IT Infrastructure & Policy-PLL

Views:
 
Category: Education
     
 

Presentation Description

my school home wark

Comments

Presentation Transcript

PowerPoint Presentation:

June, 2011 IT INFRASTRUCTURE AT PUNJ LLOYD

PowerPoint Presentation:

Agenda Objective Scope IT Infrastructure Software, Hardware and Network Detail IT Support Information Security Policy IT Infrastructure

PowerPoint Presentation:

Objective The objective of the session is to have an awareness and a better understanding of the IT Infrastructure and Information Security Policy among Punj Lloyd users. IT Infrastructure

PowerPoint Presentation:

Scope It applies to all employees, contractors, consultants and temporary staff at PLL Group. All are expected to be familiar with Infrastructure setup and comply with the Information Security Policies . IT Infrastructure

PowerPoint Presentation:

LAN in 1982 WAN set-up in 1995. ERP implementation in Jan, 1997 Infrastructure Setup at PLL - History IT Infrastructure

PowerPoint Presentation:

IT Infrastructure - Snapshot IT Infrastructure

PowerPoint Presentation:

WAN Connectivity IT Infrastructure

IT Infrastructure Controls:

IT Infrastructure Controls Well defined IT and Information Security Policy Enterprise Security Solution deployed for Anti Virus & Web Content filtering Highly secure encrypted connectivity between Project offices over VPN. VSAT connectivity for various project offices Dedicated staff for regular monitoring and audit for IT Controls IT Infrastructure

PowerPoint Presentation:

Network Connectivity At Site Offices MIDDLE EAST – INTERNATIONAL INTERNET Delhi Internal network Checkpoint Express Head Quarters WLL LINKS 1 MBPS 48 PORT switch DLINK INTERNET SECURITY FIREWALL Network USERS VSAT links are used to connect out locations. There are 10 DAMA and 30 TDMA locations connected to HO. OFC Link between Corporate office at Gurgaon and Nehru Place 9 Mbps Internet link at Gurgaon corporate office All Mobile users can access their Mails and Oracle Apps. via Web. VOIP connectivity. IT Infrastructure

PowerPoint Presentation:

Office Automation MS Office 2003 Open Office 3.0, 3.1 Lotus Smart Suite ver 9.6 Adobe Acrobat Backup and Disaster Recovery Arcserver V11 Project Management Primavera Enterprise ver 2.0B and 3e Anti Spam Mail s/w Ironport Software IT Infrastructure Proxy ISA Messaging Lotus Notes R7 Server Lotus Notes R7 clients Firewall Checkpoint Anti Virus McAfee 4.0.3 Trend Scan Mail ver 2.5 URL Filtering Super Scout ver 3.0.3.1from Surf Control

PowerPoint Presentation:

ERP Oracle Apps 11.5.10.2 (11i) Database Oracle 10g Oracle Forms Developer Oracle Reports Developer Bandwidth Monitoring MRTG Software… Cont IT Infrastructure

PowerPoint Presentation:

Oracle ERP Module Financial Management Accounts Payables, General Ledger, Fixed Asset, Account Receivables, Cash Management Material Management PO Module, Inventory Module Equipment Management Enterprise Asset Management HR Management Core HR, Self Service Project Management Oracle Project Accounting IT Infrastructure

Software Policy:

Software Policy Software Procurement would be through IT Department Only authorised and licensed software's are allowed PLL has global contract for all the licenses Dedicated staff to monitor the s/w compliance Usage of Software Assessment Tool. All unauthorised software will be purged from the hardware. Encouraging usage of Openoffice IT Infrastructure

PowerPoint Presentation:

AutoCAD 2002, 2005, 2006, 2007 STAAD Pro 2006 PDMS - Plant Design Software ver 11.5 Pipenet - Fire fighting system design Software Tank ver 2.20 – Tank Design Software as per API 650 PVElite – Pressure Vessel Design software ETAP – Electrical Design Software Ceaser II Off – Pipe I- Sketch Engineering Software IT Infrastructure

PowerPoint Presentation:

Desktops – (PIV of HP, IBM, Compaq) Laptops – (Toshiba, HP, Sony) Servers – (IBM, Sun, HP) Routers – (Cisco 2500 and 2600 series) Plotters - ( HP A0 Size) Scanners - ( Bell & Howel, HP, Toshiba, Cannon ) Printers - ( HP, Canon, Toshiba, A3, A4, DTNs ) UPS - ( ranging from 3 KVa to 60 KVa ) Hardware IT Infrastructure

Hardware Policy:

Hardware Policy All Hardware procured is standardised across PLL Group. All DT / LT procured would be retained for the period of 4 Years. Global tie-up with HP for the hardware procurement. IT Infrastructure

PowerPoint Presentation:

Skilled IT professional at both PLL and Site locations. ERP footprint deployed at all major sites. Central management of all software licenses. All Employees are provided access to Mailing System. Effective use of File Server for the department/ project team . Must check for mails issued from ITDesk@punjlloyd.com All PLL’s resources, information and data must be used for business purposes. PLL FTP Server available for sharing information across site locations. Logging a call with helpdesk ( hdesk@punjlloyd.com ) for any IT related issues. Established escalation matrices. Report Security Incident at SIRT@punjlloyd.com . IT Support At PLL & Project Sites IT Infrastructure

PowerPoint Presentation:

Information Security Policy Why is it important to me ? You are the critical link in protecting the PLL information assets You must understand the importance and criticality of protecting the information You determine how effective is the Information Security IT Infrastructure

The CIA Triad :

The CIA Triad Confidentiality : To prevent unauthorized disclosure of information stored or processed on PLL’s information systems Examples include: Protecting operational data IT Infrastructure

PowerPoint Presentation:

Integrity : To prevent accidental or unauthorized/deliberate alteration of information. Examples include: Ensuring that the sensitive data isn’t modified by an unauthorized party IT Infrastructure

PowerPoint Presentation:

Availability : To prevent accidental or unauthorized/deliberate destruction or deletion of information necessary to PLL’s operations on a 24X7 basis. It relates to ensuring that data is accessible. Examples include: Ensuring that critical servers are available to customers IT Infrastructure

What could happen :

What could happen Internal Incidents Survey Results Viruses/malicious code Infection Installation/use of unauthorized software Fraud Improper Internet Usage (porn surfing, e-mail harassment) Abuse of computer access controls Installation/use of unauthorized hardware Illegal Use of company computing resources (gambling, managing personal e-commerce site, online investing) Physical theft/sabotage (intentional destruction of computing equipment) Electronic theft/sabotage (intentional destruction/disclosure of proprietary data or information) IT Infrastructure

What can you do ?:

Must read IT & Information Security Policy hosted in Intranet Seek and clarify your contribution to PLL’s security standards As an employee, respect PLL's information assets, resources Protect sensitive information Not accept norms that conflict with PLL values and beliefs What can you do ? IT Infrastructure

What you cannot do ?:

What you cannot do ? Actively study information one has gained access to by mistake. Spread information that can in some way hurt others/ business. Make private statements or publish private material in the name of Punj Lloyd. Work in any way, non-compliant with the Values of the Organization. If you are unsure REPORT IT IT Infrastructure

Key areas to focus:

Some other Best Practices Management directives Key areas to focus User id & password Email Usage Laptop/Desktop Security Computer Media Internet Usage Backup IT Infrastructure

The User ids are unique to each employee and it will be the responsibility of every employee to maintain the confidentiality of his / her user id and password Shared user id’s should be brought to the notice of HOD and have the same recorded with ISD :

The User ids are unique to each employee and it will be the responsibility of every employee to maintain the confidentiality of his / her user id and password Shared user id’s should be brought to the notice of HOD and have the same recorded with ISD Do’s Change your passwords frequently (at least once in 45 days). Change your password(s) promptly that has been compromised or suspected of being compromised. Create complex log-in passwords using both alphanumeric and special characters Don'ts Share or disclose your passwords Write down your passwords Use any password saving features User ID and Password IT Infrastructure

Email Usage:

Do’s Use the e-mail for official purposes only Be careful what you say in an email. It can and will be forwarded. Be careful when replying to mailing list messages, or to messages sent to many recipients. PLL can review email boxes without prior consent of employee. Email Usage Don'ts Transmit or store offensive maternal. Transmit information assets of PLL to unofficial mails id’s Forward chain mails or any mails that are non value add to the organization. Also reply mail with attachment received Use the email for sending attachments larger than 5 MB’s Use secondary email engines (Yahoo Mail, AOL, Hotmail etc) for official purposes IT Infrastructure

PowerPoint Presentation:

IT Infrastructure

PowerPoint Presentation:

Do’s Ensure that your machines have complex ‘login' password Make sure that you install only legally licensed software on your PC or laptop issued by ISD Data that needs to be shared should be transferred to the designated shared folder's on the file server Laptop/Desktop Security Don'ts Share folders or disk drives Download or install freeware, shareware or any other such software or application Leave your laptop unattended IT Infrastructure

PowerPoint Presentation:

Do’s Store media that contains sensitive or confidential information in a safe and secure environment Erase the contents of any re-usable media by reformatting or deleting before handing over to the third party or vendor Computer Media Don'ts Carry any media such as CDs, DVD’s out of PLL premises without clearance of ISD Carry and use any personal media like tapes, disks, CDs, USB pen drives in the office premise IT Infrastructure

PowerPoint Presentation:

IT Infrastructure

Internet Usage:

Do’s Use the Internet for official and authorised purposes only Adhere to PLL’s policies while accessing the Internet from an PLL owned computer/ laptop Use Internet access in a professional, lawful and ethical manner Internet Usage Don'ts Access the Internet directly from office network using modems or other private connections unless specifically approved Install freeware, shareware / trial version software and obscene written or pornographic material available on the Internet Upload official data on to mass storage sites and public FTP Servers IT Infrastructure

PowerPoint Presentation:

Employees should ensure critical official data backup by effectively using the File Servers Comprehensive Back-up all the files that you own and don't forget to backup your email inbox in the designated directories / folders. Timely Back up all of your important files before your computer is repaired or has any major hardware or software upgrades. Regular Back up files according to a regular schedule. Backup of Information IT Infrastructure

OUR Responsibilities . . . :

OUR Responsibilities . . . Ensuring that “WE” are aware of, and understand, the security requirements of PLL Complying with the do's and don'ts propagated by ISD. Check for mails issued from ITDesk@punjlloyd.com Ensuring that PLL’s resources, information and data are used for business purposes. Using information systems only as appropriate for one’s job responsibilities Reporting security incidents immediately to SIRT@punjlloyd.com IT Infrastructure

PowerPoint Presentation:

Conclusion Comply to PLL Security Policies Must Read IT & Information Security Policy The SUCCESS of the PLL’s Security Program DEPENDS ON YOU! IT Infrastructure

PowerPoint Presentation:

Thank You

authorStream Live Help