2-2.31 System and Network Administrators

System and network administrators are technical personnel who serve as computer systems, network, server, and firewall administrators, whether the system management function is centralized, distributed, subcontracted, or outsourced. System and network administrators are responsible for the following:

  1. Implementing information security policies and procedures for all information resources under their control, and also for monitoring the implementation for proper functioning of security mechanisms.
  2. Implementing appropriate platform security based on the platform-specific hardening standards for the information resources under their control.
  3. Complying with standard configuration settings, services, protocols, and change control procedures.
  4. Applying approved patches and modifications in accordance with policies and procedures established by the Postal Service. Ensuring that security patches and bug fixes are kept current for resources under their control.
  5. Implementing appropriate security administration and ensuring that log-on IDs are unique.
  6. Setting up and managing accounts for information resources under their control in accordance with policies and procedures established by the Postal Service.
  7. Disabling accounts of personnel whose employment has been terminated, who have been transferred, or whose accounts have been inactive for an extended period of time.
  8. Making the final disposition (e.g., deletion) of the accounts and the information stored under those accounts.
  9. Managing sessions and authentication and implementing account time-outs.
  10. Preventing residual data from being exposed to unauthorized users as information resources are released or reallocated.
  11. Testing information resources to ensure security mechanisms are functioning properly.
  12. Tracking hardware and software vulnerabilities.
  13. Maintaining an accurate inventory of Postal Service information resources under their control.
  14. Ensuring that audit and operational logs, as appropriate for the specific platform, are implemented, monitored, protected from unauthorized disclosure or modification, and are retained for the time period specified by Postal Service security policy.
  15. Reviewing audit and operational logs and maintaining records of the reviews.
  16. Identifying anomalies and possible internal and external attacks on Postal Service information resources.
  17. Reporting information security incidents and anomalies to their manager and CyberSafe immediately upon detecting or receiving notice of a security incident.
  18. Protecting information resources at risk during security incidents, assisting in the containment of security incidents as required, and taking action as directed by CyberSafe.
  19. Participating in follow-up calls with CyberSafe and fixing issues identified following an incident.
  20. Ensuring that virus protection software and signature files are updated and kept current for resources under their control.
  21. Ensuring the availability of information resources by implementing backup and recovery procedures.
  22. Ensuring the compliance with Postal Service information security policy and procedures.
  23. Monitoring the implementation of network security mechanisms to ensure that they are functioning properly and are in compliance with established security policies.
  24. Maintaining a record of all monitoring activities for information resources under their control.
  25. Assisting with periodic reviews, audits, troubleshooting, and investigations, as requested.
  26. Resolving identified vulnerabilities.