Background
All staff using Division information at a Division location or otherwise are responsible for the management and safekeeping of information under their control by ensuring that there is adequate security to prevent unauthorized access, collection, use, disclosure or disposal of information.
Sensitive and confidential information stored on portable technology such as laptops, personal organizers, cell phones or memory sticks must be kept to an even higher standard due to the higher risk of equipment theft.
Procedures
- All password protection mechanisms available on portable technology must be activated and utilized consistently and to the greatest extent possible. Industry standards/methods are to be deployed in the selection of appropriate passwords.
- Established passwords for hardware access must be given in strict confidence to the Superintendent or designate and may not be shared with any other individual.
- All files containing sensitive or confidential information that are stored on portable technology must be encrypted. Requests to use portable technology must be sent to the Head of the Technology department to ensure that the technology is using current industry standards/methods.
- Any information that is no longer required on portable technology is to be transferred immediately to more secure electronic storage.
- All security measures adopted for other technology use within the Division apply to portable technology.