eLaws | eCases | Counties & Cities of Alaska | Code of Federal Regulations | United States Code |
 Kotzebue
 Code of Ordinances
 PERSONNEL POLICY MANUAL
 Section 11. COMPUTER AND TECHNOLOGY POLICY

  § 11.15. Workstation Security.

Latest version.

  • The purpose of this workstation security policy is to provide guidance for workstation security for City of Kotzebue workstations in order to ensure the security of information on the workstation and information the workstation may have access to.

    This policy applies to all City of Kotzebue employees, contractors, workforce members, vendors and agents with a City of Kotzebue-owned or personal-workstation connected to the City of Kotzebue network. Appropriate measures must be taken when using workstations to ensure the confidentiality, integrity, and availability of sensitive information is restricted to authorized users.

    A.

    Workforce members using workstations shall consider the sensitivity of the information that may be accessed and minimize the possibility of unauthorized access.

    B.

    The City of Kotzebue will implement physical and technical safeguards for all workstations that access electronic information to restrict access to authorized users.

    C.

    Appropriate measures include:

    1.

    Restricting physical access to workstations to only authorized personnel.

    2.

    Securing workstations (screen lock or logout) prior to leaving area to prevent unauthorized access.

    3.

    Enabling a password-protected screen saver with a short timeout period (15 minutes) to ensure that workstations that were left unsecured will be protected.

    4.

    Complying with all applicable password policies and procedures.

    5.

    Ensuring workstations are used for authorized business purposes only.

    6.

    Never installing unauthorized software on workstations.

    7.

    Storing all sensitive information on network servers.

    8.

    Keeping food and drink away from workstations in order to avoid accidental spills.

    9.

    Securing laptops that contain sensitive information by using cable locks or locking laptops up in drawers or cabinets.

    10.

    Complying with the Anti-Virus policy.

    11.

    Ensuring that monitors are positioned away from public view. If necessary, install a privacy screen filters or other physical barriers to public viewing.

    12.

    Ensuring workstations are left on but logged off in order to facilitate after-hours updates. Exit running applications and close open documents.

    13.

    Ensuring that all workstations use a surge protector (not just a power strip) or a UPS (battery backup).

    14.

    If wireless network access is used, ensure access is secure by following the Wireless Access policy.

    Enforcement

    Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.