IT policies

•  Before users have the privilege of opening sensitive information  they must get permission from the administrator. 
• Every computer must have antivirus software that is already approved by the IT department and must be set up to auto update daily.
• Security Patches should be installed as soon as they are available for download.
• Computers should be set up to lock automatically after an inactivity period, or users must lock it to prevent unauthorized handling of sensitive data
• Every user must classify its data from A to D (A is the most sensitive)
• Password should be changed after a certain period of time ( from 2 to 6 months) 
• Passwords should be secure (combination of alphanumeric keys and symbols)
• Malware infected devices must be disconnected from the network.
• Only handle sensitive information on mobile devices if it is encrypted.
• It´s a must to notify the IT department if your mobile device is stolen or lost.