Laserfiche WebLink
City of Arden Hills Personnel Policy'_` Effective February 29, 2016 <br />ri` 1 ILN HILLS Amended December- ' n October 28 2019 <br />Password Protection Guidelines <br />1. Passwords should be treated as confidential information. No employee is to give, <br />tell, or hint at their password to another person, including IT staff, administrators, <br />superiors, other co-workers, friends, and family members, under any circumstances. <br />2. If someone demands your password, refer them to this policy or have them contact <br />the IT Department. <br />3. Passwords are not to be transmitted electronically over the unprotected Internet, <br />such as via e-mail. However, passwords may be used to gain remote access to <br />company resources via the City's IPsec-secured Virtual Private Network or SSL - <br />protected Web site. <br />4. No employee is to keep an unsecured written record of his or her passwords, either <br />on paper or in an electronic file. If it proves necessarily to keep a record of a <br />password, then it must be kept in a controlled access safe if in hardcopy form or in <br />an encrypted file if in electronic form. <br />5. Do not use the "Remember Password" feature of applications. <br />6. Passwords used to gain access to City systems should not be used as passwords to <br />access non -City accounts or information. <br />7. If possible, don't use the same password to access multiple database or network <br />systems. <br />8. If an employee either knows or suspects that their password has been compromised, <br />it must be reported to the IT Department and the password changed immediately. <br />9. The IT Department may attempt to crack or guess users' passwords as part of it <br />ongoing security vulnerability auditing process. If a password is cracked or guessed <br />during one of these audits, the user will be required to change his or her password <br />immediately. <br />