Welcome Guest to Computer System Consulting!

IT Security

Information about our IT security policies and best practices.

Security Policies

Our IT security policies are designed to protect our systems, data, and users from security threats. All employees are required to follow these policies to maintain a secure IT environment.

Key Security Policies

  • Passwords must be at least 12 characters long
  • Passwords must include uppercase letters, lowercase letters, numbers, and special characters
  • Passwords must be changed every 90 days
  • Previous 10 passwords cannot be reused
  • Multi-factor authentication is required for all administrative accounts
  • Password managers are recommended for generating and storing complex passwords

  • Sensitive data must be encrypted at rest and in transit
  • Data must be classified according to sensitivity levels
  • Access to data must be granted on a need-to-know basis
  • Regular data backups must be performed and tested
  • Data retention policies must be followed
  • Data must be securely deleted when no longer needed

  • Access to systems and data must be granted based on the principle of least privilege
  • All access must be authenticated and authorized
  • Access rights must be reviewed quarterly
  • Access must be revoked immediately when no longer needed
  • Privileged access must be logged and monitored
  • Remote access must use secure methods (VPN, SSH)

  • All security incidents must be reported immediately
  • The incident response team must be activated for significant incidents
  • Incidents must be documented and analyzed
  • Lessons learned must be incorporated into security practices
  • Regular incident response drills must be conducted
  • Legal and regulatory requirements for incident reporting must be followed

Security Best Practices

For All Users
  • Keep your computer and devices updated with the latest security patches
  • Use strong, unique passwords for all accounts
  • Enable multi-factor authentication whenever possible
  • Be cautious of phishing emails and suspicious links
  • Lock your computer when away from your desk
  • Report suspicious activities or security incidents immediately
  • Only use approved software and applications
  • Encrypt sensitive data before transmitting
  • Regularly back up important data
  • Follow clean desk policy for sensitive documents
For Remote Workers
  • Use the company VPN for accessing internal resources
  • Secure your home network with strong encryption (WPA3 if possible)
  • Keep work and personal activities separate
  • Be extra vigilant about physical security of devices
  • Avoid using public Wi-Fi for work activities
  • Use company-approved collaboration tools

Security Alerts

Phishing Campaign Alert

There is an ongoing phishing campaign targeting our organization. Emails appear to come from IT support asking for password verification.

Action: Do not click links or provide credentials. Report suspicious emails immediately.

Posted: May 12, 2025

Software Update Required

Critical security updates are available for Microsoft Office. Please update as soon as possible.

Posted: May 10, 2025

Security Resources

Security Contacts

Security Team:
Email: [email protected]
Phone: (555) 123-4567

Report Security Incidents:
Email: [email protected]
Phone: (555) 987-6543 (24/7)

Report Suspicious Emails:
Forward to: [email protected]

cm cm