ISPOL-30-01
0 (0 Likes / 0 Dislikes)
Introduction to Information Security Policy 30,
Asset Management and Responsibilities Policy
Policy 30 outlines the high-level responsibilities,
practices, and security requirements for
the management and use of information systems and
assets. This includes requirements for asset registration,
acceptable use, and the use of mobile devices
to conduct Intel business.
Intel information systems and resources
are expected to be used primarily to conduct
Intel business, and only in accordance with this security
policy and associated security standards,
as well as corporate policies.
This policy supplements other corporate policies
and guidelines specific to mobile device programs,
handheld requirements, electronic
communication guidelines, and the avoidance
of inappropriate use. Asset registration
enables Intel information to be accessible
to Intel to help preserve the confidentiality,
integrity, and availability of the information.
Some of these assets include:
computing devices, applications or platforms,
and network equipment.
Users must protect the information they are
responsible for by enabling their devices to
receive updates in accordance with Intel Minimum Security
Specifications. They must also
take every reasonable precaution to protect their
information systems and assets,
including at least one physical and one electronic
security control. System Administrators
have additional responsibility to ensure appropriate
sanitization or disposal of unneeded systems.
Policy 30 describes Intel’s rights
as they relate to monitoring. Intel
can monitor activity and use of its systems,
information assets and resources,
subject to applicable laws and regulations.
Intel can also remove an individual’s access
to information systems and assets in
response to a violation of related policies and
expectations. Policy 30 also describes
areas of acceptable use,
providing some examples of external internet resources
and services that are not allowed, such as:
Consumer services that allow remote control,
Peer to Peer, server applications,
employee tracking or reporting, or any
app or website known to compromise security.
Connecting to Intel systems and our network
is also addressed, describing both
requirements and restrictions. These policies cover
connecting to an Intel-owned computer,
using a cellular provider’s network,
using guest internet access or dedicated subnets,
direct network connections,
and network gateways. Policy 30 mandates
that the use of mobile devices to handle Intel
information must be in accordance with the security requirements
of this policy, the requirements of Intel
IT Corporate and Personal Programs,
and corporate handheld policies for mobile devices.
This Policy pertains to all devices
connecting to the Intel network, regardless of
ownership or type. Owners of connected personal
devices agree to related security policy
requirements if those devices can receive information
from the Intel network. When the
support of a personally owned device is not provided by Intel,
the device owner is responsible for the
support and security and requirements of their device.
Some of these support responsibilities and requirements include:
Setting privacy expectations,
maintaining device registration,
monitoring and reporting security issues,
removing access when leaving Intel,
data destruction on old devices,
assisting in formal investigations,
and applying timely security updates.
In summary, Information Security Policy 30
requires Intel employees to reasonably assure
that information systems or assets operated by,
or on behalf of Intel, receive adequate
security safeguards in accordance with business requirements
and relevant laws and regulations.
This and other updated Information Security Policies,
supporting documents, and our improved policy portal
should make it easier for you to locate and understand
our corporate information security requirements.
They can be found on our corporate policy repository,
Policy Central. Visit goto/InfoSecPolicies
Policy Central to learn more or ask questions.
Thank you for your help to keep Intel secure!