Anthea McGibbon

This site has a responsibility to protect from disclosure to unauthorized parties the personally identifiable information (name, address, date of birth, social security number, etc.) of its website users. Therefore, the management team has adopted and implemented a website security policy to protect account information of its website users.

Notice and Disclosures

I will not sell, trade, nor disclose the personally identifiable information of its website users to any unauthorized third parties.

Data Quality and Access
Management takes all steps possible to ensure that the data on the website is accurate. If something is found to be inaccurate management will make every effort to correct said information as quickly as possible. If it is found to be an inaccuracy with the entire system this site will work swiftly to correct the problem so that your web experience is as trouble-free as possible. Any change to your user account will not be reflected on the website until the following business day. The information contained on this website is subject to change without prior advance notice.

Management uses cookies to enhance the website experience for its registered users. A cookie is a small file that is stored on the users hard drive. This site uses this file to maintain certain information about the user as they move between pages. Upon closing your browser, the cookie becomes inactive and a new one will be created the next time you sign on to use one of the password protected features on this site. Most browsers are shipped to accept cookies, but this is a function that can be controlled by the user. However, many of the services offered on the website may not run optimally or at all without cookies enabled.

While using this website certain information such as your IP Address and time spent on pages may be collected. This non-personal information is collected in order to monitor any unauthorized use or access to this site. Anyone caught attempting to harm, steal information from, or otherwise damage this website will be prosecuted to the full extent of the law.

Data Security

The management takes security very seriously and has therefore taken every precaution to secure our borrowers information. In order to secure the users information, the management has implemented several security measures to prevent loss, theft, or misuse of any borrower data.

When borrowers use features on this website that involves the transferring of personal information, management requires that a secure connection first be established using 128-bit Secure Socket Layer (SSL) technology. During a secure SSL session, data passed back and forth between the user’s computer and the management’s servers is secured through the use of public key cryptography. The user’s computer exchanges key information with Anthea McGibbon’s computers to create a private conversation that only the user’s computer and the site’s systems may understand. The U.S. government regulates 128-bit encryption; it can only be used by citizens and permanent residents of the United States and Canada. To benefit from this security and to use many of the features on the site you will need to download a 128-bit enabled browser from Microsoft, Netscape, or another software company.
In addition to using 128-bit encryption in the browser, all bank account numbers that are stored in our databases are encrypted.

Each time you enter a secure connection while using the website your browser will notify you, unless the feature has been turned off. Please note that if you have left a secure connection all data sent to is over an unsecure connection.

When a user sends e-mail messages to the site, the return address may be used to respond to the inquiry. The content and address contained in the message will be permanently recorded so that it can be referenced in future communications between the borrower and the site. Email is not a secure means of transmitting information.

Purpose
In effort to provide a more secure and available network experience, the antheacgibbon.com is providing principles of operations and ethics for use of its network resources.

Sanctions can result from violation of this code may be imposed on any user not only for conduct which is not justified by ethical principles or which significantly impairs the site’s network functionality.

Source
• Antheamcgibbon.com
• Gallart.com
• Yush.net

Definitions

• Administrator – A person authorized to make changes to this site’s resources or networks
• Data – computer files in any form (examples: Word Processing, Database, Database records, etcetera.)
• Device – Any computer system. Example:
o Handheld PC (Personal organizers)
o PC
Notebook
? Desktop
o Server
? FTP
? WEB
? File
? Print
o Network
? Wired
? Wireless
? Access Points
? Firewalls
• IS – Computer Information Systems
• IT – Computer Information Technology
• BIT – [School of] Business Information Technology Department
• User – any person (Faculty, Staff, student, or visitor) using network or WPC resource
• Resource – A device or computer dedicated to a specific function attached to the network.

Applicability

The policy outlined in this document applies to:
• Any device attached this site or networking site links
• Any person using any device attached to the host computer of the site’s owner or host.

Compliance

This policy applies to all people and computers on accessing our computer resources. Exceptions to this policy must be obtained by following the Exception procedure.

Responsibility

All users are required to follow and comply with this and all ASU policies.

Requirements and Prohibited Uses

Requirements

1. Users must comply with our policies, terms and conditions.
2. Users must comply with this policy.
3. Users must notify the site of intentions to connect devices to the network. For exceptions, see (Exceptions).
a. yush,.net
b. Help Desk: http://www.antheamcgibbon.com/helpdesk.cfm
c. Network and Server Administration: http://www.yush.net/it/network/
4. Users must use Yush and antheamcgibbon.com sanctioned authentication methods for access to network resources.

Allowable Use & Compliance

The following is an exclusive list of allowable network use. Any use beyond the scope of this list must be requested from Yush.net oversight committee.

1. Internet Access as compliant with http://www.antheamcgibbon.com.
2. Web Browsing
3. Access to Yush.net
4. and ASU computer resources.
5. Servers and server software may be installed in the
6. Yush IT datacenter.
7. Desktop Operating Systems Supported by BIT
a. Windows 2000 Professional
b. Windows XP Professional
c. Windows Vista
d. Mac OS X

Prohibited Use

The following activities may not be utilized on the network without an exception from the IT oversight committee. This list is not exhaustive but serves and an example of prohibited practices.
1. Storage of pirated copyrighted files (MP3 Music, Copyrighted Movies, Software)
2. Downloading of pirated copyrighted files
3. Storing of pirated copyrighted files
4. Servers
5. Web Servers
6. FTP Servers
7. Telnet
8. Media Servers (Real Media, Mp3 media, Video servers)
9. File & Print sharing servers
10. Peer-to-Peer (P2P) file sharing software.
This definition is not limited to these programs but servers as an example of these types of programs. Audio & Video file swapping software is used primarily for obtaining and sharing pirated copyright material and new software is available on a monthly basis. Again, this prohibition is not limited to these titles:
a. Morpheus
b. Napster
c. Gnutella
d. Kazaa
e. File Freedom
11. Installation of new networks. Examples are:
a. Wireless Access Points
b. Network Hubs
c. Network Switches
12. DHCP Servers
13. Network Routers
14. Network Bridges
15. Routing Servers (including Windows BRIDGING PROTOCOL is prohibited when connected to W.P. Carey School of Business Network)
16. VPN Servers
17. RAS Servers
18. Domain Controllers
19. Network Attached Appliances of any kind. Exampes:
a. Printers
b. NAS (Network Area Storage)
20. Personal Firewalls are not recommended, but allowed.

Exceptions

An exception procedure must be observed for any user or device that does not comply with the Requirements and Prohibited Uses or BIT Managed of this policy.
1. Submit your request in writing via e-mail to antheamcgibbon.com.admin@yush.net
2. BIT determines if your request requires an exception.
3. BIT submits your request to the BITSOC subcommittee then notifies the requestor that this action has occurred.
4. The BITSOC Subcommittee will review the request and will do one of the following:
a. request more information
b. approve
c. deny
5. The BITSOC Subcommittee will notify the requestor of the decision.

Enforcement

Attempts to conform behavior to this policy can be accomplished by the following measures:
1. Education of all users (Students, Faculty, and Staff)
2. Establishment of a security infrastructure
a. Centralized Firewall
b. Centralized Intrusion Detection
c. Centralized Patch Management
3. Penalties – Policy violations may range from restricted network access up to and including Law Enforcement notification and prosecution.

BIT Management

It is mandatory for any and all computer system purchased or owned by W.P. Carey School of Business to have certain minimum baseline standards configured for that machines. These standards are defined by BIT with oversight from BITSOC. The standards include configuration settings and software tools used by BIT. BIT uses these tools and menthods to deploy to computers (upon logon to the WPCAREY and ASURITE Windows Domain or through push technology) software to:
• provide updates virus software
• perform patch management of operating systems
• provide fixes for security vulnerabilities
• distribute clients for software licensing compliance
• perform security or intrusion-detection audits
Refer to the Exceptions process for exceptions to this policy.

Contacting UsIf you have any questions regarding the Website Security Policy, please contact the Anthea McGibbon using the information below:
Click here to contact me. Call 876-797-7297

________________________________________
Last Updated: 8/13/2009