April 23, 2008
Security experts preach that having well-defined information security policies is the first step in improving an organization's information security posture. Last week, Q-CERT's Farrukh Ahmad and Ahmed Al-Ashmawy joined e-education's Amal Kamel to present a proposal for policies to safeguard the independent schools in Qatar.
Farrukh presented a computer safety policy that defines how the information infrastructures of the schools are to be securely maintained by the school technical staff, while Ahmed introduced an acceptable use policy that governs what students and educators are allowed to do with ICT infrastructure in the schools.
The audience consisted of technology advisers from the schools, plus representatives from the Supreme Education Council and the private sector. Following the presentation, there was a lively discussion about how to implement the policies without imposing an unreasonable burden on the schools. After a review period, the policies will be ready for final approval later this year.
"Replacing the current collection of ad hoc policies with a set of simple, uniform policies will be a major step forward in safeguarding the school environment," Ahmed said.