The URL can be used to link to this page

Home My WebLink About09 20 16 AgendaCommunications/Technology Advisory Committee (CTAC) Agenda Tuesday Sept. 20, 2016 at 6:00 p.m. in the Parkview Community Room 1. Call to Order/Roll Call 2. Approve Agenda/Minutes A. Sept. 20, 2016 Agenda B. July 12 Meeting Minutes 3. Old Business A. No Old Business 4. New Business A. Technology Policy B. Candidate Video Message 5. Announcements/Correspondence A. Candidate Forums Sept. 27 and Sept. 28 6. Adjournment Meeting RSVPs/Attendance Jim Anderson (Chair) 10/2016 Don Breidenbach 10/2017 Bret Anderson 10/2016 Monique Morton (Council) Jessica Weber 10/2017 Kevin Roach (Staff) Erik Juhl 10/2017 Dave Elbon (Staff) Communication Technology Advisory Committee September 20, 2016 Technology Policy Background -Technology is fluid and changes constantly. -Policy last updated in 2009. -City hit with a Ransomware virus this summer. -Improve cyber security measures. -Educate staff. -Ensure staff aware of obligations of MGDPA and other technology-related policies and procedures. 2 Section One:Introduction -Purpose:Set standards to protect the City’s IT systems and equipment. -Administration:policy is appendix to City Personnel Policy so administration of policy responsibility of City Manager. -Responsibility:City Users are responsible for knowing and following directives in this policy and subsequent communications. -Privacy: Users of IT systems should have no expectation of privacy. 3 Section Two: Information Technology Usage -Only business-related software allowed and requires department head approval. -IT coordinator download software. -Personal devices with City email could be subject to e-discovery. -Email will auto-purge every 180 days and is not backed up. -Other data backed up 3x daily and retained for 6 months. -Data retention standards outlined. -Personal use of Internet and email okay if limited and appropriate. -Specifics on prohibited use of City IT systems. 4 Section Three: Information Technology Security 5 •New password guidelines: lower and upper case character; a number and a non - alpha-numeric character AND password change every 180 days. •Network and remote access requirements. •Employee access turned off on last day of employment. Section Four: Information Technology Emergency ⁻IT Coordinator responsible for incident response and provide recommendation for action to the City Manager. ⁻Each department head develop a business continuity plan that identifies: •Sensitive data and systems •Critical services that must continue •Strategies to continue service •Key stakeholders •Non-computer tasks for staff •Prioritization of systems and work-stations 6 Next Steps -Staff training on policy in late October/early November. -Staff training on cyber security with assistance of LMC. -Upon completion of training, change passwords. -“Cheat Sheet” developed by IT Coordinator for all staff. -Include policy and cheat sheet in new employee packets. -Department heads complete emergency plans by end of year. -Implement email deletion policy on January 1, 2017. 7 Questions? 8