|
|
info@pyc.net |
|
|
info@pyc.net |
|
Managing Your Computer Systems Are your employees aware of your company's
policies for the use of company desktop and mobile computers, software and other computer
equipment? Does your company have up-to-date records of all computer hardware, software
applications, versions and licensing agreements? Who maintains these records and how
frequently are they reviewed and updated? While computers enable us to work faster and
smarter, their widespread use also creates certain risks, including risks of security to
information and equipment and potential legal liability. Establishing clear company
policies on computer usage and keeping careful records of your hardware and software are
good business practices for ensuring your computer systems are continuously available.
These measures also help you guard the privacy and confidentiality of your company's
competitive information and the data entrusted to you by customers and employees. Company Policies and Guidelines In order to maximize the benefits and minimize the
risks associated with the use of computer networks and the Internet, every company should
establish policies and guidelines for all users. These should also be periodically
reviewed and updated to reflect changes in systems and processes. Generally, a company's computer policies address: • Use of hardware (desktops, laptops and peripherals) and software. • Access to, and use of, the Internet and
e-mail. The viewing, accessing and downloading of text,
image, video, sound and software from the Internet. If your company does not already have these
policies in place, there are many books and Internet resources that can help you develop
clear company policies and guidelines for computer usage. Make sure every employee is aware of the
importance of the company's computer policies and guidelines, and ensure all employees
comply. Systems Administrator While it is every employee's responsibility to
comply with the company's computer policies, it is important to assign the authority for
reviewing, managing, purchasing and installing new hardware and software to an appropriate
individual. As the systems administrator, this person should be the only person authorized
to: • Install or remove software, make software
changes, and add computers and peripherals to the company system. • Maintain application change controls, as
the ability to change a program is also the ability to create and alter data. Computer Records The systems administrator's responsibilities
should include maintaining log records for every computer used in the business, including
the make, year, model and serial number as well as the details of the software programs
and updates that are installed on each computer. Keeping a computer log for each computer and
regular updating this information can help your company: • Monitor all software currently used by the company, including registrations, licensing agreements and versions. • Budget for upgrading equipment and programs. • Determine if programs are no longer required and should be uninstalled. • Ensure that all computers have the same versions of communication software, virus scanner, and other tools. • Create opportunities to discuss requirements with individual employees. • Help reduce the risks by monitoring computers to ensure unauthorized games or other programs are not installed on company systems. • Maintain records of software fixes and
patches and equipment repairs or upgrades, such as installing more RAM on a computer or
replacing a keyboard or mouse. Software The installation of unauthorized programs is a particularly serious risk to your operations and systems security as they could corrupt or change data or applications. Unauthorized programs could also be a source of debilitating worms or viruses. If your system is contaminated with malicious software, your operations could be severely damaged. While an employee may think that installing a game
program is a minor violation, every violation of the company's software policy is
potentially a major risk to the company's operations. Make sure all employees understand the importance of following company procedures and approvals for the purchasing, downloading or installing and upgrading of software applications. The ready availability of many software programs over the Internet makes the downloading of trial versions of products or time-limited versions (called "crippleware") tempting and easy. However, if the software downloaded over the Internet is not properly registered, your company may be in violation of software licenses, a situation that could put your company at risk of penalties and loss of reputation. These risks, along with the risk of malicious
viruses, are just as applicable if employees install unauthorized programs that they have
brought into the office on a CD-ROM. Consider penalties for installing software that is
not procured through the company's approved procedures. Protect Your Company's Data and Computer Systems Make sure every employee is fully aware of the importance of complying with the company's policies and guidelines for using company computers. Appoint a systems administrator who is responsible for maintaining careful records of your computer systems and applications and ensuring compliance with the company's computer policies. Talk to your chartered accountant about these and other measures that can help you protect your company's data and systems.
|
|
