======Baseline Security====== =====Classification===== ====3. Registration of assets==== A [[policies:security:assets|list]] is available that records purpose and ownership of all assets ====4. Line managers==== Due to the limited size of the IT Department there is no highly detailed denotion of line managers, but a [[policies:security:whodoeswhat|crude list of responsibilities by person]] is available. ====5. Classification==== There are [[policies:security:classificationguidelines|guidelines]] for the classification of information. ====6. Licensed software==== Whenever a piece of software requires licensing, this is either performed centrally at the ISSC or done locally. Many software packages, however, are open sources or GNU licensed and do not need any licensing agreement. Scientific packages under license are: * IDL * Maple * Mathematica * Matlab * Labview * Comsol * Autodesk * Origin Office packages under license are: * MS Office * MS Project * Acrobat Pro * Adobe Suite * MacOS Office OS licenses in use are: * RedHat Enterprise server * Windows Server (2012 and 2016) * Windows Desktop (7, 8 and 10) ====7. Buildings==== The vastgoed expertise center is responsible for the building infrastructure of the univesity, including the housing of the IT equipment according to the requirements set out by the IT department. ====8. IT rules of conduct==== [[https://www.organisatiegids.universiteitleiden.nl/reglementen/algemeen/regeling-ict--en-internetgebruik|These rules are made available through a university webpage]], to which each new arrival at the institute is pointed in a welcoming email or course. ====9. Exit procedure==== There is a well defined [[https://helpdesk.strw.leidenuniv.nl/wiki/doku.php?id=depart|exit procedure]] for all personal leaving the scientific institute. It is described on the helpdesk wiki pages to which each member of an institute has been pointed at start of the employment and which remains available throughout the employment. ====10. Computer room access==== The main computer rooms are inaccessible to the general personal of the institute. Physical access takes place through LUCard readers. Access is only granted to the IT Department members. In addition a standard user restricted authentication access is in place of all data, with different levels of access based on the security requirements pre data item.