Overview of Data Security Responsibilities
- Data Security Responsibilities
- Decentralized Security Representative
- 05SC002E (DSD-3) & Instructions
- Password Standards
- Logon ID’s
- Guidelines
- 05SC003E (MID-1) & Instructions
Data Security Responsibilities
Data Services Division, Data Security Unit, has the responsibility of establishing a Decentralized Security Representative for your division. The responsible person may be the County Director or designee.
Data Security interfaces with, and supports, a number of management controls, which include separation of function, individual responsibility, and accountability.
Our intention is to provide an efficient and systematic method of authorizing and documenting access to data sets, IMS transactions, and other resources. These controls are designed to minimize unauthorized access, modification or disclosure of any Divisions data.
Decentralized Security Representative MID-1 & MID-1-A:
The Decentralized Security Representative will have the responsibility of:
- Ensuring Logon Authorization form(s) ‘05SC003E (MID-1) or 05SC004E’ (MID-1-A) are completed and forwarded to Data Security (this includes new hire, transfer, resignation).
- Specifying who can access data (transactions, data sets, etc.)(Which users in OKDHS or non-OKDHS have access to what data in the appropriate Division)?
- Conditions under which data or resources can be used and/or shared:
- Read: capability to view a data set, but not update
- Update: capability to modify a data set
- Allocate: capability to delete, or rename a data set
- Expiration date: if access is to be limited
Logon ID’s:
Logon ID’s are codes that identify users of the computer system. Each user is required to have a logon ID in order to access the system. Logon IDs are assigned by Data Security to those employees who are authorized to use the computer. Each logon ID has associated with it information unique to the user, such as his/her password, name, organization, etc. The user’s organization information and logon ID are combined into the user identification string (UID), which is used in controlling access to data.
Passwords are unique codes associated with a users’ logon ID, which authenticates that the users are who they say they are. The password associated with a particular logon ID is the responsibility of that specific user and must be kept confidential at all times.
Features are provided to allow authorized sharing of data without sharing logon ID’s and passwords.
Logon ID Guidelines:
- Request for access to the computer system will be granted only after form 05SC003E (MID-1) or 05SC004E (MID-1-A) “Logon Authorization” has been completed and signed by the requestor, approved by his or her manager, and signed by the Decentralized Data Security Administrator.
- Only one user is responsible for the confidentiality of his or her password.
- Logon ID’s not accessed for 60 days will be canceled.
Password Standards:
Users can only change their passwords once within a 15 day period. If it needs to be changed prior to the end 15 day waiting period, the user must receive a temporary password by calling the OMES Service Desk at 405-521-HELP option 1 or OMES has an easier option for state employees to reset agency passwords for workstations and email. Network passwords can be set without contacting the service desk. This does not include mainframe password resets.
To begin using Self Service Password Reset (SSPR), navigate to passwordreset.ok.gov and follow the instructions to register.
Follow this link to View the instructions webpage to guide you through the steps, or these instructions to guide you through the register process.
Once registered, reset your password or unlock your account by visiting passwordreset.ok.gov and following instructions to reset.
Passwords will continue to be subject to all existing OKDHS policies on complexity, strength, age restrictions and expiration.
Passwords cannot be reset if already changed in the previous 24 hours.
If you experience any issues with this process, please contact your local Workstation Support Specialist or contact the OMES Help Desk at 405-521-HELP, 1-866-521-2444 or email ServiceDesk@omes.ok.gov.
- Users are required to change their passwords every 60 days.
- Passwords cannot be reused for two years.
- Passwords will be locked out after the 3rd incorrect password is entered.
- If a user ID is not used for 60 days; it will be cancelled.
- User’s name or U number cannot be used in the password
Password Requirements
(to match Network and Mainframe passwords):
- Must be exactly eight characters long
- Must contain letters and numbers
- Contain special characters
- Must not have no more than two repeating characters in a row
- The user ID may not be used in the password
Active User Report
Active User Report is sent to each county in an email the first of each month. Review the list of user ID’s and notify Security Services of any discrepancies and email any changes to: servicedesk@omes.ok.gov
Comments or Suggestions?
We want Quest to be your source for important information that you need to succeed at in your work but we need your help:
Was this article helpful? Was it missing something you needed to get the job done?
Tell us what you think, what you know about this article. What are we doing well, and what we could do better.
All fields are required.