Laserfiche WebLink
Data stored on local workstation hard disks, access to the Data will be restricted to Authorized <br />User(s) by requiring logon to the local workstation using a Unique User ID and Hardened <br />Password or other authentication mechanisms which provide equal or greater security, such as <br />biometrics or smart cards. <br />(2) Network server disks <br />(a) Data stored on hard disks mounted on network servers and made available through shared <br />folders, access to the Data will be restricted to Authorized Users through the use of access <br />control lists which will grant access only after the Authorized User has authenticated to the <br />network using a Unique User ID and Hardened Password or other authentication <br />mechanisms which provide equal or greater security, such as biometrics or smart cards. <br />(b) Data on disks mounted to such servers must be located in an area which is accessible only <br />to authorized personnel, with access controlled through use of a key, card key, combination <br />lock, or comparable mechanism. <br />(3) Optical discs (CDs or DVDs) in local workstation optical disc drives <br />(a) Data provided by DCYF on optical discs which will be used in local workstation optical disc <br />drives and which will not be transported out of a Secure Area, when not in use for the <br />contracted purpose, such discs must be Stored in a Secure Area. <br />(b) Workstations that are capable of accessing Data from optical discs must be located in an <br />area which is accessible only to authorized personnel, with access controlled through use <br />of a key, card key, combination lock, or comparable mechanism. <br />(4) Optical discs (CDs or DVDs) in drives or jukeboxes attached to servers <br />(a) Data provided by DCYF on optical discs that will be attached to network servers will not <br />be transported out of a Secure Area. <br />(b) Access to Data on these discs will be restricted to Authorized Users through the use of <br />access control lists which will grant access only after the Authorized User has <br />authenticated to the network using a Unique User ID and Hardened Password or other <br />authentication mechanisms which provide equal or greater security, such as biometrics or <br />smart cards. <br />(c) Data on discs attached to such servers must be located in an area which is accessible <br />only to authorized personnel, with access controlled through use of a key, card key, <br />combination lock, or comparable mechanism. <br />(5) Paper documents <br />(a) All paper documents must be protected by storing the records in a Secure Area, with <br />access controlled through the use of a key, card key, combination lock, or comparable <br />mechanism, and which is only accessible to authorized personnel. <br />(b) When being transported outside of a Secure Area, paper documents must be under the <br />physical control of Contractor staff with authorization to access the Data. <br />(c) Paper documents will not be secured or stored in a motor vehicle any time a staff <br />member is away from the motor vehicle. NOTE: The use of a lock box, other lockable <br />storage containeror a non -lockable storage container stored in a vehicle does not <br />override this requirement. <br />Department of Children, Youth & Families <br />2017CF County Program Agreement 6-24-20 Page 21 <br />