Laserfiche WebLink
City of Arden Hills Personnel Policy Effective February 29,2016 <br />Password Protection Guidelines <br />1. Passwords should be treated as confidential information. No employee is to give, <br />tell, or hint at their password to another person, including IT staff, administrators, <br />superiors, other co-workers, friends, and family members, under any <br />circumstances. <br />2. If someone demands your password, refer them to this policy or have them <br />contact the IT Department. <br />3. Passwords are not to be transmitted electronically over the unprotected Internet, <br />such as via e-mail. However, passwords may be used to gain remote access to <br />company resources via the City's IPsec-secured Virtual Private Network or SSL- <br />protected Web site. <br />4. No employee is to keep an unsecured written record of his or her passwords, <br />either on paper or in an electronic file. If it proves necessarily to keep a record of <br />a password, then it must be kept in a controlled access safe if in hardcopy form or <br />in an encrypted file if in electronic form. <br />5. Do not use the "Remember Password" feature of applications. <br />6. Passwords used to gain access to City systems should not be used as passwords to <br />access non-City accounts or information. <br />7. If possible, don't use the same password to access multiple database or network <br />systems. <br />8. If an employee either knows or suspects that their password has been <br />compromised, it must be reported to the IT Department and the password <br />changed immediately. <br />9. The IT Department may attempt to crack or guess users' passwords as part of it <br />ongoing security vulnerability auditing process. If a password is cracked or <br />guessed during one of these audits, the user will be required to change his or her <br />password immediately. <br />95