Briefing ID #: 10003

ALL EMPLOYEES – ITS - Reminder of Staff Information Security Responsibilities
Category:

 

 

Audience: 

All Employees

 

 

Due Date:

n/a

Meeting Date:

n/a

 

 


District staff must be continuously aware of their responsibilities to protect the District’s data and computer assets.


As more and more computer applications, and by extension District data, are made available on the web, staff must be constantly on guard to not expose that data.  Teachers who perform administrative functions on computers in the classroom must be especially cautious.  The most important protection, and the first line of defense, is the user password.  In addition to District and student data, access to staff’s personal HR data and e-mail is also protected by their password.  The following must be observed at all times:

  • Do not show or give your password to anybody else.
  • Do not write your password down and leave it where it can be found.
  • Do not use easily guessed names or words for your password and do not use easily guessed questions and answers in the password reset tool, P-Synch.
    • Teachers especially must be aware that any personal information you have discussed in class may now be known to students.
  • Do not walk away from your computer without locking your account, logging off, or shutting down.  To lock your computer: 
    • Press the CNTL/ALT/Delete keys at the same time to bring up the “Logon Information” dialog box. 
    • Make sure the “Lock Computer” button is highlighted. 
    • Click the left mouse button or press “Enter”.
    • To reactivate the computer, press CNTL/ALT/Delete again and type in your password in the dialog box.  
  • Staff must be aware that there are applications and devices called “Keystroke Loggers” that can be used to steal passwords.  Anti-spyware applications will find and remove some of these but if you are concerned notify the technician assigned to your school and your supervisor ASAP.  
  • If your password has been changed unexpectedly and the system has not asked you to change it, notify the technician  and your supervisor ASAP.  
  • If a system asks if you want it to “remember you” or “remember your password”, click “No” – if you save it, anybody who uses the computer and knows your user name will be able to sign into your account without knowing the password.  You should re-type your password each time you go into the system.

The Network Security Standards have detailed information regarding staff responsibilities and passwords, especially section 5.1, User-Ids and Passwords.  The document can be found at:

http://techsupport.dadeschools.net/data_security/Network_Security_Standards_2011.pdf

Questions regarding this process should be directed to the HEAT Self Service.


 

 

Contact:

HEAT ( n/a )

Department:

Information Technology Services