Laserfiche WebLink
<br />38. Maintain central log files of security-related information to monitor activity on your <br />network. <br /> <br />39. Monitor incoming traffic for signs of a data breach. <br /> <br />40. Monitor outgoing traffic for signs of a data breach. <br /> <br />41. Implement a breach response plan. <br /> <br />42. Check references or do background checks before hiring employees who will have access <br />to sensitive data. <br /> <br />43. New employees sign an agreement to follow your company's confidentiality and security <br />standards for handling sensitive data. <br /> <br />44. Access to customer's personal identify information is limited to employees with a "need <br />to know." <br /> <br />45. Procedures exist for making sure that workers who leave your employ or transfer to <br />another part of the company no longer have access to sensitive information. <br /> <br />46. Implement a regular schedule of employee training. <br /> <br />47. Employees will be alert to attempts at phone phishing. <br /> <br />48. Employe~s are required to notify the general manager immediately if there is a potential <br />security breach, such as a lost or stolen laptop. <br /> <br />49. Employees who violate security policy are subjected to discipline, up to, and including, <br />dismissal. <br /> <br />50. Service providers notify you of any security incidents they experience, even if the <br />incidents may not have led to an actual compromise of our data. <br /> <br />51. Paper records will be shredded before being placed into the trash. <br /> <br />52. Paper shredders will be available at each desk in the office, next to the photocopier, and <br />at the home of any employee doing work at home. <br /> <br />53. Any data storage media will be disposed of by shredding, punching holes in, or <br />incineration. <br /> <br />City of Ramsey - Utility Billing <br /> <br />Page 7 of7 <br /> <br />-106- <br />