Southern Kennebec Child Development Corporation

Information Systems Policy (revised10/23/13)

Purpose and Scope

The term “user/use” as stated in these policies refers to employees (whether full-time, part-time, temporary, or substitute), independent contractors, consultants, volunteers and any other user having authorized access to, and using any of, the SKCDC’sinformation systems. Information systems for productivity and communication shall include, but are not limited to desktop computers, network servers, laptop computers, scanners, GPS, copiers, cell phones, mobile/tablet computing devices, printers, fax machines, phones, online services, email systems, bulletin board systems, and all software that is owned, licensed or operated by SKCDC.

SKCDC reserves the right to install programs that monitor employee use of the Internet and electronic communications systems, and to act on any violations of these policies found through use of such programs. SKCDC further reserves the right to examine any and all communications sent or received by employees via the agency’s information systems.

Acceptable Use of Agency Property

Use of SKCDC’s information systems is for the benefit of the agencyand its operations. These resources shall be used in an honest, ethical, and legal manner that conforms to applicable license agreements, contracts, and policies regarding their intended use. All data stored on, transmitted through, and received by the agency’s information systems are the property of the agency and can be reviewed at anytime.

Although incidental and occasional personal use of the agency’s information systems are permitted, users automatically waive any rights to privacy. Any personal use shall fall during non-work time (before/afterwork, or scheduled breaks). This use shall not have a detrimental affect on any part of the information systems as determined by the Information Systems Manager(ISM). The user will reimburse the agency when a cost is incurred as a result of personal usage.

In addition, the information, ideas, concepts and knowledge described, documented or contained in the agency’s information systems are the intellectual property of the agency. The copying or use of the agency’s intellectual property for personal use or benefit during or after employment (or period of contract) with SKCDC is prohibited unless approved in advance by the Executive Director and must conform to all copyright, license, trademark, or patent laws.

All hardware (laptops, computers, monitors, mice, keyboards, tablets, cell phones, printers, telephones, fax machines, etc.) issued by SKCDC is the property of the agency and should bekept secured and safe at all times as such. Users may not physically alter or attempt repairs on any hardware at any time. Users must report any problems with hardware or software to the ISM via email and carbon copy (cc) to theirSupervisor andProgram Manager.

Prohibited Uses

Prohibited uses of SKCDC’s information systems include, but are not limited to:

1.Engaging in any communication that is discriminatory, defamatory, pornographic, obscene, racist, and sexist or that evidences religious bias, or is otherwise of a derogatory nature toward any specific person, or toward any race, nationality, gender, marital status, sexual orientation, religion, disability, physical characteristic, or age group.

2.Browsing, downloading, forwarding and/or printing pornographic, profane, discriminatory, threatening or otherwise offensive material from any source including, but not limited to, the Internet.

3.Engaging in any communication that is in violation of federal, state or local laws.

4.Promoting or attempting to convert others to a religious belief.

5.Campaigning for or against any candidate for political office or any ballot proposal or issue.

6.Sending, forwarding, redistributing or replying to “chain letters.”

Other Prohibited Uses(continued)

7.Using unauthorized passwords to gain access to another user’s information or communications on the agency’s systems or elsewhere.

8.Advertising, solicitation or other commercial, non-programmatic use.

9.Knowingly introducing a computer virus into the communications systems or otherwise knowingly causing damage to the systems.

10.Using the systems in a manner that interferes with normal business functions in any way, including but not limited to, streaming non-business related audio/video from the Internet during business hours, stock tickers, Internet gaming, installing unauthorized software, etc.

11.Excessive personal use of technologies that preempts any business activity or interferes with organizational productivity.

12.Sending email messages under an assumed name or obscuring the origin of an email message sent or received.

Security

Users are responsible for safeguarding their login passwords. Passwords should not be shared, posted or stored online. Users should not leave their computers unattended without logging off. If a user suspects that the secrecy of their password has been compromised they should report this to the ISM immediately and initiate a password change request.

Notify the ISM and your supervisor immediately if a system is stolen and then contact the Police Department to file a report. Report a lost system to the ISM and your supervisoras soon as you are unable to find it.

Users are not allowed to breach the security of another user or to attempt to gain access to any other person's computer, software or data, without the knowledge and consent of that person. If a user has a specific need to access another consenting user’s file, they may contact the ISM to make the file available. Users are not allowed to attempt to circumvent the user authentication or security of any host, network, or account. This includes, but is not limited to, accessing data not intended for the user, logging into or making use of a server or account that the user is not expressly authorized to access, or probing the security of other networks.

It is important to remember that all communication has its security limitations. E-mail can be intercepted,a faxwithout a clear coversheet can be read by accident, and a phone conversation can be overheard or be with the wrong person. It is therefore imperative that all communication that has sensitive or confidential information be protectedin a secure way. Faxes should have coversheets and be sent to places that are believed to be located in a secure site, and phone conversations should be held with confidentiality in mind. Utilizing portable storage USB devices is not allowed due to the ease of loss of these types of devices except with specific approval. Contact the ISM if there is any concern on how to make secure communications or if help is needed with the transferof information from one place to another.

Anti-Virus Controls

SKCDC maintains current anti-virus controls on its computer systems. The system will automatically download and distribute virus signature updates to all systems. The anti-virus software is monitored by the ISM.

Users are prohibited from disabling or altering the configuration of the anti-virus software. Users are also required to report any suspicious activity on their computers to the ISM. This activity includes, but is not limited to: unrecognizable messages popping up on the screen, cursor or mouse moving on its own, unusual activity/noise emitting from the computer tower, uncharacteristically slow performance, a change in behavior of the system, etc.

If an e-mail is from someone you do not know, or if you were not expecting an attachment, do not open it.Delete it. The user should contact the ISM for assistance if there are questions as to the validity of the message and attachment or if they want to see what the nature of the message is.

Maintenance of Systems

Employees who havesystems assigned to them need to treat them with care and keep them cleanby wiping them down on a regular basis (please turn off the system before cleaning). Keyboards can be turned upside down and tapped over a trash can to remove debris between keys.

Disposal of Computer Equipment

SKCDC will run “file-shredding” software on all electronic media, including computer hard drives, prior to being used outside the agency’s control or physically destroying the media if being thrown away. The software overwrites all areas of the computer’s hard drive in a manner that makes it impossible for subsequent users to retrieve any of the data on the hard drive. This procedure shall only be performed by the ISM only.

Download/Installation of Software/Applications (Apps)

The installation of new computer software without the prior approval of the ISM, Finance Director, or the Executive Director is prohibited. If an employee desires to install any free programs on computers and laptops, please email the request to the ISM for review. Personal purchased software or apps are not allowed on agency systems. If there is a software program or app that would be beneficial to your duties, please submit a request for purchase and installation through your supervisor. Work related free apps are allowed to be installed on staff iPads, however all apps for the children’s iPads need to be approved by the Early Childhood Education team.

Employees are expected to run updates for Microsoft, Adobe, Symantec and Java when prompted on their systems. Some updates for these programs will come with an option to install toolbars for internet browsers or other programs. Do not install these toolbarswithout consulting the Information Systems Manager.

Disciplinary Action for Violations

SKCDC requires all users to adhere to this policy. Violations of this policy will result in disciplinary action, which could include termination of employment or cancellation of contracts.

Reporting of Suspected Violations

Suspected violations of these policies should be immediately and confidentially reported to your immediate supervisor. If you prefer not to discuss it with your supervisor, you may access the agency chain of command, the Executive Director or a member of the Senior Management team.

1