|
|
Network Security Policy
The school network is a valuable resource
that is freely available to all pupils and staff from all
computers situated throughout the school. Due to the wide variety
of uses by well over a thousand users, a number of precautions
have to be taken to help ensure that the system is kept available
and in full working order:
Supervised Use
- The use of the network should be
supervised as closely as is reasonably possible during
timetabled lessons. It should be realized however, that
all users do have access to the network at other times
and with very little supervision beyond the restrictions
outlined below.
- IT staff can view a computer screen
at any time from anywhere on the school network without
the user knowing about it.
- Normal classroom rules apply, and
prohibitions such as eating, drinking, grooming and
spraying aerosols are strictly reinforced due to the
serious damage that may be caused to the equipment.
Privacy
- Computer (file) storage areas will be
treated as school property.
- IT staff may look at files and
communications to insure that the system is being used
responsibly. Users should not expect that their work and emails
would always be private.
- Users should also be aware that a member
of the IT staff can view any computer screen at any time from
anywhere on the school network without them knowing about it. This will be done
only for security reasons or to provide 'hands-on' remote support.
User Access
- Access to the school network is
available from any network station during the normal
school day. Please leave everything switched on as various admin and
security tasks will be taking place whilst not in normal use and machines
will also go into sleep mode after a short period of time. Stations in classrooms and
pupil work areas are turned
off automatically at the end of the day - usually 5pm. Staff area a
little later at 6pm.
Prior arrangements must be made for access during school
vacations when the network may be unavailable due to maintenance work.
- All users are required to log on with
their own personal username, which will remain with them
throughout their time at this school.
- All users have their own password to
allow them to log on, which should not be made available
to anyone else.
- Passwords are set to expire and
changes are automatically enforced once a term.
- Passwords are restricted to at least
six characters and may not be reused for some time.
- The repeatedly incorrect entry of a
password will result in the user being locked out until
reset by an administrator.
- User areas left logged-on and
unattended are protected by a screen-saver password.
- Accounts not used within a full
academic year may be deleted, including all work saved.
- All network system and administration passwords are recorded and kept in
a secure place.
File Security
- All users have their own area for
storing their work on the network server hard disk (the
"my work" folder). This means that they can
access their work from any network station.
- To reduce the chances of the server
hard disk filling up and crashing the whole network, the
amount of disk space for each user is limited to normally
2-3 MB. Overflowing this limit will cause the user to be
locked out until sufficient files have been deleted or
moved to a floppy disk.
- Users do not have access to station
and network drives nor are they able to alter or save
files outside their own area (except in the authorized
shared topic areas).
- Precautions are taken to reduce the
chances of infection by computer viruses via the Internet,
email, or floppy disk. The antivirus software, which is
installed on all school network stations and servers, is
updated every day.
- Network stations cannot be booted up
from a floppy disk left in the disk drive.
- An automatic daily search is made for
any executable program and zip files stored in user areas.
These are automatically logged against the user then
deleted.
- The system performs an automatic
backup of each server hard disk to tape every night. A
different tape is used for each night and then reused the
following week. Occasional backup tapes taken at key
points (end-of-term, pre-upgrades, etc) are kept in the
school safe for longer periods of time before reuse.
- Pupils should also be encouraged to
perform backups of their own files on their own floppy
disks.
- Station backups are not required. A
faulty station can be quickly rebuilt with all the
necessary software via files stored centrally on the
server.
- The network servers are located within
an office within a computer room. This office is kept
locked when not under direct supervision.
Software Inventory
- An inventory is maintained
containing a record for each item of software that is
available for use on the network and the number of
licences held.
- Licences and invoices must be sent to
the IT department for filing in case proof of ownership
is required.
Access to Software
- All users receive desktop icons and
start-menu-shortcuts to all the main application programs
and common utilities.
- Users are guided onto the network via
program sets for each of the curriculum
subjects. Shortcuts/icons
are provided to programs that are relevant to the study of each
subject as well as any shared documents provided by the
subject teachers. Pupils have read-only access to these
shared documents but may copy them for their own use.
- Users can only access software and
other resources as made available to them by the administrator. For
example, pupils do not have access to staff programs and shared documents. Access to certain resources
such as Internet software may also be removed for certain
network users, where found to be necessary.
- Sites visited on the Internet are filtered - see our
Internet Security
Policy below.
Access to Printers
- To encourage good management and
reduce wastage of ink and paper, the number of pages for
each user is currently limited and is
reinstated each week. Attempts to print beyond this
credit limit are automatically denied by the system.
Users may ask for more credits on production of the
evidence or wait until the following week.
Hardware Security
- An inventory is maintained of all
equipment together with make, model, serial number, date
of purchase and location.
- Rooms with computers should be locked overnight.
- Keys to computer rooms are
recorded and monitored.
- All external visitors are required to
report to the office and wear identification at all times.
- All computer rooms and corridors are
monitored by the school alarm system after school hours.
- All major items are security marked to
identify them as the property of the school.
- Mouse balls are sealed permanently to
prevent tampering. Mice and headphones are security
tagged to the computer in order to discourage their
removal.
Electrical Safety
- All equipment attached to the main
electrical supply is safety tested annually.
- A fully isolated mains switch is
provided in all main computer rooms and staff should
ensure that they know where it is.
- The servers operate from an
Uninterruptable Power Supply (UPS) to protect against
power surges and blackouts.
Fire Precautions
- Waste material should be frequently
removed from the computer areas.
- A carbon dioxide (CO2) fire
extinguisher is required in all main computer rooms and
staff should ensure that they know where it is and how to
use it.
Internet Security
The Internet is a valuable resource that is
freely available to all pupils and staff on all our school
network stations. Due to the "unsuitable" nature of
some material on the Internet and the possible misuse of email, a
number of precautions have to be taken to help ensure that the
system is used responsibly:
The use of the Internet will be supervised
as closely as is reasonably possible during timetabled lessons.
It should be realized however, that users do have access to the
Internet at other times and with very little supervision beyond
the restrictions outlined below. IT staff can view a computer
screen at any time from anywhere on the school network without
the user knowing about it.
- The Internet may be accessed on all network stations at all times.
- Individual department websites contain links to sites that are relevant to the study of
that subject and which have been selected by the teachers
of that subject.
- The school cannot be held responsible for the contents of any external
websites including those visited via links on sites recommended by school
staff.
- The search engines that are provided
as links on our web pages are only those that make an
effort to prevent the inclusion of links to "unsuitable"
sites in the listed results of any searches made.
- Access to many, if not most sites
considered to contain "unsuitable" material is
prevented by a filtering system provided by Oxfordshire County Council.
As new sites of this nature come online and come to the attention of staff they
can be filtered immediately.
- Access is prevented to most web-based email servers (Hotmail), "hacking"
sites, and executable files.
- Chatlines are not considered to be a suitable use of a busy school
network system nor of anyone’s time in school.
- All staff and pupils have their own
personal email address, which will not be made available
to anyone outside of the school except by the individual
themselves.
- Emails are also restricted by size to reduce
the possibility of "unsuitable" material being
received or sent by attachment.
- Precautions are taken to reduce the
chances of infection by computer viruses via the Internet
or email, which may then be inadvertently taken or sent home. The antivirus software, which is installed
on all school network stations, is continuously updated.
- Users found searching for "unsuitable"
material or sending offensive email messages will have
their access denied and further action taken
depending on the nature of the offence. Repeated abuse of
the facilities will result in further and more serious
action being taken.
|
Didcot
Girls' School
