www.elpasotexas.gov - Security Monitoring Policy


Security Monitoring Policy

INFORMATION TECHNOLOGY

Mission Statement

GIS Division

Division Home
PDN Mapa

Project Office Division

Policies

Administrative
Departmental

Introduction	Security Monitoring is a method used to confide that the security practices and controls in place are being adhered to and are effective. Monitoring consists of activities such as the review of: Automated intrusion detection system logs Firewall logs User account logs Network scanning logs Application logs Data backup recovery logs Help desk logs Other log and error files.
Purpose	The purpose of the Security Monitoring Policy is to ensure that Information Resource security controls are in place, are effective, and are not being bypassed Nor abused. One of the benefits of security monitoring is the early identification of wrongdoing or new security vulnerabilities. This early identification can help to block the wrongdoing or vulnerability before harm can be done, or at least to minimize the potential impact. Other benefits include Audit Compliance, Service Level Monitoring, Performance Measuring, Limiting Liability, and Capacity Planning.
Audience	The City Of El Paso Security Monitoring Policy applies to all individuals that are responsible for the installation of new Information Resources, the operations of existing Information Resources, and individuals charged with Information Resource Security.
Security Monitoring Policy	Automated tools will provide real time notification of detected wrongdoing and vulnerability exploitation. Where possible a security baseline will be developed and the tools will report exceptions. These tools will be deployed to monitor: Internet traffic Electronic mail traffic LAN traffic, protocols, and device inventory Operating system security parameters· The following files will be checked for signs of wrongdoing and vulnerability exploitation at a frequency determined by risk: Automated intrusion detection system logs Firewall logs User account logs Network scanning logs System error logs Application logs Data backup and recovery logs Help desk trouble tickets Telephone activity – Call Detail Reports Network printer and fax logs The following checks will be performed at least monthly by assigned individuals: Password strength Unauthorized network devices Unauthorized personal web servers Unsecured sharing of devices Unauthorized modem use Operating System and Software Licenses Any security issues discovered will be reported immediately to the ISO for follow-up investigation.
Disciplinary Actions	Violation of this policy may result in disciplinary action, which may include termination for employees and temporaries; a termination of employment relations in the case of contractors or consultants; dismissal for interns and volunteers; or suspension or expulsion in the case of a student. Additionally, individuals are subject to loss of The City Of El Paso Information Resources access privileges, civil, and criminal prosecution.

| Disclaimer | Accessibility | Privacy Policy | Security Policy | Link Policy |
| Tools | Contact Us | Directions to City Hall | Employees | © 2008 City of El Paso | Webmail |