Page 3899 - Week 13 - Tuesday, 8 November 1994

Next page . . . . Previous page . . . . Speeches . . . . Contents . . . . Debates(HTML) . . . . PDF . . . .


SPEAKER OF THE LEGISLATIVE ASSEMBLY

LEGISLATIVE ASSEMBLY QUESTION

QUESTION ON NOTICE NO 1446

Legislative Assembly - Computer

Network Security

MR CORNWELL - asked the Speaker:

In relation to the networking of computers within the ACT Legislative Assembly -

(1) What security measures have been put in place to prevent unwanted access to Members data.

(2) Does the networking give Assembly officers and staffers access to other ACT Government Departments; if so, which ones and what degree of access do they have.

(3) Does the networking give any other ACT Government Officers access into material stored on Assembly computers or system; if so, which ones and what degree of access do they have.

(4) What degree of security can be guaranteed.

MADAM SPEAKER - The answer to the Members question is as follows:

(1) There are a number of security measures in place to prevent unwanted access to Members data. Every authorised user of the ACT Legislative Assembly Network is issued with a username and password by the Security Administrator (Mr Neil Humphries). This password must be changed initially by the new user and again every 40 days, otherwise access to the Network is denied. In addition, password security can be applied to the individual user on specific documents under microsoft word for windows, and on other applications such as Electronic Mail and Lotus Organizer.

The network operating software also continually monitors the network and reports potential security violations to the Security Administrator for further investigation.

Each user is provided with access to a number of network drives to which data can be stored. Should a user wish all network users to have access to their data they would save the data to the "W" drive. Data for users in a specific section would be saved to the "O" of "S" drive, and should a user not wish others to have access to their data, then that data would be saved onto the "P" drive, which is only accessible if the users password is known.

For additional security users can also store data on floppy disk and not on the PC hard disk ("C" drive). Other office practices that could be employed are to ensure PCs are not left logged on while the office is unattended, or alternatively locking the office, and the keyboard is locked.

The network file server is locked within a cabinet in a secure wire service cupboard within the Legislative Assembly and the keyboard is locked and only accessible by the Security Administrator or his delegate.

3899


Next page . . . . Previous page . . . . Speeches . . . . Contents . . . . Debates(HTML) . . . . PDF . . . .