Physical and Infrastructure Security

Policy

Category: Information Technology
Subject: Physical and Infrastructure Security
Division: N/A
Policy Number: CA.54.01.117
Effective Date: January 31, 2012

POLICY STATEMENT

  1. Wellington-Dufferin-Guelph Public Health (WDGPH) must take appropriate steps to ensure that physical access is available only to those individuals who require it to perform their duties.
  2. Appropriate processes and access controls must be in place to ensure that personnel, Information Technology (IT) equipment, and data are protected against physical threats.

The purpose of this Policy is to ensure that there is protection for the IT equipment against threats by natural, accidental, or man-made means.

SCOPE

This policy applies to the IT Department and all WDGPH employees who need to store/retrieve data. 

RESPONSIBILITES

The Manager/Supervisor will:

  • Review, approve and maintain appropriate access levels for all company employees to all IT installations on the site.

IT Department will:

  • Set access controls to all employee FOBs.

Employees will:

  • Respect and enforce the safeguards in place;
  • Be aware of the hazards;
  • Take positive actions to enforce access restrictions; and
  • Be responsible for all IT equipment in their possession when off-site and must be aware of what the expectations are for securing it. 

DEFINITIONS

Man-made threats – may come from people wanting access to the IT or office site to steal equipment or data or do damage for any reason.

Access control – refers to specifying the personnel who have access to specific locations and enforcing the specification.

FOB (A Frequency Operated Button) – a small electronic security token, often called a key fob. 

REFERENCES AND RELATED FORMS, POLICIES AND PROCEDURES

Corresponding Procedure:  N/A

APPROVED BY

Carole Desmeules