HostedDB - Dedicated UNIX Servers
fips191_38 FIPS PUB 191 responsible   for   implementing   and   maintaining   LAN   security   and   availability),   and   local administrators   (who   are   responsible   for   maintaining   security   in   their   part   of   the   LAN environment).  Local administrators are usually responsible for one or a subset of the servers and workstations  on  a  LAN.   These  responsibilities  were  compiled  from  [OLDE92],  [COMM91], [WACK91], and [X9F292]. An Example LAN Security Policy Purpose The information residing on the XYZ Agency local area network (LAN) is mission critical.  The size  and  complexity  of  the  LAN  within  XYZ  has  increased  and  now  processes  sensitive information.  Because of this specific security measures and procedures must be implemented to protect the information being processed on the XYZ LAN.   The XYZ LAN facilitates sharing of  information  and  programs  by  multiple  users.   This  environment  increases  security  risk  and requires   more   stringent   protection   mechanisms   than   would   be   needed   for   a   standalone microcomputer (PC) operation.   These expanding security requirements in the XYZ computing environment are recognized by this policy which addresses the use of the XYZ LAN. This policy statement has two purposes.   This first is to emphasize for all XYZ employees the importance of security in the XYZ LAN environment and their role in maintaining that security. The second is to assign specific responsibilities for the provision of data and information security, and for the security of the XYZ LAN itself. Scope All automated information assets and services that are utilized by the XYZ Agency Local Area Network  (LAN)  are  covered  by  this  policy.    It  applies  equally  to  LAN  servers,  peripheral equipment, workstations, and personal computers (PCs) within the XYZ LAN environment.  XYZ LAN resources include data, information, software, hardware, facilities, and telecommunications. The  policy  is  applicable  to  all  those  associated  with  the  XYZ  LAN,  including  all  XYZ employees, vendors, and contractors utilizing the XYZ LAN. Goals The goals of the XYZ information security program are to ensure the integrity, availability and confidentiality of data which are sufficiently complete, accurate, and timely to meet the needs 40