IT Service Catalog FY 2019-2020

I N F O R M A T I O N T E C H N O L O G Y A D M I N I S T R A T I V E S E R V I C E S

IT Cyber Security IT Cyber Security develops and implements information security controls to protect the confidentiality, integrity, and availability of City of Greensboro systems and information and ensures compliance with data privacy laws and industry regulations. In addition, IT Cyber Security develops and implements frameworks for categorizing data collected, stored, and managed by the City of Greensboro, and securing this data from risks including unauthorized access, modification, disclosure and use.

INCLUDES: • Risk assessments • Cyber security awareness and training • Vulnerability management • Forensics analysis • Cyber security incident management • Security monitoring and analysis • Audits and compliance • Intrusion detection and prevention • Dark web monitoring • 3rd party vendor assessments • User provisioning • Access permissions • eDiscovery • Social media archiving

How do we charge? Included in monthly Network charge (Appendix A) Major cost drivers • Vulnerabilities • Cyber Security Threats • Cyber Security Risks • Business Need or Organizational Requirements • Malware • Ransomware • HIPPA Compliance • PCI Compliance • ISO 27001 Compliance What should you expect? Service availability: 8 am - 5 pm, Monday - Friday

SERVICE DESK LINES Main Support Line

336-373-2322 Public Safety IT 336-373-3375 GM-911 Support 336-373-4350

RESPONSE TIME Priority Time Critical 2 Hours High Same Day Medium 2 Days Low 3 Days

Tasha Swann Holsey Cyber Security & Compliance Manager 336-335-5686

FACT:

How can you help?

Our efforts to raise cyber-security awareness with emloyees about phishing attacks have been beneficial in the past year alone, the number of employees that are more likely to fall victim to a phishing attack has dropped from 10% to 0.6%.

1. Never click links or open attachments in emails from people or businesses you do not recognize. 2. Never click on links inside email attachments. Hackers hide their malicious links inside PDF or Word documents to try to bypass our security controls. 3. Check to make sure the company that sent the email is legitimate – always check the sender’s email address to ensure that it belongs to a legitimate business. 4. Always hover over links in emails to see if the link points to a legitimate website. 5. Use www.virustotal.com to check links in emails and ensure they are legitimate. 6. If you did happen to click on a link or an attachment within a phishing email, please contact the Cyber Security Team or your designated support area immediately to take precautionary measures to disinfect your system and limit the impact on the City’s network.

8 I T S E R V I C E C A T A L O G • F Y 2 0 1 8 - 2 0 1 9