldwide networks)
SECURITY IS YOUR JOB
Security is the personal responsibility of all people in bt, these rules
MUST be followed at all times.
Business Information Security :
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
.Mandatory Clear-Desk Policy - All work areas musy be cleared and all
information must be stored in appropriate places whenever the workplace
is left unattended for longer than 30 mins.
.Confidential materials - must be stored in lockable steel or quality
wood furniture.
Waste must be destroyed by shredding or collected by an approved sensitive
waste paper collection provided by Building Services.
Faxing is permitted in infrequent transmissions but make voice contact
with the distant end first to ensure that the receiving end is not
unattended or diverted.
.HIGHLY CONFIDENTIAL material - must be stored in "SECURITY"
furnature
(see your Information security code)
Waste must be destroyed by shredding under direct supervision by the
BT site supervisor.
Faxing as for IN CONFIDENCE , but must be previously approved by a
manager at PCGT level or above, or by using an approved encrytped fax.
.Mailing Privacy Marked Material By External Post - IN CONFIDENCE &
IN
STRICTEST CONFIDENCE documents must be double enveloped. Both
envelopes must be sealed and a return address label attached, the INNER
envelope ONLY must have the privacy markings.
FULL DETAILS CAN BE FOUND IN THE WN SECURITY HANDBOOK , ALL MANAGERS
SHOULD HAVE A COPY.
OR
FURTHER GUIDANCE ON BUSINESS INFORMATION SECURITY CAN BE OBTAINED FROM
YOUR LINE MANAGER OR YOUR ISM (INFORMATION SECURITY MANAGER).
Electronic Information Security :
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
.Passwords and Personal ID Numbers - must not be disclosed, should not
be
written down, and should be changed regularly.
.Logging Off - PC's and Terminals must always be logged off when not in
use , access keys and tokens must be removed and machines powered down
(unless operation is neccessary).
.Data Backups - Regular data backups must be taken to enable a swift
recovery should there be a system failure.
.IN CONFIDENCE Data - Must be protected by an approved software based
access control package (with password facility).
.IN STRICTEST CONFIDENCE Data - Must be protected by an approved hardware
based access (password facility and encryption).
.Software - Only legitimate, authorized and licenced software can be used
on BT computers.
.Computer Games - Must NOT be used on BT computers they must be removed
when there is an option not to install them.
NOTE : Known or suspected computer viruses must be immediately reported
to the SecID helpdesk on 01908 693 838. Under no circumstances
should any attempt be made to irradicate the virus without prior
consultation with SecID.
Full details can be found in the WN Security Handbook, all managers
should have a copy.
OR
Further guidance on Electronic Information Security can be obtained
from your line manager or your WNISM.
Physical Security :
^^^^^^^^^^^^^^^^^
.Secure Workplace - A secure workplace must be maintained by closing and
locking all cupboards, cabinets, doors and windows after use.
.Building Passes - Must be worn at all times in BT buildings, any
unidentified people should be politely challenged.
.Visitors - All visitors must sign the visitors book and where applicable
be issued with a temporary building pass. Non BT visitors must be escorted
to their destination within the building by their host or their hosts
representative, who will be responsible for them while they are on site.
FUTHER GUIDANCE ON PHYSICAL SECURITY CAN BE OBTAINED FROM YOUR LINE
MANAGER OR THE ZONES PHYSICAL ACCESS SECURITY MANAGER (PASM)
Crime Reporting :
^^^^^^^^^^^^^^^
.Enviromental Crime - Is defined as general criminal acts which occur
within or adjacent to BT premises. Examples are break-ins, vehicle or
contents theft while parked in or close to Bt premises and theft of BT
personal property from BT premeses. This type of incident must be reported
to your local Estate Security Crime Liaison Unit. The number may be
obtained from the national helpdesk on 0171 356 3333.
.Other Crime - All other forms of crime against WN processes, customers,
staff or line plant equipment must be reported to your Crime Liaison
Manager, or if not available, guidance can be obtained by callig the
Crime Helpdesk on 01908 693 838.
Back to document index