Document Category: 4500 - Security - Computer and Operations Management
Security policy subcategory
| Categories | Title | Summary | Link | hf:doc_categories | hf:doc_tags |
|---|---|---|---|---|---|
| 4500 - Security - Computer and Operations Management, Policies | P4550 – Mobile Device Management | ITA Policy P4550 ensures mobile device use does not compromise state information security, defining minimum security requirements for all devices. | 4500-security ita-policies | management mobile-device policy security | |
| 4500 - Security - Computer and Operations Management, Policies | P4501 – Least Privilege and Least Functionality | ITA Policy P4501 mandates the principles of least privilege and least functionality, minimizing vulnerabilities to information and assets. | 4500-security ita-policies | least-functionality least-privilege policy security | |
| 4500 - Security - Computer and Operations Management, Policies | P4570 – Firewall Security | ITA Policy P4570 defines security requirements for state agency firewalls, ensuring secure network communications and restricted access. | 4500-security ita-policies | firewall policy security | |
| 4500 - Security - Computer and Operations Management, Policies | P4502 – Privilege Access Management | ITA Policy P4502 mandates the use of multifactor authentication for privileged accounts to reduce the risk of compromise to agency information and assets. | 4500-security ita-policies | managed-access mfa policy privileged-accounts security | |
| 4500 - Security - Computer and Operations Management, Policies | P4590 – Cybersecurity Incident and Breach Response Management and Reporting | ITA Policy P4590 mandates the establishment of an incident response program within state agencies, ensuring timely reporting and management of cybersecurity incidents and breaches. | 4500-security ita-policies | breach cybersecurity incident policy reporting security | |
| 4500 - Security - Computer and Operations Management, Policies | P4503 – Identity and Access Management | ITA Policy P4503 mandates identity and access management practices to protect state agency assets with best practice authentication standards. | 4500-security ita-policies | authentication identity managed-access security | |
| 4500 - Security - Computer and Operations Management, Policies | P4505 – Cybersecurity Awareness Training | ITA Policy P4505 mandates cybersecurity awareness training for all state agency personnel, ensuring they understand and mitigate cybersecurity risks. | 4500-security ita-policies | cybersecurity policy security training | |
| 4500 - Security - Computer and Operations Management, Policies | P4520 – Patching and Vulnerability Management | ITA Policy P4520 establishes guidelines for managing IT vulnerabilities, ensuring timely deployment of patches to prevent exploitation. | 4500-security ita-policies | patching policy security vulnerability-management | |
| 4500 - Security - Computer and Operations Management, Policies | P4530 – Cleansing Data from Surplus Computer Equipment | ITA Policy P4530 defines requirements for data removal from surplus computer equipment, ensuring sensitive information is unrecoverable. | 4500-security ita-policies | data-cleansing devices policy security | |
| 4500 - Security - Computer and Operations Management, Policies | P4540 – Wireless Security for State Local Area Network | ITA Policy P4540 defines security requirements for state agency wireless networks, ensuring secure communications and restricted access. | 4500-security ita-policies | lan network security wireless |