I wonder if anyone out there might be willing to share their policy documents with the class and also any good ideas with regards to how to write and enforce a sound data protection and acceptable use strategy.
Please be aware, that the best bits may well be 'borrowed'...
Don't forget a disaster recovery policy! Ours highlights what the threats are to the network (staff/terrorism/acts of god), how we protect against those threats (locking server room, backups, security n the computers, UPS's), and what we will do if the network goes down.
With regard to data protection, consider endpoint security. Here we use DeviceLock as it whitelists our school USB devices and blocks all personal mobile phones, memory sticks, cameras... We had to consider that not all students have permission to be photographed. So we don't want photos of children getting taken home onto staffs personal computers accidentally. Also personal memory sticks often aren't encrypted.
There are currently 1 users browsing this thread. (0 members and 1 guests)