Information Technology Policy Manual 2022

to protect the City’s systems and information. This includes, but not limited to, using privileged utilities or hacking/password cracking programs in an attempt to gainunauthorized access to systems or information. • Do not download and/or install software on your system without obtaining properapproval from the IT department first. • Do not leave confidential documents unattended on your desk. Documents containing confidential information must be stored in locked cabinets. Your computer screen must also be locked if your desk is left unattended. • Report security violations or incidents immediately to the IT Service Desk at 373-2322 or by emailing the Cyber Security Team at securityincidents@greensboro-nc.gov A SSIGNED E QUIPMENT___________________________________________________________ Technology equipment assigned to you as an employee is your responsibility. This includes city cell phones, iPads, tablets, tough books, and computer equipment such as docking stations, monitors, speaker bars, keyboards, mice, laptops, computer cables, etc. • Upon resigning or termination of employment, this equipment must be returned to the City of Greensboro via your direct manager or the Human Resource departmental representative • Any equipment not returned prior to your final check will be priced with the leasingcompany and charged against your final paycheck • If you are an out of state contractor or do not live locally, a FedEx number will be provided by the department and the equipment must be returned within two weeks at the expense of the City. The equipment must be packed by the FedEx or UPS facility and insured for the leased value. The lease value can be obtained from IT. Tracking numbers for the shipment must be provided in said timeframe. • If computer equipment is not returned by a contractor, the value will be deducted fromthe final payment on the contract

T ECHNICAL A CCEPTABLE U SE Cloud and 3 rd Party Services

• Any time a third-party will collect, store, process, transmit or access the City of Greensboroinformation, an information security review must be performed prior to entering into a contract • The review will ensure that there is an acceptable level of risk to the confidentiality, availability and integrity of City’s information. The City of Greensboro is ultimately responsible for the security of the City’s information’s while it is in the care of a third party service provider • Contact the Cyber Security Division to complete a third-party security assessment. Early engagement will avoid any delays to your project

Refer to the Third Party Access Policy regarding network access for a third-party

9

GSO-ITAUP-002