This sets out the policy for custodianship of staff computers managed by the Desktop @ UCL service.
Work has been carried out by ISC (Information Strategy Committee), and its sub-committees and working groups, to strengthen and update UCL's policies regarding the security of computer systems. A key element of this work is the introduction of the concept of a "custodian" for every computer system. Custodians are responsible for ensuring both computers and data are kept secure.
This document sets out the Desktop @ UCL policy for “custodianship” of all computers that are currently managed by the Desktop @ UCL service. This policy is based on the recommendations of the UCL Computer Security Team.
The Information Strategy Committee (ISC) has produced a Code of Practice Note for appointing “custodians” for every computer connected to the UCL network. Custodians are responsible for ensuring all computers in their estate are kept secure and meet the requirements of the UCL Information Security Policy. (Details of the Code of Practice is available on the UCL’s Security Team’s website).
The Code of Practice places significant responsibility on the Head of Department or their appointed custodian for a ensuring that a lengthy list of conditions are met. Most of these relate to security of access and the management and upkeep of systems.
Custodians must ensure computers for which they are responsible for are kept secure and adhere to the UCL Information Security Policy. The following is a summarised list of actions that custodians must take to safeguard computer systems; detailed information is available in the ISC Code of Practice:
- Ensuring data is stored securely and protected against unauthorised access
- Guarding against the use of unlicensed software
- Protecting applications from misuse
- Ensuring user accounts and passwords are only issues to registered UCL staff
- Reporting any security breaches to the Computer Security Team
- Ensuring computers are kept secure with the latest operating systems and anti-virus updates
- Maintaining the administrator ("root") access and passwords for all computer systems