Tightening the belt

A closer look at Kansas' Department of Administration's security policy

In making the determination to use data and file encryption, the following

risks should be considered:

* Loss of state funds.

* Violation of individual expectations of privacy.

* Violation of state or federal law.

* Civil liability on the part of Department of Administration.

* Compromise of legal/investigative efforts.

* Loss of business opportunities for affected persons.

* Undue advantage to any person in the department's competitive business

relations.

Passwords must be:

* Individually owned.

* Kept confidential.

* Changed whenever disclosure has occurred or may have occurred, and

changed at least every 30 days.

* Changed significantly (i.e., not a minor variation of the current

password).

* A minimum of six characters, using alphanumeric characters.

* Encrypted when held in storage or when transmitted over communications

networks.

* Suspended after no more than three unsuccessful log-on attempts.

* Limited to one use when initially issued or when reset or reissued

by security administration personnel.

Featured

  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected