CITY OF SYRACUSE
BUREAU OF INFORMATION TECHNOLOGY
COMPUTER USE POLICY
a
1_| Version 2 [__ March,2004 :
2__| March, 2013 revision 3/13/2013
3__| April, 2015 revision April 7, 2015. .
Policy Revision [__Date Rev.
|
SECTION IT-001
PURPOSE:
‘A. This policy provides general guidelines for appropriate behavior of any person when using the City
of Syracuse’s computers, electronic mail (email) system or accessing the internet or intranet.
Department heads may, in their discretion, establish additional standards and restrictions governing
use of these systems by their employees (ie., timely response to email internet access).
B. These guidelines do not supercede any state or federal laws regarding confidentiality, information
dissemination, or standards of conduct. Any violations of this policy may result in disciplinary action,
including, but not limited to, revocation or suspension of computer privileges, termination of
‘employment and/or the imposition of criminal charges for violations of the penal law.
SECTION IT-002
SCOPE:
A. This policy is the minimum standard that applies to all regular and temporary, part-time and full-time
employees, consultants, vendors, interns, or others authorized to use the City of Syracuse
computer systems.
SECTION IT-003
DEFINITIONS:
A. Application: Electronic code that performs a specific task on a computer (eg. Microsoft
Word®, Internet Explorer®, Windows server 20108, etc.)
1Authorized User: ‘An individual or vendor sanctioned by the City, through IT, to utilize City
devices. An individual may be sanctioned by the very nature of their training or assignment.
City Defined as the City of Syracuse.
City Device(s): A device or group of devices owned, operated, maintained, and/or
managed by the City’s IT Bureau
City Systems) Any system owned, operated or maintained, and/or managed by the City
This includes any system connected to or accessed via the City network or component.
Commercial Software: Software purchased to run on a particular system.
DeGausser: Electronic equipment used to erase information from a magnetic disk or
other storage device.
Department: ‘A department, division, bureau, and/or team that is assigned a City device
through IT.
Device(s): ‘A device or group of devices which, by manipulation of electronic,
‘magnetic, optical or electrochemical impulses, pursuant to a computer program, can automatically
perform arithmetic, logical, storage or retrieval operations with or on computer data, and includes
any connected or directly related device, equipment or facility which enables such computer to
store, retrieve or communicate to or from a person, another computer or another device the results
of computer operations, computer programs or computer data.
Downloads: Copies of files obtained through removable media such as floppy disk,
CD ROMIDVD or received from another computer or the internet
Electronic Mail (email): Electronic messages sent from one person via one device to another.
City email - Electronic messages sent to or from a user's City email address.
Internet email — Electronic messages sent from one person via internet to
another person.
«Attachments — Electronic files that can be sent with City email or internet email
Electronic Signature: An electronic symbol, or process, attached to or logically associated with
lan electronic record and executed or adopted by a person with the intent to sign the record. The
Uses of an electronic signature shall have the same validity and effect as the use of a signature
affixed by hand
Freeware: Software freely obtained through public sources.
N. Host: ‘Any computer that has full two-way access to another computer on a
network or the internet. A host has a specific “local or host number’, together with the network
number, forms it unique IP address.
Internet: The global system of networked computers around the world.
Instant Message (IM): An electronic message sent between two computers or hosts.
iT Defined as the Bureau of Information Technology.R. Local Area Network (LAN): A group of computers connected together that have the ability to share
files.
S. Log-in (Log-on): Access to applications, files, peripherals and Department computers
through the use of assigned user names and passwords for security purposes.
T. Log-off: When access is no longer needed, it removes access. A new Log-in is
required to regain access.
U. Maintained Device(s): Devices owned and serviced by the City.
V. Managed Device(s): Devices owned and/or leased by the City that have a connection with
services provided by a vendor (i.e. copiers and cellphones).
W. Maintenance/Installations : Additions, modifications or deletions of any software or hardware on a
City system, network, or device performed by authorized personnel.
X. Media: Hard drives, removable drives (such as Zip drives), CD-ROMs CD-Rs,
DVDs, flash memory, USB drives, or floppy disks.
Y. Modem: A device to send and receive electronic information (documents, images,
files) from a computer, usually through a telephone line.
Z. Owned Device(s) purchased through City funds and/or grants,
‘AA Operated Device(s): Devices loaned or leased to the City for specific projects.
AB, Password Confidential authentication information composed of a string of characters
used to provide access to a computer resource, used in conjunction with a user-name to establish the
users right to access a computer or network.
AC. Peripheral(s): ‘Any equipment that is attached to a computer system such as scanners,
‘speakers, printers, cameras, zip drives, cellphones, BlackBerries/smartphones, etc.
AD. Remote Access: The ability to log into a computer or network within an organization from
an external location. Remote access is typically accomplished via a connection to the internet or by
dialing directly via an analog modem.
AE. Removable Media: Any device that stores information that can be removed from one
‘computer and moved to another (Le., floppy disks, CD ROM/DVD cisks, tape cassettes, flash drive,
etc.).
AF. Sanitization: A disposal method sufficient to preclude the recognition or reconstruction
of information, followed by a verification process to prove the success of this method,
AG. Shareware: Software obtained through public sources with the normally limited
features, periodic visual reminders to purchase or a time limited cutoff to prevent use without purchase,
AH. Software: The instruction set used to make the hardware (central processing chips,
monitors, drives, etc.) perform tasks.
‘Al. Software Licensing: Software that is legally licensed and is installed so that itis in compliance
with the associated license. Software purchased for one computer often cannot be legally installed on
any other computer because the original license allows only one installation.
é}‘AJ. Unauthorized Software: Any software that has not been approved by IT. This includes any
software not required for job related duties,
AK. Uploads: Copies of files sent to another computer.
AL. User-name: ‘The name that identifies a user to a computer network, generally used in
conjunction with a password to establish the user's right to access a computer or network.
‘AM. Virtual Private Network(VPN): A network that uses a public telecommunication infrastructure,
such as the internet, to provide remote offices or individual users with secure access to their
organization's network.
AL. Wireless: The ability to connect and sendireceive files wirelessly (i.¢., cellphone
system, cellular digital packet data, or other means).
SECTION IT-004
POLICIES:
1. SUPPORTED SOFWARE STANDARDS
‘A. In order to provide the best support possible and to minimize problems with incompatible software
and file/document formats, all hardware and software must be approved in advance by IT.
Il, PRIVACY AND CONFIDENTIALITY
‘The City respects the individual privacy of its employees; however, to the extent permissible by law,
‘employee privacy does not extend to the employee's work related conduct or to use of government
‘operated equipment or supplies. This includes the components that permit City employees to connect
to the internet and to utilize the email system, Employees are to specifically understand that personal
messages or files have no guarantee or expectation of privacy since such messages or files are
commingled with all other messages or files on our systems and are subject to the same legal and
regulatory exposure, internal review and monitoring, In addition, be advised that internet access and
usage may also be monitored. To promote security, employees must refrain from sharing passwords or
other access codes with non-authorized individuals. Each City employee is responsible for actions
conducted under his or her email name or log on account
‘A. Email that is sent through the City computer system may be retrieved by authorized personnel at a
later time, even though it may have been deleted from the assigned employee's mailbox. Please be
aware that Email could also be subject to a discovery motion in a criminal case, civil case, FOIL.
request, or internal investigation.
B. Users shall maintain the confidentiality of the City's trade secrets and private or confidential
information. Trade secrets may include, but not be limited to, information regarding the
development of systems, processes, products, know-how and technology. Do not post internal
reports, policies, procedures or other internal business related confidential communications,
C. Because of the need to protect and monitor the City's network, the City cannot guarantee the
confidentiality or privacy of any information stored on any network device by a user.
4D. Ultimately, you are responsible for anything you post on the City's network, system's and devices,
and on other networks, such as social media. Please consider some of the risks and rewards that
are involved. Keep in mind that any of your conduct that adversely affects your job performance,
the performance of fellow co-workers or otherwise adversely affects constitutents, customers,
stakeholders, suppliers, contractors, or people who work with or on behalf of the City or the City's
legitimate business interests may result in disciplinary action up to and including termination.
Wl, SECURITY
‘A. Users shall follow City rules, regulations and shall abide by all use and dissemination of information
agreement and contracts. Users shall also abide by applicable federal, state and local laws when
using City computer and information systems.
B. Employees assigned a device will be responsible for its physical security and the information
contained therein, and for obtaining any required maintenance through IT. IT shall assign
computers to specific departments or users. It shall be the assigned user's responsibility to
safeguard the computer using every precaution available (.e., locking their vehicle when left
Unattended, locking office doors, etc.). Devices are to be used only by authorized personnel.
‘Authorization for the use of computers by employees other than those specifically designated must
be obtained from IT.
C. Authorized users of a shared device are responsible for its security and the access to that computer
during the time that itis under their control, and any period when they are logged on to that
‘computer.
D. Users may not leave a computer terminal (shared or otherwise) without securing it by logging off or
locking the station.
E. All ity users will be responsible for having passwords to access various computer systems. These
systems include, but are not limited to, AS400 and City email systems. Users assigned to areas of
the City that require them to have access to specific computer systems will be responsible for
having passwords to those systems. Users shall not facilitate unauthorized personnel access to
any City computer. For example, a user should not post or tape such passwords or codes to his or
her computer screen or have such information visible on a user's workstation or desk. Users shall
rot give their password in any discernible form (written or verbal) to unauthorized personnel. Users
shall not leave written passwords and access codes in or near their computer. Users, when
requested, shall be required to disclose to their Department Head and IT staff any passwords,
‘codes and security information necessary to access the computer system to ensure the security of
the system and its information, and for business and maintenance purposes.
F. All employees viewing any information contained in the City system are responsible for the security
and safe keeping of that information. Information and reports viewed in electronic form are
considered the same as printed material.
G. Atno time will IT create generic or multi-user network profiles. By default, all users of the City
‘computer systems and network will be provided with the most restrictive network profile possible
that still allows the user to perform their duties. If you have any questions or concerns regarding a
profile, please contact IT at (315) 448-8250.
H. IT will be responsible for loading and maintaining virus protection on all City computers and network
drives, except as otherwise provided or required in this policy. In addition, IT will be responsible for
providing information describing the use of utilities, which safeguard the computer (virus scanning,
file backup). As such, please contact IT at (315) 448-8250 regarding any questions or concerns
pertaining to virus protection and utility usage.
5|. IT must be notified immediately at (315) 448-8250 when City computers or peripheral equipment
are damaged, stolen, or if unauthorized access is observed, attempted or gained.
J. Itis prohibited to effect security breaches or disruption of network communication, including but not
limited to: accessing data of which the employee is not an intended recipient or logging into a server
‘or account that the employee is not authorized to access unless these functions are within the
scope of that employee's regular duties.
K. In order to maintain confidentiality of the City computer system and security of City facilities,
whenever an employee of the City is relieved of duty for any reason (i.e., suspension, termination,
retirement, leave of absence, or resignation), the department head will immediately notify IT
L. To protect the security and integrity of the City network, IT will change the master network
password whenever a member of the City or IT who had access to that password, is relieved of
their duties for any reason.
M. All network administrators and other users are required to change their passwords every 180 days.
IV. APPROPRIATE USE, RESPONSIBILITES AND RECOMMENDATIONS
A. City employees are permitted to access City computers, intranet, internet and email systems, as
well as list servers and webcasts, as may reasonably be required for the performance of their
assigned duties. In addition to the requirements provided in sections I! and II! of this policy,
Employees are responsible for backing up data on their local hard drives, getting Windows
updates frequently, and getting virus updates frequently (if not automatic). In the event your PC
is mistakenly left on overnight, please re-boot it the next day in order to get the updated anti-
virus protection.
B. In order to keep the email storage space within its limits, its recommended that users
periodically delete Email from their “inbox,” “deleted items,” and "sent items.” To minimize spam
and viruses, it is good practice not to open email from unknown senders. Itis also
recommended that the network drives (H and S) be used by employees because such network
drives are backed up nightly. If using a power on password, then it must be given to IT.
V. INAPPROPRIATE USE
‘A. Avoid using the City’s computer, intranet, intemet, and email system in any way that reasonably
could be viewed as inappropriate, malicious, obscene, threatening or intimidating, that disparages
co-workers, volunteers, constituents, customers, stakeholders, suppliers or contractors or that might
constitute harassment or bullying, Examples of such conduct include, but are not limited to:
Sexually explicit or obscene remarks
Profane or vulgar language
‘Any comments that may be construed as discriminatory
Messages containing unwelcome propositions or love letters
Unauthorized mass electronic mailings or chain letters
Use of systems for political campaigns, endorsements, opinions or any other political activity
Solicitation of funds for commercial, personal, religious or charitable causes not sponsored by
the City
> Promotions of social functions, parties or other non-job related activities
> Computer games, i.e. but not limited to, card games (soitaire, hearts)
>
>
vvvvvvv
Use of streaming (internet radio and video) websites
Use of Peer to Peer sharing websites (downloading and sharing music and video files)
6> Installing unauthorized software applications, tools, utiities, intemet access protocols, internet
programs, remote control, terminal access, or bulletin board type programs on the City's
computer systems whether accessed via the internet or other communications methods
Installing any networking hardware, networking software, or hacker tools.
Use of any spy-ware or advertising software, ie. Gator, hotbar, etc.
No device, network and/or system owned, operated, maintained and/or managed by the City
will be used for criminal activity
Offensive remarks or posts meant to intentionally harming someone's reputation.
Behavior that could contribute to a hostile work environment on the basis of race, sex, diabilty,
religion or any other status protected by law or City policy.
> Auser that needs to drive a vehicle for their work, City issued or personal, shall not operate @
‘computer, cellphone or smartphone while the vehicle is in motion. Employees assigned
portable computers will stop their vehicle and park in a safe manner before attempting to
‘access information. At no time will an employee of the City operate a City vehicle with a
‘computer positioned in front of the driver. This paragraph does not apply to employees that are
specifically exempt by applicable law from the requirements provided in this paragraph.
vv
vy
VI. MONITORING AND REPORTING VIOLATIONS:
A.
Notwithstanding any provision to the contrary, the City may inspect and monitor at any time its
devices, equipment, networks and systems, including, but not limited to, its computers, files,
internet/intranet activity, emails, and any other electronic information created sent, received,
accessed, or stored on a City system, device, equipment or network. As such, an employee or user
has no expectation of privacy in the use of such devices, equipment, networks and systems.
‘Any reports or suspicions of inappropriate computer use, improper activity, violation of this
‘Computer Use Policy, any access of data, or any attempt to obtain access to data by a person not
authorized to access that data, must be immediately reported to and investigated by a supervisor
andlor department head. This responsibility applies regardless of whether the breach comes from
inside or outside of the City’s network. All such violations must also be reported to both IT and the
Director of Administration who will then notify all pertinent parties including those required by New
York State Technology Law section 208, as amended from time to time. The supervisor and/or
department head is encouraged to enlist IT when conducting their investigation of the reported or
suspected situation
Prior to taking any disciplinary action, based on a violation of this policy, the supervisor, department
head and/or IT, will consult with the Office of the Personnel and Labor Relations.
Vil. ELECTRONIC NOTIFICATION OF BREACH
A
As permitted pursuant to section 208 of the New York State Technology Law, by signing the
“Receipt of Computer Use Policy’ document attached to this policy, you agree that you can be
notified via electronic methods as your official notification, when there has been or is reasonably
believed to have been an unintended disclosure or compromise of your private information.vil,
IK,
INTERNET
‘A. Internet access is made available to all computer and network users for work related purposes. IT
may monitor, without notice to the user, internet activity, by a specific employee and of specific
Internet sites.
B. Anemployee who abuses internet access or City computer privileges by accessing inappropriate
sites, or using the internet or computer for other than work-related purposes, such as shopping and
web surfing, may be subject to disciplinary action and/or the loss of internet access privileges
and/or the loss of assigned device(s). This paragraph is not intended to prohibit an employee
granted access to email for work-related purposes from reasonable usage of his or her email during
non-work hours, such as during lunch breaks, for purposes of excercising such person's rights
under Article 14 of the New York State Civil Service Law or other applicable law. However, the City
reserves the right to prohibit or limit such usage where special circumstances or the City's interest
warrant otherwise, for example, for disciplinary purposes, to maintain production, email efficiency or
functioning, or to prevent system damage or overload due to excessive use. No user will use
another user's computer to access inappropriate sites. No user will use another user's device when
their internet andlor device privileges are revoked.
C. IT shall be responsible for the installation and maintenance of firewall and web filtering security
devices for City information systems. These devices ensure the integrity and security of computer
networks. No user shall attempt to subvert or bypass the City’s firewall in an attempt to access non-
authorized sites.
ACCESS, REMOTE ACCESS, & WIRELESS ACCESS
A. Users of the City will utilize the following operational procedures when connecting to the City's
network from any host. These procedures are designed to minimize the potential exposure of the
City to damages, which may result from unauthorized use of City resources, Damages include but
are not limited to:
Loss of sensitive/confidential City data
Loss of intellectual property
Data or security breaches
Damage to critical City internal systems
@ The use of remote access software, other than Microsoft Outlook Web Access, will be
limited to IT and/or approved vendors. IT will reserve the right to use remote access
software in efforts to troubleshoot computer problems. As such, no employee of the
City, other than an authorized member of IT, shall access or attempt to access remotely,
any City network resource other than Microsoft Outlook Web Access at any time from
equipment that is not under the control of IT (i. laptops, tablets, smartphones etc.
(i) Noemployee will attempt to gain access to any area of the City’s computer system that
they are not authorized to access. No attempt will be made to access authorized
resources by unauthorized means. This includes, but is not limited to, other's mailboxes,
hard drives, or networked software programs.
(ii) Multiple users may share computers as long as each user accesses information through
their own assigned login. No user may access any network or computer resources by
using another user's login information.(iv) tis the responsibility of employees with remote access privileges to ensure that a
remote connection to the City’s network is not used by any unauthorized persons to gain
‘access to City information system resources. No user will reveal their account password
to others or allow use of their account by others, including family and/or other household
members, when work is being done from home. An employee who is granted remote
‘access privileges must remain constantly aware that remote connections between their
location and the City are literal extensions of the City network. These connections
provide a potential path to the City's most sensitive information. The employee must take
every reasonable measure to protect the City's systems, network and data
(v) Remotely located Departments such as fire stations, recreactional centers or City
affiliated organizations (Ex. Home Headquarters) that connect to the City Network
through a Point to Point (PTP) VPN will be configured, managed and monitored by IT or
will adhere to the City standards, should the PTP be installed by a third party
Documentation verifying the security of the PTP will be provided by the third party.
(vi) The City's public wireless should be accessed by employees only during non-working
hours such as during a lunch break.
(vil) ‘The City utilizes appropriate encryption to ensure that all wireless data is secured. No
device owned or operated by the City will connect to any wireless access point, router,
bridge, or host over any wireless network that is not equipped with the aforementioned
encryption appropriately configured by IT unless it has been approved by IT. No
member of the City will bypass or attempt to bypass encryption hardware or software to
access non-encrypted networks,
(vii) ‘The following functions are prohibited unless the member is a network administrator and
the functions are part of her/his regular duties:
* Port scanning or security scanning;
Executing any form of network monitoring which will intercept data not intended for
the employee's host;
Circumventing user authentication or security of a host, network or account,
Interfering with or denying service to any user other than the employee's host; or
Using any program/scripticommand, or sending messages of any kind, with the
intent to interfere with, or disable, a user's terminal session, by any means, locally or
via the internet/intranet/extranet.
X. PHYSICAL ACCESS
‘A. All physical access to City buildings through electronic Card Access will be requested by a
department head only
XI, CITY DATA & EQUIPMENT
‘A. The use of any City devices, equipment, systems or confidential information for personal use, such
as for academic or school projects, is strictly prohibited. IT will remove any unauthorized software
found on City computers during maintenance work or upgrades.
B, Computers that are assigned to a department for use by multiple users within a department shall
not be kept isolated, or stored away by any single user, so as to prevent other users from
performing computer tasks related to their duties.
9Xll, SPECIAL CONSIDERATIONS FOR LAPTOPS AND MOBILE DEVICES
‘A. The physical security of the City’s laptop is your personal responsbilty, so please take all reasonable
precautions. Be sensible and stay alert to the risks. Keep your laptop in your possession and within sight.
Be extra careful in public places. It takes just a fraction of a second for an unattended laptop to be stolen.
B. Ifyou have to leave the laptop temporarily unattended, even for a short while, use a laptop security cable or
similar device to attach it imly to a desk or similar heavy furniture or lock the laptop away out of sight
when you are not using it. This applies at home, in the office or any other location. Never leave a laptop
visibly unattended in a vehicle. f absolutely necessary, lock it out of sight in the trunk or glove box. Its
generally much safer to take it with you.
C. Please remember that laptops can and will be damaged if not properly cared for. Use the device as
intended. Do not sit on or use the laptop as a writing surface, Heavy pressure may damage the screen
and other parts of the device. Extreme hot and cold conditions can affect the performance and life of the
laptop. Even if the device is out of plain sight, avoid leaving it in unconditioned spaces for long periods
during summer and winter months.
D. Viruses are a major threat and laptops are particularly vuinerableif their anti-virus software is not kept up-
to-date, The anti-virus software must be updated at least monthly. Therefore itis highly recommended that
you bring the laptop into the office weekly and connect it to the network in order to ensure that virus
{definitions are kept updated. If you suspect the antivirus software is not functioning correctly contact IT at
(315) 448-8250.
, Always vius-scan any files downloaded to your computer from any source (CD/DVD, USB hard disks and
‘memory sticks, network fies, email attachments or files from the internet). Virus scans normally happen
‘automatically. Be especially careful to virus-scan your system before you send any files out. This includes
‘email attachments and CD-ROMs that you create. If you need assistance and/or training on how to scan
specific files for viruses please contact IT.
F. Please report all security and/or virus warning message(s) promptly to the IT helpdesk to minimize
damage to the laptop and/or network. Do not forward any files or upload data onto the network if you
suspect your laptop might be infected.
G. Unlike desktop computers which have network drives that are backed up by IT, laptops may not always
have a network location to save work. Itis important to connect the laptop to the network, logon and upload
data from the laptop to a network share on a regular basis. f you are unable to access the network or if you
need assistance, please contact the IT helpdesk. Remember, ifthe laptop is stolen, lost or damaged, or if
it simply matfunctions, it may be impossible to retrieve any ofthe data from the laptop.
Xill, COPYRIGHT MATERIAL
‘A. Respect and adhere to all copyright and other intellectual property laws. For the City's protection
‘as well as your own, its critical that you show proper respect for, adherance to, and do not violate
the laws governing copyright, fair use of copyrighted material owned by others, trademarks and
other intellectual property, including the City’s own copyrights, trademarks and brands. Examples
that may be in violation of such laws, include, but are not limited to, the unauthorized copying of
‘copyrighted material, such as, digitization and distribution of photographs from magazines, books or
other copyrighted sources, copyrighted music, and the installation of any copyrighted software for
which the City or the end user does not have an active license is strictly prohibited.
10XIV. MAINTENANCE, INSPECTIONS, & MONITORING
A. ITis responsible for all maintenance, support and repair of City devices. All users may submit a
request for maintenance via helpdesk@syrgov.net.
B. City devices are subject to inspection at any time. It is the responsibility of IT to conduct periodic
inspections of City computers and to notify the respective department head when appropriate.
C. Please be aware that City computer, device and system activity including, but not limited to, files
accessed, email and internet websites may be monitored at any time. All personnel are advised that
the City possesses and may utilize at any time, activity-monitoring software capable of capturing
keystrokes and screen shots of a member's computer, device and system activity. Activity reports may
be furnished to the user's Department Head.
XV. CERTIFICATION & TRAINING
‘A. Upon appointment, each employee must sign and agree to the rules, regulations and procedures
detailed in the "Computer User Policy’, which is required by the City for access to all City
computers, network resources and systems.
B. Itwill be the responsibility of the City to design and administer adqi ional computer training specific
to the software available to the assigned employee
XVI. ELECTRONIC MAIL (email)
‘A. Requests for a departmental or non-user specific (special projects) email address will be submitted
to IT by a department head only.
B._ Refrain from using the City’s email system for personal use, such as receiving messages from or on
social networks, blogs or other online tools utilized for personal use. This paragraph is not intended
to prohibit an employee granted access to email for work-related purposes from reasonable usage
of his or her email during non-work hours, such as during lunch breaks, for purposes of excercising
such person's rights under Article 14 of the New York State Civil Service Law or other applicable
law. However, the City reserves the right to prohibit or limit such usage where special
circumstances or the City's interest warrant otherwise, for example, for disciplinary purposes, to
maintain production, email efficiency or functioning, or to prevent system damage or overload due
to excessive use.
C. No user shall attempt to gain unauthorized access to another user's mailbox. However, a user's
department head shall have the right to access that user's mailbox for business purposes.
D. Emails with large or numerous electronic file attachments are discouraged. IT may limit mailbox
sizes of any user.
E. Employees with City email accounts are required to check for new messages each day they report
to work,
F. Email attachments are now the number one source of computer viruses. It is recommended that you
avoid opening any email attachment unless you were expecting to receive it from that person.
G. The City's email system shall not be used for the creation or distribution of any disruptive or
offensive messages, including but not limited to pornography, offensive comments about race,
uxvil.
xv.
color, national origin, ancestry, gender, religion, religious practice, age, disability, sexual orientation,
and/or political beliefs. Employees who receive any emails with this type of content from any City
employee should report the matter to their supervisor immediately. All messages should be
professional and courteous: and in conformity with City policies, including, but not limited to, the
City’s Ethic's Policy, Mobile Communication Devices Policy, Harassment in the Workplace Policy,
‘Sexual Harassment Policy, Workplace Violence Protection Policy, and City department specific
policies and procedures.
RETAILIATION PROHIBITED
‘A. The City prohibits taking negative action against any person for reporting a possible deviation from this
policy or for cooperating in an investigation. Any person who retaliates against another person,
individual or entity for reporting a possible deviation from this policy or for cooperating in an
investigation will be subject to disciplinary action, up to and including termination.
EMPLOYEE RIGHTS
‘A. This policy is not intended to interfere with, restrain or coerce employees in the exercise of their rights
under Article 14 of the New York State Civil Service Law or other applicable law.
Version 04_2015RECEIPT OF COMPUTER USE POLICY
Ihave received a copy of the City's Computer Use Policy
Name (print) Signature
Department Date
For existing employees, please retum the signed copy to your department within 5 days of receiving this.
For new employees, this is required before getting a sign-on / password.
Version 04_2015