Professional Documents
Culture Documents
Mis Systems & Data Security
Mis Systems & Data Security
&
DATA
SECURITY
Staff Initial Security Awareness and Annual Refresher Training: The purpose of this
presentation is:
To well inform staff of the expectations and requirements for systems access privileges and
accountability
Focuses on entire WorkNet staff, supervision, its contracted providers and partners that use a
component or the entire system
Designated to change behavior or reinforce good security practices
To provide security awareness, training, education and professional development
To ensure an effective and on-going security awareness program
Significant number of topics may be mentioned
Federal and State Statute, Policy requirements, sanctions, safeguards and penalties
WorkNet Server and Email Rights
Various Assigned Workforce MIS System Privileges
Confidentiality and inherent Penalty of Misuse
User Responsibilities
Password usage and management
USER-ID usage
Rules of Behavior
Email and Web usage
Data Security
Mobile devices and media
Technical Assistance
Guidelines to request support
WorkNet Pinellas supervision and its internal Regional Security Officers are
responsible for administering MIS privileges, setting security rights, providing
security training of the UC program and is responsible for ensuring policies,
procedures and controls are adequate to protect the security and integrity of
UC information.
Subject to the following state and federal statutes and/or policy guidance:
Internal systems
WorkNet Network
Public or G Drive
Microsoft Outlook
Electronic Filing System (E-Filing-Legacy and ATLAS)
Online Orientation Admin Site containing customer info
(Legacy and ATLAS)
Internet
OWA
State agencies intranets
Accept responsibility for the security and integrity of data and systems for which access
is granted
Maintain User Identifiers (userIDs) required to access server, email, and MIS systems
Maintain password integrity:
Rules of Behavior
Extend to all personnel accessing and using MIS systems, data, or equipment
Do not remove confidential data or equipment from its official location
Do not store unsecured confidential data on personal equipment
Do not use access privileges for personal gain
Do not disclose sensitive or confidential information
Never share passwords or userIDs
Delete access and review access as needed
Restrict access to confidential applicant, participant and employer information
Do not knowingly transmit, retrieve or store any electronic communication that is:
Discriminatory or harassing,
Derogatory to any individual or group,
Obscene or sexually explicit,
Defamatory or threatening,
In violation of any license governing software usage, or
Illegal or contrary to WorkNet policy or business interests.
Abide by all federal and state statute, applicable security policies and procedures
Is Not Private
Is the property of WNP (WorkNet Pinellas)
Messages sent outside WorkNet or email server are not secure
Do not share e-mail accounts or passwords
Offensive, demeaning or disruptive messages are prohibited
Note: Mandatory Completion annually of the Computer Use Policy Agreement and AWI Mandatory Agreement located on the G or public drive under Security
folder
Data Security
Data is obtained in the following ways:
Applications
Customer Service
Interviews
Orientations
Workshops
External documentation
Various MIS systems
Must secure all documentation in secured environment; WorkNet e-filing or separate locked
storage file
May not be annotated in any MIS system such as an OSST or EFM case note or Florida CLRC
To lock keyboard: Hold Ctrl, Alt and Del keys at same time when
message box pops up click lock computer
Portable devices capable of storing or processing data such as laptops and PDAs
Mobile media are portable devices capable of storing data such as thumb drives,
DVDs and CDs
The use of mobile media and devices increases risks, threats, and vulnerabilities of
data being disclosed, altered, lost or stolen and lacks the Agencys firewall protection
The use of mobile devices and media are limited and must be approved by
management
Potential Penalties:
Users who do not comply with the confidential provisions in user agreements and
prescribed rules of behavior are subject to administrative penalties available through
existing policies, procedures, rules, regulations and federal and state statutes
Reprimands
Termination of employment
Criminal prosecution
Technical Assistance
System/Data Security
Please send any questions,
comments, or suggestions to:
Lysandra Montijo
lmontijo@careersourcepinellas.com
THE END