Laserfiche WebLink
Data stored on local workstation hard disks, access to the Data will be restricted to Authorized <br />User(s) by requiring logon to the localworkstation using a Unique User lD and Hardened <br />Password or other authentication mechanisms which provide equal or greater security, such as <br />biometrics or smart cards. <br />(2) Network server disks <br />(a) Data stored on hard disks mounted on network servers and made available through shared <br />folders, access to the Data will be restricted to Authorized Users through the use of access <br />control lists wltich will grant access only after the Authorized User has authenticated to the <br />network using a Unique User lD and Hardened Password or other authentication <br />mechanisms wlrich provide equal or greater security, such as biometrics or smart cards. <br />(b) Data on disks mounted to such servers must be located in an area wtrich is accessible only <br />to authorized personnel, with access controlled through use of a key, card key, combination <br />lock, or comparable mechanism. <br />(3) Opticaldiscs (CDs or DVDs) in localworkstation opticaldisc drives <br />(a) Data provided by DCYF on optical discs which will be used in local workstation optical disc <br />drives and wlrich will not be transported out of a Secure Area, when not in use for the <br />contracted purpose, such discs must be Stored in a Secure Area. <br />(b) Workstations that are capable of accessing Data from optical discs must be located in an <br />area wlrich is accessible only to authorized personnel, with access controlled through use <br />of a key, card key, combination lock, orcomparablemechanism. <br />(4) Opticaldiscs (CDs or DVDs) in drives or jukeboxes attached to servers <br />(a) Data provided by DCYF on optical discs that will be attached to network servers will not <br />be transported out of a Secure Area. <br />(b) Access to Data on these discs will be restricted to Authorized Users through the use of <br />access control lists which will grant access only after the Authorized User has <br />authenticated to the network using a Unique User lD and Hardened Password or other <br />authentication mechanisms wtrich provide equal or greatersecurity, such as biometrics or <br />smart cards. <br />(c) Data on discs attached to such servers must be located in an area wtrich is accessible <br />only to authorized personnel, with access controlled through use of a key, card key, <br />combination lock, or comparable mechanism. <br />(5) Paper documents <br />(a) All paper documents must be protected by storing the records in a Secure Area, withaccess controlled through the use of a key, card key, combination lock, or comparable <br />mechanism, and which is only accessible to authorized personnel. <br />(b) When being transported outside of a Secure Area, paper documents must be under thephysical controlof contractor staff with authorization to access the Data. <br />(c) Paper documents will not be secured or stored in a motor vehicle any time a staffmember is away from the motor vehicle. NOTE: The use of a lock box, other ioclante <br />storage container or a non-lockable storage container stored in a vehicle does notoverride this requ irement. <br />Department of Children, Youth & Families <br />2017CF County Program Agreement 6-24-20 page 2l