IT Service Catalog FY 21-22

I N F O R M A T I O N T E C H N O L O G Y A D M I N I S T R A T I V E S E R V I C E S

IT Cyber Security IT Cyber Security develops and implements information security controls to protect the confidentiality, integrity, and availability of City of Greensboro systems and information and ensures compliance with data privacy laws and industry regulations. In addition, IT Cyber Security develops and implements frameworks for categorizing data collected, stored, and managed by the City of Greensboro, and securing this data from risks including unauthorized access, modification, disclosure and use.

INCLUDES: • Risk assessments • Cyber security awareness and training • Vulnerability management • Forensics analysis • Cyber security incident management • Security monitoring and analysis • Audits and compliance • Intrusion detection and prevention • Dark web monitoring • 3rd party vendor assessments • User provisioning • Access permissions • eDiscovery • Social media archiving

How do we charge? Included in monthly Network charge (Appendix A) Major cost drivers • Vulnerabilities • Cyber Security Threats • Cyber Security Risks • Business Need or Organizational Requirements • Malware • Ransomware • HIPPA Compliance • PCI Compliance • ISO 27001 Compliance What should you expect? Service availability: 8 am - 5 pm, Monday - Friday

SERVICE DESK LINES Main Support Line

336-373-2322 Public Safety IT 336-373-3375 GM-911 Support 336-373-4350

RESPONSE TIME Priority Time Critical 2 Hours High Same Day Medium 2 Days Low 3 Days

Tasha Swann Holsey Cyber Security & Compliance Manager 336-335-5686

FACT:

How can you help?

The Cyber Security Team strives to protect employees against scams and phishing attacks. Over the past year, we have identified and stopped 16,607k phishing attacks intended to compromise employees’ credentials and steal confidential information.

1. Never click on links or open attachments in emails from people you do not recognize and be very suspicious of links inside Word, Excel or PDF attachments. 2. Check to make sure the company that sent the email is legitimate – always check the sender’s email address to ensure that it belongs to a legitimate business. 3. Always hover over links in emails and check to make sure the link is legitimate by using www. virustotal.com – “Love to Hover”. 4. Never provide your City credentials (username and password) to access files through links in emails. 5. If you click on a link in a phishing email or provide your credentials by mistake, contact the Cyber Security Team or your designated support area immediately so that actions can be taken to limit the impact to your account and the City’s network.

8 I T S E R V I C E C A T A L O G • D E C E M B E R 2 0 2 1 - N O V E M B E R 2 0 2 2