Access & Security Control Policy

Policy Purpose:

To establish access and security controls that maximize access to resources by the public and staff users, in support of Hamilton Public Library core values of “intellectual freedom”; while securing the availability, integrity and confidentiality of systems, information and resources by restricting rights only to individuals or entities that have successfully completed the necessary identification, authentication and authorization procedures and by having adequate controls in place.

 

Key Points Summary

  • HPL will provision required permissions to its users to access HPL systems & resources.
  • HPL will ensure availability, integrity and confidentiality of the system and resources.
  • HPL will review the access list on pre-defined durations.
  • HPL will ensure network security, end point security, physical & data security & access by having necessary controls in place.
  • HPL will enforce the access & security control policy to all involved parties.

 

Definitions

Access Control: is the process that limits and controls access to resources of a computer system.

Library Board: in this policy refers to the members of the Hamilton Public Library Board.

Employees: in this policy is referred to staff, volunteers, co-op or school internships, etc.

End Point Security: is a security system managed centrally and agent installed on all end user devices to protect them like antivirus agent, antispam filter etc.

External Organizations: including consultants, vendors and contractors that require access to systems or networks to complete library business or third party agencies that may have agreements with the library to provide services and systems.

Library Customers: are the public/users or library patrons who have or don’t have library cards.

Users: in this policy is defined as any user whether public, staff, volunteers, Library Board members or external organizations that uses HPL systems to access service or perform any business activity.