IT Security Policy/Procedures
1) Transmitting/Storing/Receiving of sensitive information/data should be done using direct access to the server via https://www.secure-internet.co.uk.
2) It is safe to email sensitive information internally within the same domain/organization or anther domain hosted by FieldIT as the transmission is encrypted.
3) It is NOT safe to email sensitive information/data unprotected to en external organization/domain.
4) FieldIT can enforce internal only email on individual accounts (if email is activated).
5) It is not safe to download onto a device (e.g outlook/iphone/smartphone) from an account which has been used to transmit sensitive information/data internally unless the transmission is encrypted (SSL) and the pc/laptop drive is encrypted.
6) It is recommended that all files are uploaded using the file utility via Group documents to share files between members of an organization/domain rather than email internally to reduce possibility impact of human errors.
7) If you are required to send information externally via email you should encrypt the file manually and communicate the encryption key directly to the recipient via phone (NOT email).
8) Do not use a public PC to download sensitive files or email attachments.
9) If you do not have an encrypted PC/Laptop you must always clear your “Temporary Internet files” and “Downloads” folder.
10) If you do not have an encrypted PC/Laptop, after you have finished working on a file locally you must upload the file back onto the server and remove any local copies.
11) It is recommended, but not necessary, that you have any laptops or PCs encrypted if possible.
12) You must change any default password given to you by FieldIT.
13) You must NOT use the same password for multiple accounts. Each account, especially ones with sensitive data (FieldIT) must have a unique password.