====== Asset Management Policy ====== ==== i) Asset Types ==== The following minimal asset classes are subject to tracking and asset tagging: * Laptop mobile computers * Servers * Network appliances (e.g. firewalls, routers, switches, Uninterruptible Power Supplies (UPS), endpoint network hardware, and storage) * Internet Protocol (IP) Enabled Video and Security Devices * Memory devices ==== ii) Asset Value ==== Assets which cost less than $300 shall not be tracked, including computer components such as smaller peripheral devices, video cards, microphones, or keyboards. However, assets, which store data regardless of cost, shall be tracked either as part of a computing device or as a part of network attached storage. These assets include * Network Attached Storage (NAS), Storage Area Network (SAN) or other computer data storage * Temporary storage drives * Tape or Optical media with data stored on them including system backup data ==== iii) Asset Tracking ==== A shared spreadsheet is used to track assets. It should include purchase and device information, such as the date of purchase, make, model, and descriptor, serial number, location, type of asset, owner, department, and purchase order number. The asset tracking document will be managed by our Equipment Protection Officer, Jeffrey Johnson. === Changes to Hardware === Remote working computer equipment supplied by Nested Knowledge must not be altered or added to in any way without prior knowledge and authorization from the technical team. Staff must notify Nested Knowledge leadership in the event that an asset is lost or stolen. ==== v) Asset Disposal ==== When disposing of any asset, sensitive data must be removed prior to disposal. Minimally, data shall be removed using low level formatting and degaussing techniques. For media storing confidential or student personally identifiable information (PII) that is not being repurposed, disks shall be physically destroyed prior to disposal. ==== Enforcement and Distribution ==== This policy is to be distributed to all Nested Knowledge staff responsible for hardware and device support. Staff members found in policy violation may be subject to disciplinary action, up to and including termination. ===== Acceptable Use of IT Resources ===== Employee work-issued computers may be used for work-related task, including social media and shopping relevant to work. Employee computers may not be used for: * Criminal activities * Pornographic content * Piracy * Buying illegal drugs * Gambling Employees who misuse work-issued devices are subject to confiscation and disciplinary action. ===== Revision History ===== ^Author^Date of Revision/Review^Comments| |K. Cowie|11/17/2021|Initial draft completed| |J. Johnson|01/24/2023|Reviewed and Approved| [[:wiki:policies|Return to Policies]]