S6 Department - Acceptable Use Policy

From 7th Cavalry Wiki
Jump to navigation Jump to search
This is the Document Release Information
Article Number: 7CAV-DR-038
Scope: S6 Department - Operation Planning & Briefings
Version: Version 1.0
Effective Date: 29JUL20
Last Modified Date: DDMMMYYYY
Approving Authority: S6 Officer in Charge
Point of Contact: S6 Executive Officer


Introduction

This document defines acceptable use policy for the S6 Department Staff and extends to those who are permitted access to administrative roles within the purview of S6.

S6 Department Acceptable Use Policy

Acceptable uses of 7th Cavalry resources by S6 Staff include but are not limited to:

  1. Adherence to the standards set forth in 7Cav General Orders, 7Cav Code of Conduct and S6 Department Guidelines.
  2. Performance of activities deemed necessary to support the overall health, availability, integrity and security of:
    • Servers or resources owned or controlled by 7Cav.
    • Network and infrastructure owned or controlled by 7Cav.
    • Database and applications owned or controlled by 7Cav.
  3. Guarding against corruption, compromise, or destruction of 7Cav services or resources and information assets.
  4. Taking reasonable and appropriate steps to insure that all software license agreements are faithfully executed on all systems and servers.
  5. Ensuring privileged access to servers, systems and resources are assigned only to entities that are part of the 7Cav. S6 Staff shall not assign privileged access to organizational resources without the specific written approval of the S6 OIC.
  6. Limiting access to root, administrative, service or privileged supervisory accounts (privileged accounts) on 7Cav server and network resources to S6 Staff. Privileged accounts are accounts that have virtually unlimited access to all programs, files and resources on a server or system. Users shall not be given access to privileged accounts without the specific approval of the S6 OIC. Privileged accounts must be used only for the purposes for which they were authorized and only for conducting 7Cav business.
  7. Ensuring that default passwords on servers, systems, databases, network or software applications are changed using strong password methodologies when the resource is installed or implemented.
  8. Never sharing personal or privileged account logins or passwords with anyone including other S6 Staff or 7Cav members without the approval of the S6 OIC.
  9. Never allowing users to log into computer resources with privileged account access.
  10. Never use Servers or 7Cav Resources for personal use.
  11. Never knowingly creating pathways that allow for violations of network and server security.
  12. Never gaining unauthorized access to a system (or area of a system) using knowledge of access abilities gained during a previous position or role.
  13. Never giving access on a resource you do not administer to another user.
  14. Respecting the privacy of electronic communication. S6 Staff shall not obtain/intercept, or attempt to obtain/intercept and electronic communication or information not intended for them unless such activities are performed as part of their authorized duties. S6 Staff have the duty to the owners of the information to protect the confidentiality of all such information. This includes making change to, ensuring unauthorized users do not have access to, or not divulging to a third party that information.
  15. Never engaging in any illegal or inappropriate use of 7Cav resources or engaging in activities that interfere with or disrupt network, users, servers or systems. Illegal use shall be defined as use which violates local, state, or federal law as well as 7Cav Policy. Inappropriate use shall be defined as a violation of the goals, purpose and intended use of the resources. This includes, but is not limited to, the following: stalking others, supporting political activities, transmitting or originating any unlawful, fraudulent, defamatory, or obscene communications, or any communications where the message or its transmission or distribution, would constitute or would encourage conduct that is a criminal offense or would give rise to civil liability. Interference or disruption includes, but is not limited to, distribution of unsolicited advertising or mass mailings, "spamming" propagation of malicious software or viruses.