You are on this page: Security
Welcome to OCFS’s CONNECTIONS Information Security website. The OCFS Information Security website provides users with an overview of the information security requirements for the CONNECTIONS system and the required expectations of all individual users accessing the CONNECTIONS system. This website will provide you with information security guidance, administrative directives and policies in order to maintain the confidentiality, availability and integrity of New York State’s child welfare information.
The selection and employment of appropriate security controls for an information system is an important task for the operations and assets of an organization. CONNECTIONS security controls consist of administrative, technical and physical controls, which are designed to protect the confidentiality, integrity, and availability of the system and its information. As members of the workforce within NYC’s Administration for Children’s Services, a local district, or an authorized voluntary agency, you should understand the risks presented and other factors that could adversely affect your organization’s mission, operations, and its most important asset, the information on the children and families we serve.
Contents
What's New in Security
- ITS Policy Webpage
- 13-OCFS-ADM-01 Portable Devices Security and Remote Access Guidance 11/2013
- 13-OCFS-LCM-03 Information Security Awarensess Training Requirements 11/2013
- OCFS Field Support for Information Security and Guidance 11/2012
- CPS Supervisor Limited Bundle Communication - 6/2012
- Confidentiality Memo - Districts - Agencies and State Partners - 5/2012
- OCFS Laptop and Other Portable Device Security Brochure
CONNECTIONS Reminders to LAN Administrators
CONNECTIONS Security Tip Sheets
CONNECTIONS Security Awareness Messages
- November 2012 - Did you know?
- October 2012 - Cyber Security Awareness Month
- August 2012 - Malware - Removable Media Phishing Scams
- July 2012 - Physical Security and Secure Storage of Data and Documents
- May 2012 - Security Information for Remote Access to State Applications from Non-State Owned or Personally Owned Devices
- April 2012 - User Account Management
- April 2012 - Clean Desk/Secure Desk
- February 2012 - Mobile ComputingTips
- January 2012 - Information Security Resources and Contact Information
- Holiday Phishing Scams (Posted Dec 9, 2011)
- December 2011 - Dispose of Information Securely
- November 2011 - Tips to Keep Your Information Secure
- September 2011 - Basic Tips
- July 2011 - Protecting Your Portable Device and OCFS Information
- June 2011 - Removable Media
- May 2011 - Digital Copiers_Printers_Fax Devices
- April 2011 - Use of Laptops and Encryption
- March 2011 - Think Before You Click
Role of the CONNECTIONS Security Coordinator
- The Role of the CONNECTIONS Security Coordinator (updated July 2007)
Security Guidelines
- Removable Media
- Guidelines for Using Electronic Communication for Sharing Case Specific Information
- Security Awareness Guidelines
- Best Practice Guidelines for General HSEN Passwords and PC
Business Function Guidelines
- Business Function Guidelines for Local Districts (updated 7/27/21)
- Business Function Guidelines for Voluntary Agencies (updated 7/27/21)
- CONNECTIONS Build 18.9 Business Function Guidelines (updated 1/25/07)
- Impact Analysis: Build 18.9 Security
Security Coordinator Resources
- CONNECTIONS Build 18 Case Management Security for Decision Making Training Video Companion Guide(updated 8/17/2004)
- CONNECTIONS Step-by-Step Guide: Security (updated 4/12/2006)
- TS: CONNECTIONS Security: Your Role and Responsibilities as Security Coordinator Computer Based Training Announcement
Internet Access Forms
- Notification of a Change in Internet Access and Administration Policy (updated 10/13/06)
- Internet Security Administrator Proxy Request Form
- Internet Access Request Form
A note about this topic: Maintain Agency Access and Maintain Organizational Hierarchy can only be assigned by State staff. To have them assigned to a staff in your district or agency, please have the Implementation Coordinator for your local district or agency complete the form below and forward to either Donna Cramer or Marie Wiley of CONNECTIONS Communications.
Please remember that any Business Function, including the MAINT AGY ACCESS and MAINT ORG HIER, cannot be assigned unless the person has a valid NT ID and is not in a conversion unit (a unit that has Conversion Person as the Unit approver). OCFS has been receiving requests for staff who do not meet one or both of these criteria, so please check before the request is sent in to avoid delays.
Please note: The Add or Maintain Agency Access or Organizational Hierarchy form is also posted in WORD in the Public Folders. The path to the form is: Public Folders>All Public Folders>dfa.state.ny.us>CONNECTIONS>Forms
- CONNECTIONS Security Coordinator Update and Security Business Functions Request Form (updated 12/19)
- Data Warehouse Report ~ Organizational Hierarchy Report
Security Training Course Description
CONNECTIONS Security is a one-day course intended specifically for workers assigned as their agency's security coordinator or backup security coordinator. This instructor-led training provides discussion, demonstration and hand's-on exercises designed to provide CONNECTIONS Security Coordinators with a thorough orientation to all basic CONNECTIONS security functions. Participants learn about topics such as maintaining staff, office and units, security reports: modifying business function profiles, transferring workers, end-dating and reinstating staff.
Please note: For information on dates/times for Security training please see the SUNY Training Schedule posted on the Training Info & Schedule page of the website.