SUBJECT:Network Security Policy

SUBJECT:Network Security Policy

SUBJECT:Network Security Policy

REFERENCE:

PURPOSE:To establish a policy for maintaining the security and integrity of the Town’s network infrastructure.

POLICY AND PROCEDURES:

The Information Technology (IT) Division will maintain the security of the Town’s network infrastructure and computer software. All Town computers, devices, and applications must be used only for related business activity.

  1. Network Security
  2. Newly HiredEmployees - Human Resources enters a service ticket (currently SysAid) to notify IT of an employee to be hired. IT will contact the applicable department to ascertain security parameters required. The employee’s Department Director will approve any and all network security. This includes items such as file servers, Police software (currently OSSI), financial software (currently NaviLine), etc. The software used by Development Services (currently TRAKiT) will be administered by their Director.
  3. Existing Employees – Requesting changes to an existing employee’s security shall be completed through the use of a service ticket with approval from the applicable Department Director. Prior to any suspensions or terminations, IT will be notified by the department when to suspend an employee’s access to the network. When an employee submits their letter of resignation with a future date, IT will deactivate access on the employee’s last day. Human Resources will follow up with an email to IT once a Payroll Action Form is received.
  4. Annual Review –IT will meet with Police Chief or designee to review user security within the police software. IT will also meet with the Finance Director or designee to review user security within the financial software.
  5. Network Passwords (computer sign-on) – Passwords are utilized to reduce risk of a non-authorized user from accessing the Town’s network. Passwords will require changing every 180 days. In an attempt to further reduce risk, the following parameters shall be used when creating a password:
  6. Passwords will not contain the user's account name (first initial & last name) or parts of the user's full name that exceed two consecutive characters.
  7. At least six characters in length
  8. Must contain characters from three of the following four categories:
  9. Uppercase characters (A through Z)
  10. Lowercase characters (a through z)
  11. A number from 0 through 9
  12. Non-alphabetic characters (for example, !, $, #, %)
  13. HardwareSoftware - All new computer hardwaresoftware must be reviewed by IT prior to purchase and installation. This includes free software. IT will not support software or hardware installed without prior review. If IT finds unauthorized software or hardware,it will be removed from the computer and the Department Director will be notified for possible disciplinary action.
  14. Connecting to Network from a Remote Location - Employees granted authorization to utilize the remote access to the Town’s computer network have an obligation to perform only work related business. The same procedures used at the work place must be followed when remotely accessing the Town’s computer network. For example, log off or lock computer when not using. All requests for connecting remotely will require a service ticket and Director approval.
  15. Laptop & Computer Equipment - Employees may take their assigned mobile computer equipment offsite to work on Town business. For employees not assigned mobile computer equipment, a request to IT may be made for offsite use with director approval and shall be used for Town business only. Non-exempt employees (hourly) must document time worked offsite to be properly paid. If overtime pay is anticipated, advanced approval by Department Director and Town Manager is required. The I.T. Technician is exempt from prior approval when emergencies arise and working remotely is required to resolve the issue.
  16. “Bring Your Own Device”/Wireless Access – Personal equipment (smart phones, tablets, laptops, etc.) may be allowed to connect to the Town’s secured network. This is not applicable to “open” Wi-Fi or the Library. Requests are to be made through a service ticket listing the reason along with Director approval. At no time shall personal devices be used to download sensitive data.
  17. Violation of Policy:Violations of this policy may result in termination of network access privileges and disciplinary action up to and including termination of employment, and/or criminal or civil penalties or other legal action as applicable.

PREPARED BY:DATE:11/09/2016

Stephen Kaplan, Finance Director

APPROVED BY:DATE:11/09/2016

Deborah S. Manzo, Town Manager

Top View