10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F… its.fsu.edu/Computing/Mainframe-NWRDC-Support-Services/Data-Management-and-Computer-Security-Business-Manual#6 1/13 ITS Search Information Technology Services / - Computing / Mainframe (NWRDC) Support Services / Data Management and Computer Security Business Manual Data Management and Computer Security Business Manual 1. Section 282.318, Florida Statutes 2. Chancellor's Memorandum,CM-87-001.1 3. Purpose 4. Policy 5. Scope 6. Definitions 7. Ownership, Data Management, and Accountability 8. Delegation of Responsibility 9. Data Management Data Trustee Data Steward Data Custodian Database Administrator Security Administrator Computer Operations 10. Information Systems Development 11. Resolution of Data Disputes 12. Sensitive Data 13. Critical Data 14. Risk Management 15. Risk Analysis 16. Documentation 17. Backup and Recovery 18. Incident Reporting 19. Information System Development and Acquisition 20. Online Data Access and Security Guidelines 21. Online Availability 22. Authorized Access 23. User IDs and Passwords 24. Departmental Security Coordinator 25. Departmental Security Coordinator Responsibilities Home About Us Featured Projects Service Catalog - Classroom Technology - Communications - Computing - Email - IT Security - Network - Public Safety - Software - Storage - Web Services ITS Service Desk - Departments - Employees - Students ITS Policies & Guidelines Student Technology Fee FAQs Information Technology Services QUICKLINKS
13
Embed
Data management and computer security business manual mainframe (nwrdc) support services - computing _ information technology services _ fsu - information technology services
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
This statute created the Security of Information Technology Resources Act to assure an
adequate level of security for all governmental data and information technology
resources. The Board of Regents is the agency responsible for assuring security for data
and information technology resources within the SUS.
2. Chancellor's Memorandum, CM- 87- 001.1
This Memorandum establishes minimum standards for assuring an adequate level of
security within State Universities. In addition, the State University System has published a
Standard Practice for Security of Data and Information Technology Resources.
PurposeIn compliance with requirements of the above directives and guidelines, contained herein
are the internal policies and procedures necessary to assure the security of administrative
data and information technology resources at Florida State University.
These data policies and procedures not only comply with state and SUS directives, they
are necessary because of the value the university places on its information resources.
While the university seeks to make available in a convenient electronic format all
university administrative data necessary for the efficient operation of its departments,
standards and procedures are necessary to ensure the security and integrity of the
information, and to prevent its misuse.
PolicyThe Florida State University grants routine access to administrative systems and data only
to those University and direct support organization employees who must use the specific
information in the conduct of university business. Individuals who are given access to
sensitive data have a position of special trust and as such are responsible for ensuring
the security and integrity of that data. A student may be authorized access to their own
data, or work related data when the student is also an employee of the university.
Individuals outside the university can be authorized access to university data only if that
authorization is granted by an Executive Officer of the University.
Policies contained in this Business Manual provide the foundation upon which standards
and procedures for protection of university information resources are developed.
Implementation and adherence to precise standards and procedures for electronic
information processing operations is necessary to protect university administrative
information.
ScopeThese policies and guidelines govern the management and accessibility of central
university administrative data regardless of the environment where the data resides. This
includes the central mainframe, departmental mini- computers, individual personal
computers, and data as it resides in any other media (print, microfiche, etc.).
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
Access and update capabilities/restrictions apply to all administrative data stored in the
Northwest Regional Data Center computer and on mini- and microcomputers across
campus.
Information resources used for instruction and research purposes (Academic Computing)
are exempt from the requirements of the SUS standard practice and the policies and
procedures contained herein; however, colleges, schools and departments are
responsible for establishing policies and procedures for assuring the physical and
electronic security of all information technology resources within their control. Such
policies and procedures will assure:
Reasonable and accurate equipment inventory control procedures and records aremaintained
Government owned information technology resources are used only for universityadministrative, instruction or research purposes
Security measures are taken to prevent unauthorized system access
Preventative measures are taken to reduce the risk of computer virus infections
Only authorized software is used. University policy strictly forbids software piracy and
possession or use of illegally acquired software.
DefinitionsTerms and phrases used in this policy are defined as follows:
Access Capability
Authority granted to an individual which allows viewing or manipulation of data
residing in a computer system file. Access capability is managed throughassignments of a user id and password.
Administrative Data
Any data related to the administration of Florida State University. This includesdata used by both the central administration and the administrative units of the
colleges, schools and departments.
Administrative Systems and Applications
Any computer system/application programming which supports administrative
activities of the university. This includes systems or applications supporting both
the central administration and the administrative units of the various colleges,schools and departments.
Application Security Manager
The individual designated by a data steward to coordinate the granting ofaccess/update capabilities to departmental users.
AIS Security Administrator
The individual in AIS responsible for coordinating usage of the AIS Security System.
AIS Data Administrator
The individual in AIS responsible for the coordination of the data administration
function.
Critical Information Resource
Information resources determined by University management to be essential to
the University's critical mission and function, the loss of which would have anunacceptable impact.
Data Custodian
The individual or department responsible for maintaining physical data, monitoring,
enforcing, and coordinating institutional data access policies and procedures. AISis the data custodian for central university data maintained at the NWRDC.
Database Manager
The individual in AIS responsible for logical and physical data base design services.
Data Steward
Central administrative office or academic department responsible for a specific
subset of university data.
Data Trustee
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
Information intended for use only by individuals who require that information in
the course of performing their university responsibilities, or information protected
by federal and state regulations. Requests for access to this information must beauthorized by the applicable Data Steward.
University Data Administrator
The university Budget Officer serves as the university Data Administrator and is
responsible for coordinating the release of university data to external individuals,
businesses or agencies, and university responses to official data requests.
University Information Security Manager (ISM)
The individual designated to administer the University's information resourcesecurity program in accordance with Florida Statutes and SUS/BOR directives, and
the University's internal and external point of contact for information securitymatters.
Update Capability
Access capability which allows individual to alter, add or delete data in a computer
system file.
User ID
Character string which identifies an individual to a computer system, enabling
access and/or update capabilities.
Ownership, Data Management, and AccountabilityFlorida State University retains the exclusive right and use of all computer assets,
including data. In this context, FSU is considered the legal owner of all university data.
Delegation of ResponsibilitySound business practices hold the owner of computer assets responsible for their control.
The President of FSU delegates Data Trustee responsibility to specific university
administrative officers.
The structure for university data accountability shall be as follows:
Data Trustee
Data Steward
Data Custodian
Application Security Manager
Departmental Security Coordinator
AIS Security Coordinator
AIS Database Manager
User
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
The Florida State University executive structure correlates directly with the major
categories of university data, thus the following are Data Trustees for their respective
area of responsibility:
President
Vice President for Academic Affairs and Provost
Vice President for Finance and Administration
Vice President for Student Affairs
Vice President for University Relations
Vice President for Research
Data Steward
Data Stewards are identified by a Data Trustee to manage a subset of data. The
designated Data Steward is responsible for the accuracy, privacy, and integrity of a
university data subset. All university data must have an identified Steward.
Data Trustees, Stewards and Subsets are:
Data Trustee
Data Stewards Data Subset
President
Director, Budget & Analysis University Budget Data
Institutional Research Data
VP for Academic Affairs/Provost
Director, Admissions Undergraduate Admissions Data
Director, Records & Registration Course Schedule Records
Enrollment Records
Academic Permanent Records
Student Data Base Records
Director, Financial Aid Financial Aid Awards Data
Financial Aid Applicant Records
Dean of the Faculties Faculty Promotion and Tenure Data
Faculty Recruitment and Appointment Data
Director, Professional
Development & Public Service Continuing Education Records
VP for Finance and Administration
Controller University Financial Data
Director, Personnel Faculty and Staff Personnel Data
Director, Purchasing University Purchasing Data
Director, Property Records Capital Equipment/Property Data
Director, Physical Plant Building Construction/Maintenance Data
Director, Telecommunications Telecommunications Data
Director, Business Services Parking/Business Operations Data
Director, Administrative Information Systems IS Security Data
VP for Student Affairs
Director, University Health Center Student medical records
Director, University Housing Student housing records
Director, Counseling Center Student counseling records
VP for University Relations
President, Foundation Gift Management Data
Director, Alumni Affairs Alumni records
Dir., Seminole Booster's Seminole Booster Gift/Point Data
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
Data Stewards evaluate and approve requests for access to their data subset by other
university users and outside agencies. This function may be delegated to Application
Security Managers appointed by the Data Steward.
Data Stewards determine the degree of data access (interactive query only, interactive
update, downloading of specific data) to be granted to users and assuring compliance
with access security standards as developed in support of this policy.
Data Stewards define or describe each data element within their data subset. The
creation of data element definitions must be coordinated with the AIS Data Administrator
and the applications development manager responsible for providing applications systems
support.
Data Stewards must understand the content of their data base and how its elements
functionally or logically interrelate. Stewards will maintain, document, and communicate
data definitions (dictionary) to users granted access to their departmental data subset.
Stewards provide guidance and assistance in appropriate interpretation of their data.
Data Custodian
The Data Custodian administers information resource in accordance with established
policies and procedures, but does NOT dictate usage of university data, nor determine
individual access rights to elements, records, or files contained within the data base;
however, custodians will assist in the mediation and resolution of disputes regarding data
policies/procedures.
The Data Custodian may delegate specific custodial responsibility to the following
persons:
Database Administrator
The Database Administrator (DBA) has custodial responsibility for all data
contained within their respective data base management system. The AIS DBA isresponsible for data contained within the university centralized data base
management system and related data which exists in production. DBA's also assistin the mediation and resolution of data disputes.
Security Administrator
The Security Administrator enforces and executes established standards,
procedures, and guidelines necessary to ensure security of information resourcescontaining or processing university data.
Computer Operations
Computer Operators have custodial responsibility for implementing, monitoring,and coordinating procedures necessary to control the transfer of data andscheduling of production activities by valid users.
Information Systems DevelopmentInformation Systems developers are responsible for implementing, monitoring, and
coordinating procedures for accessing all test data files used in the development of
administrative applications.
Resolution of Data DisputesAt the present time, University data resides in a variety of independent functional files.
These files are, to varying degrees, interconnected; however, AIS has not yet
implemented a centralized relational data base environment. As a result, it is possible
that a data element could exist in more than one data category. In this case, a data
element could be claimed by or considered to have more than one Data Trustee.
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
It is anticipated that on occasion it may be necessary to resolve data control or access
issues when the affected Data Stewards do not agree as to how the data should be
used. If this occurs, the Data Custodian represented by the AIS Data Administrator shall
convene a meeting of the appropriate Data Stewards and/or Trustees to resolve the
dispute.
AIS is formulating plans that call for data migration to relational data base technology.
The advantage of a centrally managed relational data base is improved data integration,
which reduces data redundancy and permits more effective and efficient management
reporting and analysis.
Sensitive DataSensitive information is confidential by law and requires protection from unauthorized
access by virtue of its legal exemption from the Public Records Act. Much of the data
collected and managed at FSU is sensitive or confidential. AIS security procedures ensure
that computer files, whether on-line or batch, are accessed only by authorized personnel
as required in the performance of their duties.
In the case of computer generated reports or other hard-copy documents that contain
sensitive data, users must develop procedures to provide an auditable chain of custody.
Computer data or documents classified as sensitive are:
All student related data and records EXCEPT:
Name
Date of birth
Major field of study
Permanent address
Telephone listing
Classification
Participating in official university activities and sports
Weight and height of members of athletic teams
Dates of attendance at the university
Degrees, honors and awards received
The most previous educational institution attended
Employee Evaluations
Information security management/data access control documentation and records
Printouts containing sensitive data that identifies a student or employee must be
delivered/picked-up in person by a departmental representative. Such materials are not
sent via campus mail. All employees handling sensitive data must read and sign a
statement regarding the privacy issues of sensitive data.
Extreme care must be exercised in the disposition of printed materials containing sensitive
data. Sensitive data must not be released to persons not affiliated with FSU. In areas
where large volumes of such data is managed, paper shredding is the most appropriate
method of disposal.
Critical DataThe SUS defines critical information as the data that is critical to the mission and function
of the university, the loss of which would have an unacceptable impact. The four data
applications determined by the SUS to be critical are:
Personnel, payroll, and budget records,
Student records,
Financial Aid records, and
Finance and accounting records
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
Risk ManagementRisks to critical and sensitive administrative information resources must be managed. Such
risks may relate to the physical security of computer and communications systems, the
integrity of data maintained or transmitted within those systems, as well as to the
stability and reliability of the associated application. Absolute security which assures
protection against all potential threats is unachievable; therefore, a means of weighing
possible loses which could occur, against the cost of mitigating controls, is required. This
weighing of potential risks verses control costs involves use of a systematic risk analysis
methodology for evaluating vulnerabilities and threats to information resources. Risk
analysis is the basis for risk management; i.e., assumption of risks and potential losses,
or selection and implementation of cost effective controls and safe guards to reduce risks
to an acceptable level.
The SUS Board of Regents provides an approved risk analysis program and methodology
for accomplishing the assessment of risk to university administrative information
resources.
Risk AnalysisThe University Information Security Manager (ISM) periodically performs a risk analysis of
all critical and sensitive central university systems and data. Data custodians who operate
and maintain other administrative information resources (i.e., not resident at NWRDC or
within the data custodial control of AIS), which process critical or sensitive information,
must periodically perform the risk analysis for those information resources. Risk Analysis
and security measures apply to administrative systems developed and/or maintained by
university departments, as well as those acquired from or maintained by an outside
vendors.
DocumentationThe security risk to University data is also related to the stability and reliability of the
associated administrative systems and applications, which in turn, is related to the quality
and accessibility of the technical documentation of those systems and applications. The
level of detail required within such documentation is a function of the size, complexity and
criticality of the system/application. System/application documentation should be viewed
as "work in progress" and evolutionary, and thus must be constantly revised and updated
through out the life cycle of the system/application. In keeping with paperwork reduction
objectives, and to facilitate documentation currency, it is desirable that administrative
system/application documentation, to the maximum degree possible, be maintained on-
line. Although no specific format can address all cases, documentation of critical and
sensitive administrative systems and applications should, as a minimum, include:
Business case/analysis, or process description,
System description/design/architecture,
Data/database design and dictionary,
Programming logic/programmer notes, and
Operational procedures/help
Backup and RecoveryIt is prudent to prepare for potential loss of critical information resources and processing
capabilities. Plans to recover from such losses may range from routine backing up of data
and software, to comprehensive disaster recovery and business resumption exercises.
NWRDC, in conjunction with AIS provides for data and software back-up and recovery of
critical central university administrative systems which reside at NWRDC. The data
custodian of critical data which does not reside at the NWRDC is responsible for providing
appropriate back-up and recovery for the associated information resources.
In either case, the security control of back-up resources/data must be equivalent to the
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
Incident ReportingAnalysis of trends and types of security incidents and breaches is important to the
integrity of University data management and computer security. All security incidents and
breaches must be reported to data custodians for investigation and analysis.
Information System Development and AcquisitionAdding security controls after a system is operational is normally more expensive and less
effective than when security requirements are considered in the initial system design. As
such, systems development/acquisition decisions must include consideration of security
requirements during each phase of the development/acquisition process.
Online Data Access and Security GuidelinesSpecific Federal, State and university regulations, guidelines, policies and procedures
govern the access and distribution of student, employee and other institutional data.
Such data may not be released to any outside individual or organization without the
explicit knowledge and approval of the University Data Administrator. As mandated by the
Board of Regents (BOR), the University Data Administrator is the custodian of all official
university data.
Online AvailabilityFlorida State University's On-line Administrative Systems (CICS and SAMAS) are generally
available between 8:00 a.m. and 6:00 a.m. seven days per week.
(NOTE: Every effort will be made to keep on-line files available, however, nightly batch
processing and file updating MUST take precedence. Files taken down for batch processing will
be brought up for on-line access when batch processing has been completed.)
Authorized AccessEmployees are authorized access to university data only to fulfill their job responsibilities.
The Federal Privacy Act prohibits releasing information about any student to unauthorized
persons without the written consent of that student.
Board of Regents and university regulations prohibit release of any university data to
unauthorized persons without proper approval.
(NOTE: If you have access to institutional data, you are prohibited from divulging such data to
anyone unless they are also authorized to use it. You should exercise extreme caution in
releasing data to any individual or organization.)
User IDs and PasswordsEach employee must have a unique user ID. For central university administrative systems
user IDs are assigned by AIS. Each user also chooses their own system and application
passwords. Passwords can be 4 to 7 alpha-numeric characters and must be kept
confidential and protected at all times.
(NOTE: Initial passwords are the same as the user ID. The system will force a new password
entry the first time a user signs on.)
User IDs and passwords cannot be shared or reused, and passwords must be changed
every 90 days or the system will force such a change.
Users should sign-off of their terminal when leaving it unattended for an extended period
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
When an employee transfers from one department to another, they carry their User ID
with them. However, their "old" DSC should request the AIS Security Manager to
deactivate their old file access and their "new" DSC should request the AIS Security
Manager to activate their new file access. AIS will update the employee's security records
to reflect a change in departments and DSCs.
When an employee leaves the university, their user-id will be deactivated but maintained
in the security system for historical and audit purposes. User-ids can not be reused by
another employee.
(NOTE: Please refer to the University Data Management and Security System Procedures
Manual for specific instructions on employee transfers, terminations, or application access
changes.)
Departmental Security CoordinatorEach department or major organizational unit must have a designated Departmental
Security Coordinator (DSC). The function of the DSC is to communicate and coordinate
access to administrative systems for employees in their department as follows:
To request new user-ids or authorization for departmental employees to access On-line
Administrative Systems files, the DSC should complete and sign the Request for On-line
user-id and Administrative System Access form and mail to AIS.
Authorized file access can be granted only by the appropriate Application Security
Manager (ASM). Each ASM will contact the DSC to discuss specific access and update
authority to be granted users.
(NOTE: Please refer to University Data Management and Security System Procedures Manual
for instructions on how to obtain user- ids and gain access to administrative applications.)
Departmental Security Coordinator ResponsibilitiesDepartmental Security Coordinators are responsible for:
Teaching new employees the basics of terminal usage--signing on, changing
passwords, locating keys. etc.
Instructing new employees regarding data access, security and confidentiality andhaving them review the University Data Access and Security Business Manual.
Impressing upon all users, new and existing, the necessity for preservingconfidentiality of university data.
Ensuring users periodically change their passwords. Especially, should they suspect
someone else knows it.
Encouraging users to sign-off their terminal anytime they leave it unattended.
Maintaining current records of their department's terminal users via the AIS AccessForm.
Developing and documenting specific criteria to be used in determining access levelsand update authority.
Collecting appropriate data from the user to determine the access level and updateauthority to be granted.
Granting access to university data to departmental users by updating the AIS
Security System to explicitly grant update, or view only access.
Monitoring a comprehensive list of users and their individual access privilegesprovided by AIS.
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
Ensuring compliance with all Federal, State and University regulations regardingsecurity of computer files.
Approving and establishing user-ids, which define the user to the AIS Security
System and forwarding the Access Form to the appropriate ASM(s).
Providing monthly, each DSC a current list of all user-ids in their departmentidentifying the files each users can access and/or update.
Online Administrative Information SystemsAccess to the university's online administrative systems is accomplished by logging on to
the Northwest Regional Data Center (NWRDC) and CICS. All administrative applications
have been converted to the FSU CICS region (selection '1' on the NWRDC main menu).
Other access which specific users may require includes:
SAMAS (the State Automated Management Accounting System);
TSO (where applications such as computer based training, FOCUS, and SAS reside).
Following is a short description of many of the specific applications which may be accessed
via the on-line administrative system master menu (FSMM). (A complete list of these may
also be found by pressing the HELP key [PF1] on the AIS FSMM screen.)
Student Academic
This set of applications provides access to such student-oriented files as theStudent Data Base, Admissions File, Stop File, Electronic Transcript Transfer,
University Catalog, Course Schedule File, Enrollment File, Withdrawal, AcademicPermanent Records and Test Scores.
Student Affairs
Contains applications supporting the Housing Office, University Health andCounseling Centers (both highly restricted) and the Orientation Office.
Student Financial
Provides access to the University Cashiering System. The Cashiering System is thecentral collection point for departmental deposits, student fees, student loans andother financial functions.
Financial Aid
Provides information related to a student's application for financial aid andsubsequent data collection, processing, packaging and aid awards.
Personnel/Payroll
Provides information related to university employees, class codes, applicants andpayroll processing.
Auxiliary Systems
Provides access to various applications such as the Seminole ACCESS Crossover
File, listings of Departmental Representatives, and on-line Telecommunicationsapplications.
Finance & Accounting
(Currently being developed)
Addresses
Contains various addresses such as local, permanent, university PO-box and
emergency contact for current and former students.
University Support
Provides information related to support applications such as the ProductionCalendar, Security, Project Management System (ProMIS) and DataShare.
Batch Job SecurityAuthority to execute batch jobs at the NWRDC is granted to FSU employees who have a
demonstrable need for such authority. Each person who is authorized to execute batch
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…
jobs to access FSU data sets is required to have a personal account number (logon-ID)
assigned by the AIS Security Manager. Logon-IDs are organized into various Security
Groups and defined to the ACF/2 security system at NWRDC. Requests for authority to
submit batch jobs should be submitted to the AIS Security Manager for approval and the
assignment of the logon-ID, security group and access privileges.
Data Access and AccountabilityDatashare System Access
The DataShare system gives authorized users access to a wide range of student data
which can be downloaded to departmental microcomputers for use in local (non-AIS
supported) data bases. Users of this system must submit a DataShare request form to
the University Registrar, and read the Registrar's Guidelines for Confidentiality and
Release of Student Records.
Access to sensitive student data downloaded via the DataShare system is restricted to
personnel requiring the data to perform their duties at the university. DataShare data
must be used solely for the legitimate business of the university.
Individual users are responsible for storing data under secure conditions, making every
reasonable effort to ensure data privacy, and not divulging user-ids or passwords.
Centrally-managed university files are the official data of the university and downloaded
files represent only a snapshot of this data at a given point in time. Users of DataShare
files agree not to circumvent nor delay the normal updating of centrally-managed
university files. Furthermore, individual users of DataShare files agree to periodic audits of
their local downloaded data by appropriate Application Security Managers or the AIS
Security Manager.
User Accountability
The individual faculty and staff, regardless of the means of accessing the data, is the
critical link in ensuring the integrity and security of University data. Ultimately, only the
user can prevent unauthorized access and ensure responsible use of University data.
Administrative and judicial penalties may be imposed for illegal or unauthorized
modification, destruction, disclosure or use of University data.
Unauthorized access may relate to any of the following:
Hard copy reports issued by various administrative offices.
Interactive terminal access to the NWRDC.
Data downloaded and accessed from a college/departmental computer.
Data downloaded and accessed from a user's individual personal computer.
Microcomputers
Magnetic Media
Magnetic media, including diskettes, fixed disks, and tapes are subject to corruption. The
information on these media are recorded by the application of magnetic fields, and are
subject to disruption by other magnetic influences. These media must be kept in a place
that will diminish the possibility of magnetic interference.
Deliberately Destructive Software (Viruses)
The usage of externally acquired diskettes or the downloading of files from remote sites is
accompanied by the real possibility of permitting viruses to be introduced to your system.
These viruses are potentially destructive to your system and are likely to destroy your
10/23/13 Data Management and Computer Security Business Manual / Mainframe (NWRDC) Support Services / - Computing / Information Technology Services / F…