The Administrative Services Manager is responsible for
establishing, maintaining and implementation.
Definitions: PC - any workstation terminal system, laptop,
or portable computer.
Profile - user account that identifies the specific person.
DAC - Discretionary Access Control are privileges and
restrictions of your user account as determined by your supervisor and
management.
1.
Password Configuration
1.1.
All passwords must have at least 8 to 14 characters,
containing one (1) numeric and one (1) special character such as a *.&#.
Users must not construct passwords that are identical or similar to passwords
that they have previously employed.
1.2.
The display and printing of passwords must be suppressed, so
that unauthorized parties will not be able to observe or subsequently recover
them.
1.3.
Users must maintain exclusive control of their personal
passwords; they must not share them with others. Passwords must not be stored
in any form, i.e. batch files, logon scripts, software macros, function keys,
data files, or hard copy.
1.4.
PC access must be achieved via passwords that are unique to
each individual user. Access control to files, databases, computers, and other
system resources via shared passwords is prohibited.
1.5.
All users will be automatically forced to change their
passwords at least once every ninety (90) days. All passwords must be promptly
changed if they are suspected of being disclosed, or known disclosure has
occurred to unauthorized parties.
1.6.
Regardless of the circumstance, passwords must never be shared
or revealed to anyone else unless requested by a Systems Administrator for
problem resolution. Once the problem has been fixed, users must change their
password to ensure system integrity. Users are forbidden from performing any
activity with ID's belonging to other users.
2.
DAC Configuration
2.1.
Managed by your team with settings implemented by a System
Administrator who defines certain privileges and restrictions related to your
profile determined by your supervisor or management.
2.2.
Access is granted or restricted to specific drives, file
servers, databases, and unique applications related to your profile, which is
established upon initial request and updated as needed.
3.
Data Storage, Backup and Destruction
3.1.
Agency information is backed up daily and stored at a secured
off site location. A recommended precaution would be to back up your critical
data onto a diskette and store on-site in a secure location.
3.2.
Hard drive destruction is authorized by two methods:
reformatting, or physical destruction of the media.
4.
File Limitations
4.1.
All files accessed from disk, CD-ROM, or zip disk must be
virus scanned. All data files stored on Community Care systems must be work
related.
4.2.
E-mails larger than five-megabyte should not be sent.
5.
User Responsibilities
5.1.
If you are leaving your workstation, you must lock your PC by
pressing, "ctl-alt-delete" and selecting the lock feature.
5.2.
All PCs are configured with a password protected screen saver.
5.3.
Information security events, i.e. viruses, corrupt data,
malicious emails, chain letters, inappropriate pictures, executable files,
movie clips, and Internet abuse, should be immediately reported to your
supervisor. Do not open or delete any e-mail of this type, contact Community
Care IT, and report this event.