Draft policy for user maintained workstations

1. Goals

   The purpose of this policy is to protect a C&C workstation against unauthorized access and denial of service.

2. Expectations of C&C user maintained personal workstations

   • C&C usage guidelines for uniform access systems also apply to personal workstations.

   • Password changes.

     Passwords should be changed every XX days.

   • User accounts.

     Accounts on user workstations may not be given out to persons not affiliated with C&C.

   • Security patches.

     Security alerts should be heeded and security patches applied promptly. (need to elaborate)

   • Emergency response procedures