Laserfiche WebLink
a user ID and password should be disabled. <br />Each Parole LEADS end user shall be responsible for changing his or her password at least once every 75 days to counter the <br />possibility of undetected password compromise. <br />A password shall be invalidated at the end of 90 days. A user who logs on with an ID having an expired password shall be <br />required to change the password for that user ID before further access to the system is permitted. <br />Parole LEADS Security Audit Records Management <br />Parole LEADS generates security audit records at each of the firewalls, as well as at the various servers. The Parole LEADS <br />Information Security Office (ISO) shall ensure that security audit records be reviewed to detect potential attacks on Parole <br />LEADS, and that appropriate alarms be setup to notify the Parole LEADS Security Administrator when anomalous events occur. <br />The audit function supports accountability by providing a trail of user actions. Actions are associated with individual users for all <br />security relevant events. The audit trail can be examined to determine what happened and which user was responsible for a <br />security relevant event. For each recorded event, the audit record will include the date and time of the event, type of event, <br />offered user ID for unsuccessful logins or actual user ID for other events, and origin of the event (e.g., computer name or IP <br />address). <br />The Parole LEADS application shall cause a record to be written to the security audit trail for at least each of the following <br />events: <br />• Failed user authentication attempts <br />• Resource access attempts that are denied <br />• Attempts, both successful and unsuccessful, to obtain privilege <br />• Activities that require privilege <br />• Successful access of security critical resources <br />• Changes to Parole LEADS users' security information <br />• Changes to the Parole LEADS system security configuration or modification of system software <br />Alarm thresholds should be determined in order to notify the Parole LEADS ISO or Enterprise EIS personnel of potential security <br />violations. <br />Parole LEADS audit trail records shall be kept for a minimum of three (3) years. <br />Parole LEADS Agency Service Suspension or Termination Process <br />If Parole LEADS service to an authorized agency must be suspended or terminated, DAPO shall issue a letter suspending or <br />terminating the agency and its associated end users. This letter will explain the reasons for the suspension or termination and <br />advise the agency that the action can be appealed to the DAPO Director. All authorized user logon identifiers and passwords <br />associated with that agency will be canceled by the Parole LEADS Security Administrator immediately. <br />If an agency loses CLETS Criminal History capability or is sanctioned by action of DOJ or the CLETS Advisory Committee, that <br />agency will be terminated from Parole LEADS access until such time as the sanctions are lifted. <br />Parole LEADS Security Incident Escalation Standards <br />Reporting <br />It is the responsibility of all users with authorized access to Parole LEADS to report all incidents that would place DAPO <br />information assets at risk. The following incidents shall be reported to the Parole LEADS Security Administrator or designee at <br />ParoleL EADS2@cdcr.ca.gov: <br />• Any incidents involving or suspected to involve unauthorized access to Parole LEADS information, automated files, or <br />