Policy #: |
Title: |
Effective Date: |
6.105 |
Internet Usage Policy |
07/13/04 |
PURPOSE
_______________________________________________________________
|
To establish a countywide security policy for acceptable use of the Internet utilizing County information technology resources. |
REFERENCE
_______________________________________________________________
July 10, 2004, Board Order 10 - Board of Supervisors Policy – Information Technology and Security Policy. |
POLICY
_______________________________________________________________
This policy is applicable to all County employees, contractors, sub-contractors, volunteers and other governmental agency staff who have access to the Internet through use of County resources. County information technology resources, including Internet access, are established to be used for County business purposes. No County Internet user shall intentionally or through negligence damage, interfere with the operation of, or prevent authorized access to County information technology resources. Authorized users shall not allow another user to access the Internet using their authorized account. Internet access is provided to the end user at the discretion of each County department. The County has the right to administer any and all aspects of Internet access and use including, but not limited to: monitoring sites visited by employees on the Internet, monitoring chat groups and newsgroups, and reviewing materials downloaded from or uploaded to the Internet by users and limiting access only to those sites required to conduct County business. Monitoring/investigating employee access to County I/T resources (i.e., e-mail, Internet or employee generated data files) must be approved by department management. If evidence of abuse is identified, notice must be provided to the Auditor-Controller’s Office of County Investigations. It is prohibited to use County provided Internet access for personal gain, gaining or attempting unlawful access into information technology resources, or activities that are detrimental to the County. The following inappropriate use of Internet activities are examples only and are not intended to limit the scope of potential Internet use violations: | |
Ÿ |
Using the County’s Internet services for the unauthorized downloading of software or file sharing software that is not specifically used for conducting County business. |
Ÿ |
Using the County’s Internet services for downloading or distributing material in violation of copyright laws (i.e., movies, music, software, books, etc.). |
Ÿ |
Using the County’s Internet services for downloading or distributing pornography or other sexually explicit materials. |
Ÿ |
Using the County’s Internet services for any activities that could be construed as a violation of National/Homeland Security laws. |
Ÿ |
Using the County’s Internet services to post scams such as pyramid schemes or “make-money-fast” schemes to others via the Internet. |
Ÿ |
Using the County’s Internet services to post or transmit any message or material which is libelous, defamatory, or which discloses private or personal matters concerning any person or group. |
Ÿ |
Using County Internet services for running a private business or web site. |
Ÿ |
Using the County’s Internet services to post or transmit to unauthorized individuals any material deemed to be private, proprietary, or confidential information. |
Ÿ |
Attempting an unauthorized access to the account of another individual or group on the Internet, or attempting to penetrate beyond County security measures or security measures taken by others connected to the Internet, regardless of whether or not such intrusion results in corruption or loss of data. |
Ÿ |
Knowingly or carelessly distributing malicious code to or from County information technology resources. |
Ÿ |
Using the County’s Internet services to participate in partisan political activities. |
Compliance Employees who violate this policy may be subject to appropriate disciplinary action up to and including discharge as well as civil and criminal penalties. Non-employees including contractors may be subject to termination of contractual agreements, denial of access and/or penalties both criminal and civil. Policy Exceptions Requests for exceptions to this Board policy must be reviewed by the CIO and approved by the Board of Supervisors. Departments requesting exceptions should provide such requests to the CIO. The request should specifically state the scope of the exception along with justification for granting the exception, the potential impact or risk attendant upon granting the exception, risk mitigation measures to be undertaken by the department, initiatives, actions and a time frame for achieving the minimum compliance level with the policies set forth herein. The CIO will review such requests, confer with the requesting department and place the matter on the Board's agenda along with a recommendation for Board action. | |
RESPONSIBLE DEPARTMENT
_______________________________________________________________
Chief Information Office (CIO) |
DATE ISSUED/SUNSET DATE
_______________________________________________________________
Issue Date: July 13, 2004 |
Sunset Date: July 13, 2008 |
Review Date: August 25, 2008 |
Sunset Date: July 13, 2012 |
Review Date: July 19, 2012 |
Sunset Date: January 13, 2013 |
Review Date: February 28, 2013 |
Sunset Date: July 13, 2013 |