Print
Share page with AddThis

Acceptable Use of Information Technology - CoM

Purpose

The purpose of the Acceptable Use Policy (AUP) is to establish the acceptable use of information technologies in the City of Melrose (“the City” or “City”) in order to benefit the employees and residents of the City. The City encourages the use of information technology in our City operations and the public at large. The City believes that the understanding and proper use of these technologies enhance efficiency, collaboration, production and the transparency of government.

General Statement of Policy

This policy will provide an explanation, purpose and definition of acceptable use by the employees, contractors and subcontractors of the City. This policy is required to be read prior to using or accessing any information technology in the City.

Implementation of this Policy

The Mayor or his/her designee(s), shall develop and implement administrative regulations, procedures, terms and conditions for use and user agreements consistent with the purposes and mission of the City as well as with applicable laws and this policy. The review of this policy will be done annually by the HR and IT Departments, and any updates will be reviewed and approved by the Mayor.

Definitions:

Electronic Communication: Any communication or interaction which occurs through electronic means.  Electronic communications include but are not limited to communications that have no specific intended recipient (e.g., posting a blog entry or status update on a publicly visible website, depending on privacy settings, which may be viewed by the public or users of that website).

Employee: Any individual currently employed by the City of Melrose.

The CoM:  The City of Melrose and its employees.

Staff:  All employees of the City and any contractor or individual employed by a contractor who provides services in or to the City.

Information Technology: Information Technology includes but is not limited to the City Network Infrastructure, wireless network, hardware, software, systems, electronic devices, computers, peripherals, website, electronic documents and files, storage devices, data, Internet, digital resources, blogs, podcasting, telephone including Voice over Internet Protocol (VoIP), email or any other device or equipment used to access, store, manipulate or transmit data. Also referred to as electronic technology.

Users: Any person using the City’s information technologies.

Devices: Any City-owned or leased device, staff-owned device or any device being used in the any public facility of the City or on the City’s network.

CoMIT: The City of Melrose Information Technology department.

 

Use of City Information Technology

  1. Employees must abide by the City’s Social Media Policy (SMP), Acceptable Use Policy for Information Technology (AUP), Network, Computer and Software Access Policy and Password Policy, and are incorporated herein by reference as if set forth in full and are made a provision of this agreement which must be complied with.
  2. Users will not use the City’s electronic technologies to access, review, upload, download, store, print, post, receive, transmit or distribute:
    1. Pornographic, obscene or sexually explicit material or other visual depictions that are harmful to minors;
    2. Obscene, abusive, profane, lewd, vulgar, rude, inflammatory, libelous, threatening, disrespectful, or sexually explicit language;
    3. Materials that use language or images that are inappropriate in the workplace or disruptive to the mission of the City;
    4. Information or materials that could cause damage or danger of disruption to the processes of the City;
    5. Materials that use language or images that advocate violence or discrimination toward other people (hate literature) or that may constitute harassment or discrimination, or any other material that would violate any law;
    6. Orders made by shopping online during time designated as off-limits by the City unless purchasing is being made for the purpose of City business;
    7. Personal photos, videos, files or music not related to City purposes for any extended length of time with the exception of those pre-approved by City administrators;
  3. Users will not use the City’s electronic technologies to gamble including but not limited to visiting gambling sites online and downloading gambling apps on their mobile devices.
  4. Users will not use the City’s electronic technologies to knowingly or recklessly post, transmit or distribute false or defamatory information about a person or organization, or to harass another person, or to engage in personal attacks, including prejudicial or discriminatory attacks.
  5. Users will not use the City’s electronic technologies to engage in any illegal act or violate any local, state or federal statute or law.
  6. Users will not use the City’s electronic technologies for political campaigning.
  7. Users will not physically or electronically vandalize City technologies nor use the City’s electronic technologies to vandalize, damage or disable the property of another person or organization.
  8. Users will not make deliberate attempts to degrade or disrupt equipment, software, network, or system performance by spreading computer viruses or by any other means.
  9. Users will not tamper with, modify or change the City’s electronic technologies software, hardware or wiring or take any action to violate the City’s security system.
  10. Users will not use the City’s electronic technologies in such a way as to disrupt the use of the system by other users.
  11. Users may not add or remove any software from City-owned computers or devices nor modify the equipment, software configuration, or environment. [All electronic technology requests must go through the City of Melrose Information Technology (CoMIT) Technology Work Order System.]
  12. Users will not use the City’s electronic technologies to gain unauthorized access (hacking) to information resources or to access another person’s materials, information or files without the implied or direct permission of that person.
  13. Users will not attempt to gain unauthorized access to the City’s electronic technologies or any other system through the City’s electronic technologies. Users will not attempt to logon through another person’s account, or use computer accounts, access codes or network identification other than those assigned to the user. Access through any means other than an individual’s logon credentials is not permitted
  14. Users will not use the City’s electronic technologies to post information in public access areas regarding private information about another person. Private information includes personal contact information about themselves or other persons, or other personally identifiable information including, but not limited to, addresses, telephone numbers, identification numbers, account numbers, access codes or passwords, labeled photographs or other information that would make the individual’s identity easily traceable, and will not repost a message that was sent to the user privately without permission of the person who sent the message
  15. Messages, files and records on the City’s electronic technologies may not be encrypted in such a way that the Information Technology Department cannot access them and without the permission of appropriate administrative City authorities.
  16. Users will not use the City’s electronic technologies in any way that may violate trademark or copyright laws or usage licensing agreements
  17. Users will not plagiarize works they find on the Internet or other information resources
  18. Users will not use another person’s property without the person’s prior approval or proper citation
  19. Users will not load, download or exchange pirated software or copy software to or from any City computer including freeware and shareware
  20. Users will not use the City’s electronic technologies for unauthorized commercial purposes or for personal financial gain unrelated to the mission of the City. Users will not use the City’s electronic technologies to offer or provide goods or services or for product advertisement, except as authorized by the City administration. Using technologies in this way violates state ethic codes
  21. The City does not support personal hardware or software except when/where otherwise indicated. Users will not install any personal hardware or software on any City-owned systems including but not limited to printers, wireless access points or switches. Users will not use City resources, Internet access or network via hardwire connection to the City network infrastructure. Users will not connect their home PC or laptop to the wall plate network jack in any building for Internet access.
  22. Users will not use online proxy or VPN services to negate or otherwise bypass City Internet content filtering
  23. There are many people and systems dependent upon a proper and optimal performance level of the network infrastructure. Frivolous, excessive and inappropriate use of these network resources by one or a few individuals should not compromise the performance for other individuals and will operate with consideration for all who use the shared resources. The City may need to put quotas on storage or bandwidth as well as block websites or other online resources in order to maintain fairness of resource allocation for all City users
  24. Users are required to keep their passwords private and secured. Failure to do so could result in the unauthorized access of sensitive City data. Users who do not secure their passwords could have their access to systems, temporarily or permanently removed, or suspended and face disciplinary action. Examples of insecure storage of passwords include writing a password on a piece of paper attached to a monitor, under a keyboard, or pinned to a wall
  25. If an employee has City provided equipment, it is intended to be used primarily by that employee both at work and at home.
  26. Employees are responsible for maintaining their home network and Internet service. The CoMIT is not responsible for setting up an employee’s work device to work on said employee’s home network nor is the CoMIT responsible for troubleshooting problems with an employee’s work device for use at home.
  27. CoMIT may request that you bring your electronic device to their respective locations if needed for updates and maintenance
  28. Issues requiring service or repair may necessitate wiping and re-enrolling the electronic device to restore it to the original configuration.
  29. Do not leave your electronic device unattended. Make sure your electronic device is stored in a safe, secure environment, e.g. do not leave it in your car overnight, even if it is locked.
  30. Do not insert foreign objects (paperclips, pens, paper, pieces of plastic etc.) into the ports (openings) of the electronic device.
  31. Do not use water or other cleaning solutions on the electronic device unless they are approved for use on electronics. Wipe the surfaces lightly with a clean soft cloth. Always avoid touching the screen.
  32. Transport your electronic device in an appropriate protective case.

 

Public Records

  1. The law requires public employees who send, receive or maintain records in their capacity as public employees, to retain, disclose and dispose of such records in compliance with strict provisions of the public records law (Massachusetts General Laws, Current).  This law applies whether or not the record is in the form of a paper document or an electronic communication.  
  2. When staff communicate through City-based resources, such as staff e-mail or City-sponsored web pages, such records are retained and archived through the City’s information technology department.  If, however, an employee communicates outside of these resources, such information is not retained.  The burden to comply with public records laws falls on the employee when using personal e-mail or social network accounts to communicate with residents on work-related issues.

 

 

Content Filtering

  1. The City uses hardware and software designed to block access to certain sites and filter content. CoMIT is aware that not all inappropriate information can be filtered and will make an effort to correct any known gaps in the filtering of information without unduly inhibiting the use of content by employees. Users will inform CoMIT of any inadvertent access to inappropriate material, in order that there is appropriate modification of the filtering profile.
  2. Content filtering used when at work on City networks will not be available at home.

 

Monitoring and Limited Expectation of Privacy

  1. By authorizing use of the City electronic technologies, the City does not relinquish control over content or data transmitted or stored on the network or contained in files. Users should expect only limited privacy in the contents of personal files on the City’s electronic technologies.
  2. The City monitors the use of the City’s network to protect the integrity and optimal operation of all computer and system networks.
  3. The City will cooperate with copyright protection agencies investigating copyright infringement by users of the computer systems and network of the City.
  4. Technicians and computer system administrators maintain full access rights to all storage devices, and may need to access/manage such storage devices as part of their duties.
  5. Routine maintenance and monitoring of the system may lead to discovery that a user has or is violating the City Technology Acceptable Use Policy, other City committee policies, state laws, or federal laws.
  6. Search of particular files of a user shall be conducted if there is a reasonable suspicion that a user has violated the law or City policies. The investigation will be reasonable and in the context of the nature of the alleged policy violation.
  7. The City will cooperate fully with local, state and federal authorities in any investigation concerning or related to any illegal activities or activities not in compliance with City policies conducted through the City’s electronic technologies.

 

Limitation on City Liability

Use of the City’s technology is at the user’s own risk and the City will not be responsible for any damage users may suffer, including, but not limited to, loss, damage or unavailability of data stored on the City’s systems or for delays or changes in or interruptions of service, corruption in delivery or non-deliveries of information or materials, regardless of the cause. The City is not responsible for the accuracy or quality of any advice or information obtained through or stored on the City’s electronic technologies. The City will not be responsible for financial obligations arising through unauthorized use of the City’s technologies or the Internet.

 

Damage of City-Owned Electronic Property

  1. The following are the responsibility of the employee other entity using City-owned electronics (property) in or outside the City. Any damage incurred while using the electronics will be assessed by City and/or CoMIT and determine if the employee or other entity is responsible for reimbursement to the City for the property damage.
  2. Deliberate damage, neglect or abuse caused by the employee or other entity or anyone the employee allows to use a City-owned device(s). This includes intentionally marking, defacing, inserting foreign objects in, and/or abusing the electronics (amusement, anger, frustration, etc.); and damage caused by tampering with hardware components (battery housing, RAM, keys, camera, etc.) to alter City configurations.
  3. Leaving the device unattended or failing to secure it per City recommendations.
  4. Leaving it unsecured in a motor vehicle.
  5. Mysterious disappearance of the electronics meaning that the electronics user has no knowledge as to the place, time, or manner of the loss.
  6. Liquid/beverage spills on the electronics (i.e. eating or drinking near the electronics is not accidental).
  7. Damage caused by repairs made by an unauthorized source; City employees should bring electronics for repair only to CoMIT tech support personnel.
  8. All damage claims should be reported to the CoMIT immediately and no later than five (5) days after an incident.
  9. In the event of a theft, you must report the incident to the CoMIT through the ticket system immediately and no later than three (3) days after the theft. The CoMIT must also submit a police report with your information. Note that filing a false police report is a felony.

 

 

Access

  1. Access to network and software resources shall not be given to any user or contractor who has not signed an Electronic Acceptable Use Policy.
  2. Default access to network resources will be given to users when they begin employment
  3. Default access will include access to their department’s “Department” folder and access to a “User” folder or redirected “My Documents” folder for storage of their documents
  4. Access to software applications will be given under the following circumstances:
    1. A supervisor requests that their employee have access to a software application
    2. Human Resources (HR) requests access upon hire
    3. The position that the employee is hired for, transferred/promoted to, requires access to a software application
    4. The Mayor and/or his/her designee requests access for an employee
  5. Access to software systems containing sensitive information or data or may violate state law if disclosed will be verified with the Mayor and/or his/her designee before access is given.
  6. Munis accounts will be made in coordination with the Munis Data Analyst.
  7. Access will be given on a, “least-privilege” basis i.e., enough access to accomplish a daily task but no more.
  8. Administrative privileges
    1. Administrative access permissions on a Microsoft Windows network shall not be given to any user outside of the City of Melrose (CoMIT) team. Administrative permissions allow malicious attacks to easily gain access to network resources.
    2. Administrative access to one’s own computer shall not be given to any user outside of CoMIT
    3. Administrative access to any software application shall not be given to any user outside of CoMIT unless an employee has been designated as the administrator.

 

 Repair of City-owned Equipment and Software

Work Order System – The following list includes but is not limited to the items that should be entered into the CoMIT work order system (helpdesk) portal

  1. All repairs to City-owned equipment, software, telephones etc.
  2. Requests for software, hardware and any other technology-based electronic device
  3. Reservations for borrowed equipment such as projectors or conference phones
  4. Assistance in setting up a device
  5. Toner replacement
  6. Passwords

 

 Violations of this Acceptable Use Policy

Violations of this policy may have disciplinary repercussions, including:

  • Suspension of network, technology, or computer privileges
  • Legal action and/or prosecution
  • Termination of employment for cause