 |
||
 |
||
| This portion of the DAS eNewsCenter is for Computer Services Division customers. | ||
 |
||
|
To provide a
foundation for the security of information and services held in
the public trust by state government, the Department
of Administrative Services recently issued the following state
information technology (IT) security policies, pursuant to §125.021
of the Ohio Revised Code: |
| Statewide IT Policy is part of the IT Governance Division, formerly known as the IT Policy section of the Computer Services Division. The change was effective July 1, 2003. | • | ITP B.1 Information Security Framework - Establishes and provides a foundation on which current and future IT security policies shall be developed, governed and administrated. | ||
| • | ITP B.2 Boundary Security - Identifies guidelines for designing, implementing and deploying a robust network perimeter defense capability. | |||
| • | ITP B.3 Password and Personal Identification Number Security - Establishes minimum requirements for the selection, use and management of passwords and personal identification numbers. | |||
| • | ITP
B.4 Malicious Code Security - Defines guidelines for the implementation
and operation of a malicious code security program targeted to ensure
adequate protective measures and processes are deployed against the
introduction of malicious code. |
|||
| • | ITP
B.5 Remote Access Security - Assists in the development, implementation
and operation of security measures governing remote access to state
systems. |
|||
| • | ITP B.6 Internet Security - Establishes security requirements for the use and connectivity to the Internet. | |||
| The
state IT policies, which became effective Dec. 5, may be obtained
online at www.ohio.gov/itp.
Each policy was subject to a rigorous research, development and quality
control process. The process involved State of Ohio agency chief information
officers, industry security experts, research resources, policy analysts,
legal counsel and a collaborative inter-agency workgroup representing
25 state agencies.
Ohio IT Policy applies to all state agencies except the military department, the general assembly, the bureau of workers' compensation and institutions administered by boards of trustees. Comments, questions or inquiries may be directed to: Office
of Statewide IT Policy Telephone: (614)
644-9352 |
|||
 |
|||
 |
|||
 |
|||