The following policies can be found under 'Information Technology' on the Policies and Procedures webpage.
For a description of each IT policy, please see the index below:
Access Control Policy: IMT's approach to controlling access to IT resources.
Application Control Policy: LSE's approach to the use of applications on its network.
Antivirus Policy: Antivirus must be installed on LSE-owned computers. Personally-owned devices without antivirus may be blocked from our network for the safety of all other connected devices.
Asset Management Policy: Everyone's responsibilities in regards to IT assets such as workstations or laptops.
Associates Policy: When and how non-LSE members are provided with access to LSE IT resources.
Comms Room Policy: Comms Rooms are a key part of LSE’s IT infrastructure, with specific requirements about how they must be set up and maintained.
Conditions of Use of IT Facilities at LSE: The conditions everyone must sign up to in order to use LSE IT facilities.
Conditions of Use of the Residences Network: Additional conditions for those using network connections at halls of residence.
Confidential Information Transfer Policy: How to approach the any requirements to move confidential information, either to or from external parties, or within LSE.
Electronic Messaging Policy: Rules and considerations governing the use of LSE's email systems, including the sending of confidential data and the privacy of people's email accounts.
Email Address Conventions Policy: Information about the format of LSE email addresses.
Encrypted Authentication Policy: All LSE applications (whether developed by us or developed or hosted by a third party) that perform user authentication must encrypt the username and password during transmission.
Hosting Non-Standard Websites and Internet-Facing Services: What replacement IMT will provide for servers currently situated outside LSE datacentres.
IT User Accounts Policy: What types of user accounts we provide, what they give access to and when they expire.
Laptop Encryption Policy: All new LSE-issued laptops should be encrypted. Monitoring and Logging Policy: How and why we monitor and log traffic and activities across our systems and networks.
Monitoring and Logging Policy: How and why we monitor and log traffic and activities across our systems and networks.
Network Connection Policy: The responsibilities concerning who can connect things to our network distribution layer, and how we respond to any system on our network that poses the potential threat, or is actually causing damage, to other systems.
Password Policy: What passwords should contain and when they expire.
Patch Management Policy: Stipulations around the patching of LSE systems.
Payment Card Gateway Policy: All services that take card payments must integrate with LSE’s provided Payment Card Gateway.
PCI DSS Compliance Policy: LSE has to meet the Payment Card Industry’s Data Security Standard. This policy lays out what levels of PCI DSS compliance we can achieve, and where the risk for non-compliance lies.
PCI DSS Information Security Policy: Information Security Policy that is specific to LSE’s PCI DSS environments.
Remote Access Policy: What systems are available for use remotely and what considerations to make when using them.
Sharepoint Team Sites Provision Policy: Outlines the conditions under which SharePoint Team Sites will be allocated, monitored and deallocated.