1. Purpose

The purpose of this Workstation Security Policy is to establish standards for the secure configuration and use of workstations within the organization. This policy aims to protect sensitive information, prevent unauthorized access, and ensure compliance with applicable laws and regulations.

2. Scope

This policy applies to all employees, contractors, consultants, temporary and other workers at the organization, including all personnel affiliated with third parties.

It covers all devices that connect to the organization's network, including:

• desktops
• laptops
• tablets
• other mobile devices.

3. Policy

3.1 General Use and Ownership

• Users must understand that any device used for business purposes is subject to monitoring and auditing.
• All workstations must be used for authorized business purposes only.
• Users are responsible for the security of their devices and the data stored on them.

3.2 Workstation Configuration

• To ensure all workstations comply with the organization's security standards, the following measures must be implemented:
  • Windows and Mac Workstations: Antivirus/antimalware software must be installed.
  • Linux Workstations: Packages must be downloaded exclusively from the official repositories of their respective distributions.
• Workstations must have the latest operating system updates and security patches installed.
• Third party applications must be regularly updated to the latest version when applicable.
• Workstations must be configured to lock automatically after a period of inactivity (15 minutes or less).