My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
01/21/2025 Regular & Special SA
>
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/27/2025 5:03:20 PM
Creation date
1/21/2025 2:16:24 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Information Technology
Item #
26
Date
1/21/2025
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
762
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Security Policies and Procedures <br />1. We will train each workforce member to recognize the common telltale signs <br />of a security incident. When a member of the workforce detects one of these <br />signs, he/she will be responsible for notifying the ISO. <br />2. The ISO will maintain a set of tests to detect events in the system logs that <br />may indicate security incidents. These tests will be written into a script and <br />run against the system log on a daily basis or whenever needed. The tests <br />currently are: <br />a) Account creation/deletion <br />b) High volume of unsuccessful logon attempts <br />c) Alerts from our malware monitoring systems <br />d) High volume of file or database access/creation/deletion activity for the <br />time of day, or for day of the week <br />e) Account activity at unusual times of the day or night <br />f) Absence of expected log records of activity when expected <br />g) Unusual level of record access for a given account <br />h) Daily logs will be tested by the firewall in real time, <br />i) User data will be reviewed weekly <br />j) Logs for the past month will be retained. When anomalies are <br />discovered, the script will provide a report that is immediately brought <br />to the attention of the ISO or designee as a potential security incident. <br />k) Account lock out due to excessive password retry failure. <br />The ISO will determine, in consultation with others if needed, whether an event is a <br />security incident. <br />If an event is a security incident, the ISO (or designee) will proceed to contain and <br />repair damage from the incident by working with staff, vendors, and Business <br />Associates as needed. The security incident will be tracked in JIRA and treated as an <br />application defect. A log of relevant actions taken to contain and repair the damage will <br />be stored in JIRA. The permanent home of this log will be in the Security <br />Documentation Library. The ISO will determine if the event involves a workforce <br />member action that is covered under the sanction policy and will follow that policy. The <br />ISO will determine if the event represents a security incident for which a Business <br />Associate is responsible. If so, the ISO will follow our Incident and Breach Policy in this <br />area. <br />Rev.2015.8.6 <br />62 <br />
The URL can be used to link to this page
Your browser does not support the video tag.