City of Brentwood
Home PageContact Us!Back

City Administration

2010 Council Goals and Strategic Plan | City Council Members | Calendar of Events | Elections
eNotification | Sub-Committees| Pledge of Allegiance Sign Ups | Invocation Sign Up
Live Streaming Council Meeting | Streaming PC Help |
Streaming Mac Help |

Current Council Agenda and Past Meeting Information

Past Agendas

CITY COUNCIL AGENDA ITEM NO. 10

Meeting Date: January 13, 2004

Subject/Title: Approve a resolution to adopt the Policy No. 10-10 – Policy and Procedures for City Information Systems and Communications

Submitted by: Pamela Ehler, Director of Finance and Information Systems
Yun Cho, Chief Information Systems Officer
Gail Leech, Management Analyst

Approved by: John Stevenson, City Manager

RECOMMENDATION
Approve a resolution to adopt the Policy No. 10-10 – Policy and Procedures for City Information Systems and Communications.

PREVIOUS ACTION
There is currently no policy that governs the use of City computers and information systems.

BACKGROUND
Throughout time, issues arise regarding information systems, City communication and the governing thereof as relates to appropriate usage and guidelines. As governments become increasingly technologically savvy, policies must be put in place to protect potential liability issues for both the City and City employees. Adopting this policy establishes guidelines for the authorized use of these systems.

In order to comprehensively address and incorporate a policy of this degree, several comparable cities were researched. This policy encompasses the categories listed below as priority issues, summarized as follows:

A) Expectation of Privacy – As the City information and communication network is provided by the City to individual employees, it is considered City property and is therefore considered public information. Records of any transaction can be requested by anyone at any time. Therefore, employees using the City information and communication network shall have no reasonable expectation of privacy when using this system.

B) Ownership, Accountability and User Responsibilities - This section defines the parameters of City ownership on the information network as well as identifies the responsibilities of all City employees as pertains to ethical behavior and information integrity.

C) Prohibited Uses – This section clearly addresses all unacceptable behavior and violations regarding usage of the City’s information network.

D) Internet/Intranet – Internet / Intranet privacy, its purpose, its uses, inappropriate and prohibited uses, web postings are discussed in this category.


E) Electronic Mail – The purpose of this section is to ensure proper use of the City’s e-mail system and make users aware of what the City deems as acceptable and unacceptable use of its e-mail system. This includes legal requirements and legal risks, best practices, guidelines for writing and replying to e-mails, and e-mail maintenance.

F) Voice Mail – Voice mail is rapidly developing technology that has a tremendous potential to improve internal communications within the City as well as enhance our ability to service the public. This section addresses the user’s responsibility to understand the impact of this technology, on the way we do business and how the public perceives us. The goal is to recognize this is the public who should be primarily served by voice mail and that every decision made during the administration of this system should consider that fact.

G) Cellular Telephones – Employees may be issued a City-owned cellular phone if authorized by the Department Director. This section pertains to requirements and usage of these City issued cellular phones, including incidental personal use, loss or theft, and use of personal cellular phone.

H) Telecommuting – This section covers accessing City files from home and the right of the City to conduct an audit on personal home computer systems based on this access.

I) Systems Usage – This is a short but necessary section that relates to computer software, downloads and password maintenance.

FISCAL IMPACT
Unknown at this time.

Attachments: Resolution
Policy and Procedures for City Information Systems and Communications

RESOLUTION NO. ___

APPROVE A RESOLUTION TO ADOPT POLICY NO. 10-10 - POLICIES AND PROCEDURES FOR CITY INFORMATION SYSTEMS AND COMMUNICATION, POLICY NO. _______

WHEREAS, there is currently no policy that governs the use of City computers and information systems;

WHEREAS, throughout time, issues arise regarding information systems, City communication and the governing thereof as relates to appropriate usage and guidelines. As governments become increasingly technologically savvy, policies must be put in place to protect potential liability issues for both the City and City employees. Adopting this policy establishes guidelines for the authorized use of these systems.

NOW, THEREFORE, BE IT RESOLVED by the City of Brentwood as follows:
Section 1. In order to comprehensively address and incorporate a policy of this degree, several comparable cities were researched. This policy encompasses the categories listed below as priority issues, summarized as follows:

A) Expectation of Privacy – As the City information and communication network is provided by the City to individual employees, it is considered City property and is therefore considered public information. Records of any transaction can be requested by anyone at any time. Therefore, employees using the City information and communication network shall have no reasonable expectation of privacy when using this system.

D) Ownership, Accountability and User Responsibilities - This section defines the parameters of City ownership on the information network as well as identifies the responsibilities of all City employees as pertains to ethical behavior and information integrity.

E) Prohibited Uses – This section clearly addresses all unacceptable behavior and violations regarding usage of the City’s information network.

D) Internet/Intranet – Internet / Intranet privacy, its purpose, its uses, inappropriate and prohibited uses, web postings are discussed in this category.


E) Electronic Mail – The purpose of this section is to ensure proper use of the City’s e-mail system and make users aware of what the City deems as acceptable and unacceptable use of its e-mail system. This includes legal requirements and legal risks, best practices, guidelines for writing and replying to e-mails, and e-mail maintenance.

F) Voice Mail – Voice mail is rapidly developing technology that has a tremendous potential to improve internal communications within the City as well as enhance our ability to service the public. This section addresses the user’s responsibility to understand the impact of this technology, on the way we do business and how the public perceives us. The goal is to recognize this is the public who should be primarily served by voice mail and that every decision made during the administration of this system should consider that fact.

G) Cellular Telephones – Employees may be issued a City-owned cellular phone if authorized by the Department Director. This section pertains to requirements and usage of these City issued cellular phones, including incidental personal use, loss or theft, and use of personal cellular phone.

H) Telecommuting – This section covers accessing City files from home and the right of the City to conduct an audit on personal home computer systems based on this access.

I) Systems Usage – This is a short but necessary section that relates to computer software, downloads and password maintenance.

PASSED, APPROVED AND ADOPTED on January 13, 2004 by the following vote:
AYES:
NOES:
ABSENT:

Brian Swisher
Mayor

Attest:

Karen Diaz, CMC
City Clerk

POLICY PURPOSE AND OVERVIEW - INTRODUCTION

The City of Brentwood, hereinafter (“City”), is committed to providing employees with the business tools necessary in order to enhance efficiency in job performance and best serve the citizens of Brentwood.

This policy sets forth the City’s policy with respect to the use of cellular telephones, computers, electronic mail (e-mail), intranet (internal City websites), mobile messaging systems, telephonic voice mail, Internet access, fax systems, Personal Digital Assistants (PDAs) and other electronic communications systems provided by the City of Brentwood. Furthermore, this policy is intended to supplement other City personnel policies that govern rules of conduct and performance in the workplace.

Applicability

The provisions of this policy apply to all employees of the City of Brentwood, including, but not limited to, full-time, part-time and temporary employees, as well as volunteers, interns, agents and vendors.

General Provision

With the rapidly changing nature of electronic media and the etiquette which is developing among users of external on-line services and the Internet, this policy will not cover every situation. It does, instead, express the City’s philosophy and sets forth general principles to be applied to the use of cellular telephones, computers, e-mail, intranet (internal web based communication systems), mobile messaging systems, telephonic voice mail, Internet access, fax systems, PDAs and other electronic communications systems provided by the City of Brentwood.

As a general rule, users must comply with Federal and State laws and City Policies and the terms of applicable contracts, including software licenses, while using City Electronic resources. Examples of applicable laws, rules and policies include privacy, copyright, trademark, obscenity, the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit “hacking”, “cracking” and similar activities and the City of Brentwood Code of Conduct.

Access to networks and computer systems owned by the City imposes certain responsibilities and obligations on City employees and is granted subject to City policies. Appropriate use should always be legal, ethical, reflect honesty, reflect community standards, and show restraint in the consumption of shared resources. It should demonstrate respect for individual property; ownership of data; system security mechanisms; an individual’s right to privacy, and to freedom from intimidation, discrimination, harassment, and unwarranted annoyance. Appropriate use of computing and networking resources includes, but is not limited to, education, independent study, authorized research, communications and other official work of the City organization. Authorized users are those who have been given specific permission to use a particular computing, communication or network resource owned or operated by the City. This document establishes rules and prohibitions that define acceptable use of these systems.

Expectation of Privacy

The City information and communication network is provided by the City to individual employees based on Department Director authorization, and is considered City property. All employee transactions on the Internet from City computers - including e-mail, contact lists, task lists - are considered public information and records of these transactions can be requested by anyone at any time, subject to certain Public Records Act exceptions and attorney-client privilege material. In that regard, the Internet may be monitored for legitimate reasons. Therefore, employees using the Internet shall have no reasonable expectation of privacy when using this system.
Messages that are transmitted via the Internet can be intercepted by anyone and the information contained in the message can be used for any purpose by anyone retrieving the message. Access to the Web Browser is being logged and these files can be subject to review.
Users should also be aware that their uses of City computing resources are not completely private. While the City does not routinely monitor individual usage of its computing resources, the normal operation and maintenance of the City’s computing resources require the backup and caching of data and communications, the logging of activity; the monitoring of general usage patterns and other such activities that are necessary for the rendition of service. The City may also specifically monitor the activity and accounts of individual users, including individual login sessions and the content of individual communications without notice when:
 Approval has been received by the Department Director and/or City Manager. I.S. will not review any activity unless directed by the appropriate individual(s).
 It reasonably appears necessary to do so to protect the integrity, security or functionality of the City or other computing resources or to protect the City from liability;
 There is reasonable cause to believe that the user has violated or is violating this policy;
 An account appears to be engaged in unusual or unusually excessive activity;
 It is otherwise required or permitted by law.

Since there is no expectation of privacy, no employee shall use any password or other means to prevent the monitoring process of their computer by Department Directors, supervisors, etc. For security reasons only, password control and other means may be used by an employee to secure a computer or computer data with written permission from the Department Director. The written permission shall contain the password or code necessary to unlock the computer or its data if deemed necessary by the Department Director. Employees shall reveal all passwords to their supervisors, and Department Directors shall maintain a secure written record of the passwords that reduce or prohibit access to computers, computer systems, or other computer data.

Ownership, Accountability and User Responsibilities

E-mail, fax, telephonic voice mail, cellular phones, internal City websites, Internet access and other electronic communications systems are provided only for the purpose of conducting City business. All electronic communications of any sort or type generated by employees with City equipment or stored on City equipment are the property of the City of Brentwood and, therefore, are not considered private. Upon termination of employment, no employee shall remove any software or data from City-owned computers.

The City recognizes that there may be incidental occasional personal use of cellular telephones, e-mail or voice mail, but these messages will be treated the same as other messages. The City reserves the right to access and disclose as necessary all messages sent over its e-mail or voice mail system, without regard to content. Since personal messages can be accessed by the City management without prior notice, employees should not use e-mail or voice mail to transmit any messages that the employee would not want read, or listened to, by a third party. For example, the employee should not use the City’s Internet, e-mail, or telephonic voice mail, communications systems for gossip, including personal information about the employee or others, for forwarding messages under circumstances likely to embarrass the sender, or for emotional responses to business correspondence or work situations. In any event, the employee should not use these systems for such purposes as soliciting or proselytizing for commercial ventures, political, religious or personal causes, or outside organizations, viewing or sending sexually explicit information, or other non-job-related situations. If the City discovers that you are misusing the Internet e-mail system, telephonic or telephonic voice mail systems, you will be subject to disciplinary action up to and including termination.

All software programs, computer files, and other documents created by City employees on City computer or other electronic systems are the property of the City and therefore exclusively owned by the City.

All users have the following responsibilities:

 Report Unauthorized Access. Report any discovered unauthorized access attempts or other improper usage of City computers, networks, or other information processing equipment. If a user observes or receives a report of a security or abuse problem with any City computer or network facilities, including violations of this policy, the user must take immediate steps as necessary to ensure the safety and well-being of information resources; advise the Department Director and the Chief Information Systems Officer.

 Privacy. Routine computer behavior is to respect the rights of privacy for all, including but not limited to, files of personal information and programs, no matter on what medium they are stored or transmitted. No user should look at, copy, alter, or destroy anyone else’s personal files without explicit permission (unless authorized or required to do so by law or regulation). Simply being able to access a file or other information does not imply permission to do so.

 Ethical Behavior. To behave ethically, and comply with all legal restrictions regarding the use of information that is the property of others. No material or verbiage should be put into the City’s information technology systems that could not be displayed in an open public forum, with the exception of City sanctioned confidential material.

 Information Integrity. To be aware of the potential for and possible effects of manipulating information, especially in electronic form, and to verify the integrity and completeness of information that is compiled or used.

 Security and Backups. Due to the need to maintain appropriate back up of all City data, this type of data should NOT be stored on personal hard drives. All City data is required to be stored on the network drives and will be backed up by the Information Technology Division. Data stored on personal hard drives will not undergo proper and mandatory backup and therefore may be lost.

 Outside Networks. Many of the City computing systems provide access to outside networks, both public and private, which furnish electronic mail, information services, bulletin boards, conferences, etc. Users are advised that they may encounter material that may be considered offensive or objectionable in nature or content. Users are further advised that the City does not assume responsibility for the contents of any of these outside networks.

The user agrees to comply with the acceptable use guidelines for whichever outside networks or services they may access through City systems.

 Investigative Activities. If a user is contacted by a representative from an external organization (District Attorney’s Office, FBI, etc.) who is conducting an investigation of an alleged violation involving City computing and networking resources, the user must refer the requesting agency to their Department Director who will contact the City Attorney for guidance regarding the appropriate actions to be taken. The Department Director will simultaneously inform the City Clerk and City Manager.

Prohibited Uses

1. Installing programs on the City's computer systems (including virus checking, screen savers and Internet downloads) without prior written consent of the Chief Information Systems Officer;

2. Unauthorized copy of City software programs for personal use. No employee shall install pirated, personal or non-licensed software on City-owned or leased PCs, laptops, or PDAs, or violate any copyright or license to software, information (including, but not limited to, text images, icons, programs, etc.) whether created by the City or any other person or entity;

3. Use another employee’s password to attempt to gain access to that employee’s computer, electronic mail (e-mail), intranet (internal City website), mobile messaging, telephonic voice mail, Internet access or other electronic communications system, without prior consent of their immediate Supervisor or Chief Information Systems Officer;

4. Connect computers (including laptops and personal computers) not owned or leased by the City to the City's information systems network without the prior written consent of the Chief Information Systems Officer. Further, any and all personal equipment connected to the City system, i.e., locally or via VPN is subject to being audited at the discretion of the City;

5. Disclose access codes, log-on or passwords or otherwise make the City electronic resources available to persons not authorized to have such access;

6. The use of City computer resources for private business or commercial activities;

7. Misrepresentation (including forgery) of the identity of the sender or source of an electronic communication;

8. Violation of any federal, state or local laws in the use of City information systems;

9. Infringe on others' access and use of the City's information systems, including, but not limited to:

a. Sending of excessive messages, either locally or off-site;

b. Interference with or disruption of the computer or network accounts, services, or equipment of others, including, but not limited to, the willing propagation of computer “worms” and “viruses”, the sending of electronic chain mail, and the inappropriate sending of “broadcast” messages to large numbers of individuals or hosts;

c. Alteration of the content of a message originating from another person or computer with intent to deceive;

d. Unauthorized modification of system facilities, operating systems or disk partitions;

e. Attempting to crash or tie up a City computer or network;

f. Unauthorized scanning of networks for security vulnerabilities;

g. Unauthorized wiring, including attempts to create unauthorized network connections, or unauthorized extension or retransmission of any computer or network services;

h. Attempting or gaining unauthorized access to or damaging or vandalizing City computing facilities, equipment, software, or computer files;

i. Developing or using programs which disrupt other computer users, access private or restricted portions of the system, and/or damage software or hardware components of the system;

j. Install or use a modem on City owned or leased computers without the prior written consent of the Chief Information Systems Officer;

Violations

Any employee found to have violated this policy may have his/her access to the Internet limited or revoked completely and may be subject to formal disciplinary action up to and including termination from City employment.

• Initially, the employee shall be informed of the alleged breach, given an opportunity to respond to the allegation, and is unable to provide a satisfactory explanation, be asked to desist from or, if applicable, to remedy the breach. However, if the initial breach is a serious breach, the City employee may be disciplined up to and including termination.
• If a breach is not desisted from or remedied, City of Brentwood may either withdraw the employee’s access to the Internet or provide a first warning to the employee, to which the employee shall have an opportunity respond or, subject to above, cited for a serious breach and disciplined up to and including termination.
• If the infringing conduct continues, whether a serious or minor breach, the employee may be given a second and third warning, to each of which he or she shall have an opportunity to respond.
• If even a minor breach is committed after the third warning, the employee can be dismissed.

A. Web (Internet / Intranet) Usage / Requirements

Internet resources are made available to City staff to improve communications and information exchange with citizens and others and to provide an information and research resource. The Internet is a global electronic information infrastructure of networks used by educators, business, government, and other communications, certain restrictions are necessary to avoid improprieties and ensure that established standards are met. To reduce potential liability, the risk of inappropriate use, and possible adverse public perceptions, City provided Internet resources are to be used for official City business purposes. City information network resources shall not be used for illegal, harassing, libelous, obscene or other purpose which could expose City to liability or cause an adverse public perception of City during or outside City business hours. All components of the City’s Internet resources (hardware and software) are the property of the City and remain subject to the City’s control. Unnecessary and unauthorized Internet usage causes network and server congestion, has an adverse impact on other users, is an ineffective use of City time and equipment, and ultimately may have an adverse impact on the public’s perception of City staff. This Internet policy is designed to help employees understand the City’s expectation for the use of Internet resources provided. The Internet provided by the City is a business tool and should not be abused.

1. Internet Privacy

Since Internet access and use are intended to be used for City business, City employees shall have no right or expectation of privacy or confidentiality in any Internet activity using City equipment or networks. This includes Internet activity that occurs after business hours by an employee who has prior permission to use the Internet for personal use. The City has software and systems that monitor and record all Internet usage. Each World Wide Web site visit, chat room, and newsgroup, into and out of our internal networks is recorded. Department Directors, management and supervisors shall have the right to review any internet activity of any employee supervised by them at any time for any reason. The City reserves the right to inspect any and all files stored in private areas of our network in order to assure compliance with this policy.

2. Purpose of the Internet

The purpose of the Internet is to distribute information to public constituencies or to research various City related matters. During business hours an employees’ Internet access is for business-related purposes. However, employees may use the Internet for non-business research or appropriate browsing during mealtime, break or outside of work hours. Employee uses the system at his/her own risk, with no right or expectation of privacy or confidentiality, provided the remaining provisions of this policy are not violated. City employees must conduct themselves honestly, appropriately, and in a professional manner on the Internet. All existing City policies apply to an employee’s conduct on the Internet, including but not limited to, those that deal with privacy, misuse of City property, harassment, information and data security and confidentiality. This includes sexually explicit or offensive material accessed through or received through the Internet. In addition, sexually explicit or offensive material may not be archived, stored, distributed, edited or recorded using City network or computing resources. If an employee finds him/herself inadvertently connected to a site that contains sexually explicit or offensive material, he/she shall immediately disconnect from that site and notify his/her immediate supervisor so they are aware that the connection was not intentional. Any software that is downloaded must be approved by the Department Director or Supervisor and inspected by the Chief Information Systems Officer or designee, prior to installation to ensure the software will not harm the computer or City network. Additionally, the software must be properly licensed and registered. Downloaded software must be used only under the terms of its license. Employees with Internet access may not use City Internet facilities to listen to Internet radio, or download images or videos or sound files unless there is an explicit business-related use for the material or with an approval of the Department Directors or Supervisor.

3. Uses

All Internet activities should be directly related to City business. Listed below are examples of permitted and prohibited uses of the City Internet system. This list is not exhaustive and common sense and good judgment should be used in determining whether the user is engaging in an activity that will violate this Internet policy. If an employee has a question regarding whether an activity is permitted, he/she shall get the permission of his/her Department Director, Manager, or Supervisor before proceeding with the Internet activity.

Examples of Appropriate/Permitted Use
• Obtaining information regarding City business (e.g. policy, legislation, public meetings, technical research, etc.)
• General announcements within the scope of the sender’s job responsibilities (e.g. City sponsored events, professional associations etc.)
• Providing information regarding City business to the public (e.g. City Council meeting agendas or minutes, key points of contact, etc.)

Examples of Inappropriate/Prohibited Use
• Generating, sending, requesting, receiving or archiving any material in any form (e.g. text or graphics) which contains any comment or image that is discriminatory, offensive, defamatory or harassing in nature
• Displaying sensitive or offensive material, resulting in a perceived "hostile environment" to coworkers
• Violating software licensing laws by illegally downloading software
• Conducting personal business from the City’s server (e.g. placing or advertising items for sale), except in the designate Intranet site provided by the City for this purpose.
• Visiting inappropriate sites allowing the City’s domain (e.g. johndoe@ci.brentwood.ca.us) to be captured, which could result in negative publicity or adverse public reaction.
• Illegal activities (e.g. gambling, placing wagers or bets, buying drugs, etc.)
• Copyright infringement (3rd Party Liability) - involves copyright or intellectual property violations for unauthorized downloading or forwarding of protected information
• Logging on to or leaving Internet running all day, unless necessary for a business-related purpose (e.g. using website as wallpaper, screen savers, or using instant messaging, audio/video streaming, etc.).
• Creating acts of fraud, waste or abuse through Internet activities.

4. Web Postings

Department Directors should appoint a person or team to update content of departmental pages. All pages are subject to format and content guidelines determined by the City standards.

The established web page design templates, content suggestions and posting procedures must meet the City standards.

Departments may not create or contract for their own web sites, or acquire or use a domain name other than www.brentwoodca.gov, without prior approval of the City Manager.

Departments and other entities using space on the city’s Web site are responsible for content and accuracy of their pages.
All new web content must come from the Department Director or designee

The web content must not disseminate information that violates the tenets of this policy.

B. Electronic Mail (e-mail):

The purpose of this policy is to ensure the proper use of the City’s e-mail system and make users aware of what the City deems as acceptable and unacceptable use of its e-mail system. The City reserves the right to amend this policy at its discretion. In case of amendments, users will be informed appropriately.

1. Legal Risks / Legal Requirements

E-mail is a business communication tool and users are obliged to use this tool in a responsible, effective and lawful manner. Although by its nature e-mail seems to be less formal than other written communication, the same laws apply. Therefore, it is important that users are aware that any of the following scenarios could expose the City and/or the employee to liability. It is prohibited to:

 Send e-mails with any libelous, defamatory, offensive, racist or obscene remarks;
 Forward e-mails with any libelous, defamatory, offensive, racist or obscene remarks;
 Forward confidential information to persons outside the City without acquiring permission from the sender first;
 Unlawfully forward or copy messages without permission (copyright infringement);
 Send an attachment that contains a virus;
 Forge or attempt to forge e-mail messages
 Disguise or attempt to disguise your identity when sending mail.
 Send e-mail messages using another person’s e-mail account

By following the guidelines in this policy, the e-mail user can minimize the legal risks involved in the use of e-mail. If any user disregards the rules set out in this Policy, the user may be fully liable and the City will disassociate itself from the user as far as legally possible.

2. Best Practices

The City considers e-mail as an important means of communication and recognizes the importance of proper e-mail content and speedy replies in conveying a professional image and delivering good customer service. Users should take the same care in drafting an e-mail as they would for any other communication. Therefore, the City wishes users to adhere to the following guidelines:

3. Writing e-mails:

 Write well-structured e-mails and use short, descriptive subjects.
 The City’s e-mail style is informal. This means that sentences can be short and to the point. You can start your e-mail with ‘Hi’, or ‘Dear’, and the name of the person. Messages can be ended with ‘Best Regards’.
 If you use a signature, it should include your name, job title and department name. A disclaimer may be added underneath your signature (see Disclaimer, Section # 12, Page 12).
 Users should spell check all e-mails prior to transmission.
 Do not send unnecessary attachments. Compress attachments larger than 200K before sending them.
 The use of links to common documents instead of attaching a copy of the document to a large number of users is encouraged.
 Do not write e-mails in all capitals.
 If you forward e-mails, state clearly what action you expect the recipient to take.
 Only send e-mails of which the content could be displayed on a public notice board. If they cannot be displayed publicly in their current state, consider rephrasing the e-mail, using other means of communication, or protecting information by using a password (see Confidential, Section # 8, page 12).
 Only mark e-mails as important if they really are important.

4. Replying to e-mails:

 E-mails should be answered within at least 8 business hours, but users must endeavor to answer priority e-mails within 4 business hours. This excludes weekends and holidays.
 Priority e-mails are defined as e-mails from existing customers, internal or external, and business partners.

5. Newsgroups:

 Users need to request permission from their supervisor before subscribing to a newsletter or server news group that has a fee attached to the subscription.

6. Maintenance:

 Electronic mail is a messaging system and should not be used as storage system, users are required to offload any attachment they receive and save it to appropriate network location if they intend to keep this attachment.
 Delete any e-mail messages that you do not need to have a copy of, and set your e-mail client to automatically empty your ‘deleted items’ on closing.
 Users are responsible for backing up their e-mails to Outlook PST files and saving them to their personal profile on the server. However there is a 1GB system limitation on the size of a PST file. Users, however, may have multiple PST files.

7. E-Mail Quota

 E-mail Quota is implemented for all Mailboxes, the size is 150MB, Users will receive warning when they reach a limit of 120MB. If a user ignores the warnings and the mailbox reaches a limit of 150MB, he/she will no longer be able to send or receive e-mail before clearing their Mailbox.
 There is a size limit of 5MB for e-mail attachments. Files larger than 5MB can be exchanged using the City FTP server.

8. Confidential information

It is recommended that confidential information not be sent via e-mail. However, if you are in doubt as to whether to send certain information via e-mail, check with your supervisor.

9. Encryption

Users may not encrypt any e-mails without obtaining written permission from their supervisor. If approved, the encryption key(s) must be made known to the City.

10. E-Mail Retention

The City is not implementing any retention policy for e-mail. Users are responsible to backup the messages they would like to retain to personal folders.

11. E-mail Accounts

All e-mail accounts maintained on our e-mail systems are property of The City. Passwords should not be given to unauthorized people.

12. Disclaimer

The following disclaimer may be added to each outgoing e-mail:

‘This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of the City. Finally, the recipient should check this e-mail and any attachments for the presence of viruses. The City accepts no liability for any damage caused by any virus transmitted by this e-mail.’

13. “All Employee” e-mails:

“All employee” e-mails must be of a business nature and must affect the majority City employees. The City's Intranet site provides an ideal means through which employees can advertise personal items for sale. Advertisements can be e-mailed to the City of Brentwood Webmaster and will be posted on the City’s internal website (Intranet).

Common sense should prevail when using the City’s e-mail system. If at any time you are unsure if the content of your e-mail is appropriate, DO NOT SEND. It is always best to check with your supervisor prior to sending an e-mail of a questionable nature.

C. Voice Mail Messaging Requirements

Voice mail is a rapidly developing technology that has a tremendous potential to improve internal communications within the City as well as enhance our ability to serve the public. Along with this goes a responsibility to understand the impact of this technology, on the way we do business, how the public perceives us, etc. The goal is to recognize that it is the public who should be primarily served by voice mail and that every decision made during the administration of this system should consider this fact.

1. Employees will keep their outgoing message(s) and/or announcements professional, timely and accurate. Outgoing messages should not contain jokes, jargon, offensive language, music, etc., in their announcements.

2. During periods of extended absence (vacations, conferences, trips, illness, etc.) employees should arrange to have mailbox coverage and/or an appropriate announcement directing the caller elsewhere.

3. Employees will check messages regularly and promptly return calls within 24 hours.

4. Employees will not use voice mail to screen calls.

5. The “City of Brentwood” shows up for those call recipients that have caller I.D. Therefore, any calls made from the City of Brentwood, represent the caller as being the City of Brentwood, and employees are thus held accountable for information transmitted via City phones.

6. The voice messaging system is part of the City of Brentwood’s unified messaging system (which includes e-mail) and is therefore subject to review and audit, if necessary, by the City.

D. Cellular Telephone Requirements and Usage

1. Employees may be issued a cellular phone if authorized by the Department Director. Department Directors have the authority to approve a cellular phone request based on sufficient City employee need and departmental budget funds. The department should annually review the list of users to ensure that designated employees continue to demonstrate a need for the cellular phone.

2. City issued cellular phones are the property of the City of Brentwood and should be used for City related business only. Use of City-owned cellular phones for outside business ventures not related to City business is prohibited.

3. The City recognizes that there may be incidental occasional personal use of cellular telephones, but these messages will be treated the same as other messages. The City reserves the right to access, review, audit and disclose as necessary all incoming messages from a City-owned cellular phone, without regard to content.

4. In the event that a City-owned cellular phone is lost or stolen, the employee must notify his supervisor immediately so that the appropriate City staff can be informed and address the situation with the carrier. In the case of a theft, a police report must also be filed immediately.

5. Occasionally, employees who do not have a City-issued cellular phone may need to use their personal cellular phone for critical City business. These calls may be eligible for reimbursement by the City, provided no other option (i.e., pay phone, hotel or home phone) is available. Request for reimbursement should be submitted on an expense reimbursement form, attaching a copy of the monthly cellular phone bill with business calls highlighted.

E. Telecommuting / Accessing City Files from Home

1. Employees may, from time to time, need to work from home and may use their personal computer to do so. However, the City reserves the right to audit any personal computer of any employee accessing City files from their personal computer. Users who do not wish to be subject to possible audit of their personal computer may request a City laptop be provided to access City resources from remote sites.

F. Systems – Computer, Software, Downloads

1. Only the Information Services staff has the authority to install software on City-owned computers. This is done via service request and should be a job-related requirement.

2. Passwords – Employees are prohibited from the unauthorized use of the passwords of other employees to gain access to the other employee’s workstation computer, e-mail or voice mail messages.

This password is maintained by the Information Services department. If you need to change a password, contact a member of I.S. and inform them of this change. I.S. requires knowledge of your current password at all times. Passwords should not be easily discernible by others, either by simplicity (i.e., “password”) or by familiarity (such as a pet or child’s name). Each password should contain at least five (5) characters. A combination of letters and numbers is recommended, but not required.

If it is required that another have access to information protected by your password, that access can only be granted by a supervisor, director, or the I.S. Department, in writing. An e-mail from any one of these individuals constitutes permission. Information that a user obtains through this special privilege is to be treated as private and confidential.

G. Fax Machines

1. Use of City fax machines should be for City business purposes only. In the event that a need for personal use should arise, permission from your supervisor must be obtained.

2. City fax machines encode “City of Brentwood” on all documents faxed from the City. As such, all users of the City fax machine are represented as being the City. Each employee is therefore held individually accountable for information sent from the City.

H. Password and Encryption Key Security and Integrity

1. All system passwords and encryption keys must be available to City management, and you may not use passwords that are unknown to your supervisor or install encryption programs without prior written permission of the Chief Information Systems Officer and without turning over encryption keys to the City.

2. Employees are prohibited from the unauthorized use of the passwords and encryption keys of other employees to gain access to the other employee’s workstation computer, e-mail or voice mail messages. The City will not give out any logins or passwords to non-management persons other than the one stated above.

EFFECTIVE DATE:

This policy is made effective as of the date approved by City Council. This policy shall remain in full force and effect until rescinded and may be amended from time to time at the sole determination of the City.

Glossary

Archive – A collection of computer files that have been packaged together for backup, to transport to some other location, for saving away from the computer so that more hard disk storage can be made available, or for some other purpose. An archive can include a simple list of files or files organized under a directory or catalog structure (depending on how a particular program supports archiving.

Compression – The reduction in size of data in order to save space or transmission time. For data transmission, compression can be performed on just the data content or on the entire transmission unit depending on the number of factors.

Cracker – someone who breaks into someone else’s computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there. Some breaking-and-entering has been done ostensibly to point out weaknesses in a site’s security system.

Decryption – The process of converting encrypted data back into its original form so it can be understood.

Electronic Mail – Electronic Mail (e-mail) may include non-interactive communication of text, data, images, or voice messages between a sender and a designated recipient by systems utilizing telecommunications links. It may also include correspondence transmitted and stored electronically using software facilities called e-mail, facsimile, or messaging systems; or voice messages transmitted and stored for later retrieval from a computer system.

Encryption – The conversion of data into a form, called a ciphertext that cannot be easily understood by unauthorized people.

Encryption Keys – An encryption method that uses the concept of a key ring. The key ring has two keys: a public key that is made available to everyone and a private key that is known only by the private key holder. The public and private keys are designed to work together. Anyone can use the public keys to encrypt data, but only the person with the corresponding private key can decrypt the data; this helps to protect the content of the message.

FTP – File Transfer Protocol – A standard internet protocol, FTP is the simplest way to exchange files between computers on the internet. Like the Hypertext Transfer Protocol (HTTP), which transfers displayable Web pages and related files, FTP is an application protocol that uses the Internet’s TCP/IP protocols. FTP is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It’s also commonly used to download programs and other files to your computer from other servers.

Hacker – is the term used by some to mean “a clever programmer” and by others, especially journalists or their editors, to mean “someone who tries to break into computer systems.”

Icons – A little picture on your screen that you can click on with your mouse. An icon can represent a file, program, peripheral or tool.

Integrity – In terms of data and network security, integrity is the assurance that information can only be accessed or modified by those authorized to do so. Measures taken to ensure integrity include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can also be threatened by environmental hazards, such as heat, dust and electrical surges.

Internet – A worldwide network of networks, connecting informational networks communicating through a common communications language or protocol.

Internet Downloads – To transfer data or code from a far-away system (especially a larger host system) over a digital communications link to a nearby system.

PDA – Personal Digital Assistant – a term for any small mobile hand-held device that provides computing and information storage and retrieval capabilities for personal or business use, often for keeping schedule calendars and address book information handy.

Piracy – In terms of software - the illegal copying, distribution, or use of software.

PST – Users create a .pst (personal storage file) to store messages that they consider important somewhere other than on the Exchange server. Based on the criticality of the information, users may decide to “back up” the .pst file to some removable medium, such as a CD-ROM for long term storage.

Standards – Departmental directions or instructions describing how to achieve policy; Mandatory statement of direction.

Telecommuting – To work outside the traditional office or workplace, usually at home or in a mobile situation.

Users – The Public and City Employees

Video Streaming – Playing video in real time - immediately as it is downloaded from the Internet, rather than storing it in a file on the computer and viewing at a later time.
 

City Administration
City of Brentwood City Council
150 City Park Way
Brentwood, CA 94513
(925) 516-5440
Fax (925) 516-5441
E-mail allcouncil@brentwoodca.gov