FISCAL Accounting & Reporting
5000 - Non-Instructional/Business Operations
5573 COMPUTER CONTROL FOR FINANCIAL AND OTHER DISTRICT NETWORKS AND SYSTEMS
The goal of the Williamsville Central School District is to ensure that the financial networks and systems are adequately secured. Accordingly, our policies to achieve that objective are outlined below.
Current Network Facilities
The financial systems of the District are hosted on a secure server at the WNYRIC data center. This server is secured behind a checkpoint firewall and on a separate secure VLAN from other storage areas and network applications and management systems. Access to the financial system is denied to all users except those given specific rights.
All routers, switches, servers, and communications appliances within network will be loaded with up-to-date anti-hacking and anti-virus software to protect the network from Denial of Service Attacks, Trojan Horses, Viruses, and Worms. Inspection logs will be verified on a regular basis by the Network Administrator.
The System Administrator shall monitor the environmental protections including air conditioning, heat, ventilation, battery back-up and electric generator function. Warning notifications will be reported to the Systems Administrator and corrective action taken as soon as possible. Once a week, a powered generator test will be held.
Automated and manual software update procedures must be in place and monitored. The main MDF closet will be secured at all times and access to this area will be given only to appropriate staff.
The IT department will monitor theft and vandalism, and staff members will report losses immediately to the School Principal or other senior administrator. Equipment replacement will not occur unless the proper loss form is completed and sent to the Assistant Superintendent for Business.
Student folders shall be locked down so that each has access to his/her folder only.
Requests for network access and e-mail accounts by staff requires the completion of a sign-up form from the Human Resources office and which includes a signature of approval by the district’s security officer.
Employees of the District must change their network passwords every ninety (90) days. Each password is secured by the individual users and maintained by the Office of Technology.
Passwords to the financial systems must also be changed every one hundred eighty (180) days. Passwords must be at least six (6) characters in length but no more than ten (10) characters and must contain at least one letter and one number and should not be a common word, family or pet name, address, birthday or telephone number.
All user level passwords for network access will be changed when a compromise is suspected.
Passwords are not to be shared under any circumstances. If access is needed by a supervisor, the system administrator will change the user's password to permit access. When the user returns to work, the password can be reset by the user.
Backup and Disaster Recovery
The Williamsville CSD servers contain data, email, logs and software that are critical to both students and staff. The Lead Technician for the Technology Department has the responsibility to coordinate all district backups and maintain backup logs. Servers are backed up at various intervals based on the nature of the particular data.
The District utilizes MailMeter to monitor and archive all incoming and outgoing email. MailMeter data is purged after seven years. The entire email database is regularly backed up and purged. It is the responsibility of the end user to retain email beyond the seven year period or when required by law. Users are guided by and should refer to current document retention regulations.
The Williamsville Information Tracking System is backed up at regular intervals including transaction logs, database, structural data, development server, and WITS Mail
Other backups include:
Domain Controllers, Internet Proxy Logs, Staff Data*, Student Data*
*.jpeg, .mp3, .m4a, .mp4 are not included in staff and/or student backups. These types of media files should be backed up locally by the end user. Users should contact their Computer Support Technician for assistance.
Off-Site systems such as WinCap, eSchool, IEP Direct are maintained and backed up at Erie 1 BOCES.
The Chief Administrator for Instructional Technology serves as the system administrator of the financial system. This person should have no business function. The role of this administrator to approve and change permissions when a request is made.
The Chief Administrator for Instructional Technology will ensure that the operation of IT Services is in full compliance with the District's policies, New York State Education Law and Regulations, privacy laws and practices, disclosures, regulations, etc.
The Chief Administrator for Instructional Technology or his/her designee shall maintain and manage e-mail policies, spam and agreements.
The Chief Administrator for Instructional Technology shall manage third-party contracts and agreements.
The Chief Administrator for Instructional Technology or his/her designee shall be responsible for the installation and configuration of all wireless access points.
Financial Manager Permissions
Permissions for individuals in the financial system begin with the Chief Administrator for Instructional Technology, with supervisors from the Human Resources and Business offices assigning appropriate levels of access. Access will be based on the end user’s designated job responsibilities. These permissions will be reviewed on a yearly basis by the Chief Administrator for Instructional Technology along with other appropriate administrators. When special needs arise such as an extended absence by one of our employees designated for a specific job function in the financial system, the appropriate administrator may initiate a request to the Chief Administrator for Instructional Technology for temporary changes to the permissions.
Remote Access and Security
Remote access will be granted to the finance manager vendor for purposes of updating the system or software. The time of this access will be limited to business. Any abnormal access shall be reported immediately to the Chief Administrator for Instructional Technology and all remote access shall be terminated until permission to resume is granted.
Within the financial systems there are a number of useful reports that can be generated for review by the Board of Education, the District Superintendent, the Assistant Superintendent for Business, and the auditors. Access to view and print these reports will be given to the Assistant Superintendent for Business, the Treasurer and/or the District auditors. Such reports may be requested as needed by the Board of Education and the District Superintendent.
« BACK | BACK TO POLICY SERIES