My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2011/01/05 Council Agenda Packet
>
Council Agenda Packets
>
2011
>
2011/01/05 Council Agenda Packet
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/28/2017 9:36:53 AM
Creation date
4/28/2017 9:35:33 AM
Metadata
Fields
Template:
Council Agenda Packet
Date
1/5/2011
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
266
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
ATTACHMENT 5 <br /> 4 <br /> ORCA Business Account Security Standards <br /> 1.0 Application Security <br /> 1.1 At the time the Business Account enters into the ORCA program,the Lead Agency will provide a <br /> single Business Account user id and temporary password to the Business Account's Primary Contact <br /> (as specified in Attachment 2)to enable access to the Business Account's area of the Business <br /> Account Website. <br /> 1.2 The Business Account shall immediately change the temporary password to a strong password that <br /> meets the following criteria: <br /> a. Length:At least eight(8)characters in length or the maximum length permitted by the System, <br /> whichever is shorter. <br /> b. Elements: Contain at least three(3)of the following four(4)elements. <br /> 1) English upper case letters(A, B, C...) <br /> 2) English lower case letters(a, b,c...) <br /> 3) Westernized Arabic numbers(0, 1,2...9) <br /> 4) Special characters(@,#, %...) <br /> 1.3 The Business Account shall restrict access to the ORCA Business Account Website by providing its <br /> user id and password to the employee(s)who have a business"need to know"and who are <br /> authorized by the Business Account("system user(s)"). <br /> 1.4 Access to the ORCA Business Account Website is restricted to the purpose of authorized <br /> administrative support for the ORCA Business Account program. <br /> 1.5 The Business Account's password shall be changed at least quarterly but also immediately upon(a)a <br /> system user leaving the Business Account's employment or otherwise losing his/her status as an <br /> authorized user; and(b)the Business Account learning that the password has been obtained by <br /> unauthorized persons or entities. <br /> 1.6 Review security policies and guidelines with system users at least quarterly. <br /> 2.0 Physical Security <br /> 2.1 The Business Account shall'require system users,when not at their workstations,to log off the <br /> Business Account Website,or lock their screen using a password protected screen-saver in order to <br /> prevent unauthorized access. <br /> 2.2 ORCA card stock shall be kept in a secure/locked location with access limited to those administering <br /> the program. <br /> 2.3 The Business Account shall require its employees to keep printed reports containing account <br /> information in a secure location. <br /> 3.0 Incident Management <br /> 3.1 The Business Account shall report any security incident or suspected incident immediately to the <br /> Lead Agency. Examples of possible security incidents would be introduction of computer viruses, <br /> unauthorized transactions or blocked cards, or lost or stolen card stock. <br /> ORCA Passport Agreement Page 22 of 23 City of Everett BA ID:1891 <br /> December 1,2010-November 30,2011 <br /> 33 <br />
The URL can be used to link to this page
Your browser does not support the video tag.