CITY OF SYRACUSE BUREAU OF INFORMATION TECHNOLOGY COMPUTER USE POLICY a 1_| Version 2 [__ March,2004 : 2__| March, 2013 revision 3/13/2013 3__| April, 2015 revision April 7, 2015. . Policy Revision [__Date Rev. | SECTION IT-001 PURPOSE: ‘A. This policy provides general guidelines for appropriate behavior of any person when using the City of Syracuse’s computers, electronic mail (email) system or accessing the internet or intranet. Department heads may, in their discretion, establish additional standards and restrictions governing use of these systems by their employees (ie., timely response to email internet access). B. These guidelines do not supercede any state or federal laws regarding confidentiality, information dissemination, or standards of conduct. Any violations of this policy may result in disciplinary action, including, but not limited to, revocation or suspension of computer privileges, termination of ‘employment and/or the imposition of criminal charges for violations of the penal law. SECTION IT-002 SCOPE: A. This policy is the minimum standard that applies to all regular and temporary, part-time and full-time employees, consultants, vendors, interns, or others authorized to use the City of Syracuse computer systems. SECTION IT-003 DEFINITIONS: A. Application: Electronic code that performs a specific task on a computer (eg. Microsoft Word®, Internet Explorer®, Windows server 20108, etc.) 1Authorized User: ‘An individual or vendor sanctioned by the City, through IT, to utilize City devices. An individual may be sanctioned by the very nature of their training or assignment. City Defined as the City of Syracuse. City Device(s): A device or group of devices owned, operated, maintained, and/or managed by the City’s IT Bureau City Systems) Any system owned, operated or maintained, and/or managed by the City This includes any system connected to or accessed via the City network or component. Commercial Software: Software purchased to run on a particular system. DeGausser: Electronic equipment used to erase information from a magnetic disk or other storage device. Department: ‘A department, division, bureau, and/or team that is assigned a City device through IT. Device(s): ‘A device or group of devices which, by manipulation of electronic, ‘magnetic, optical or electrochemical impulses, pursuant to a computer program, can automatically perform arithmetic, logical, storage or retrieval operations with or on computer data, and includes any connected or directly related device, equipment or facility which enables such computer to store, retrieve or communicate to or from a person, another computer or another device the results of computer operations, computer programs or computer data. Downloads: Copies of files obtained through removable media such as floppy disk, CD ROMIDVD or received from another computer or the internet Electronic Mail (email): Electronic messages sent from one person via one device to another. City email - Electronic messages sent to or from a user's City email address. Internet email — Electronic messages sent from one person via internet to another person. «Attachments — Electronic files that can be sent with City email or internet email Electronic Signature: An electronic symbol, or process, attached to or logically associated with lan electronic record and executed or adopted by a person with the intent to sign the record. The Uses of an electronic signature shall have the same validity and effect as the use of a signature affixed by hand Freeware: Software freely obtained through public sources. N. Host: ‘Any computer that has full two-way access to another computer on a network or the internet. A host has a specific “local or host number’, together with the network number, forms it unique IP address. Internet: The global system of networked computers around the world. Instant Message (IM): An electronic message sent between two computers or hosts. iT Defined as the Bureau of Information Technology.R. Local Area Network (LAN): A group of computers connected together that have the ability to share files. S. Log-in (Log-on): Access to applications, files, peripherals and Department computers through the use of assigned user names and passwords for security purposes. T. Log-off: When access is no longer needed, it removes access. A new Log-in is required to regain access. U. Maintained Device(s): Devices owned and serviced by the City. V. Managed Device(s): Devices owned and/or leased by the City that have a connection with services provided by a vendor (i.e. copiers and cellphones). W. Maintenance/Installations : Additions, modifications or deletions of any software or hardware on a City system, network, or device performed by authorized personnel. X. Media: Hard drives, removable drives (such as Zip drives), CD-ROMs CD-Rs, DVDs, flash memory, USB drives, or floppy disks. Y. Modem: A device to send and receive electronic information (documents, images, files) from a computer, usually through a telephone line. Z. Owned Device(s) purchased through City funds and/or grants, ‘AA Operated Device(s): Devices loaned or leased to the City for specific projects. AB, Password Confidential authentication information composed of a string of characters used to provide access to a computer resource, used in conjunction with a user-name to establish the users right to access a computer or network. AC. Peripheral(s): ‘Any equipment that is attached to a computer system such as scanners, ‘speakers, printers, cameras, zip drives, cellphones, BlackBerries/smartphones, etc. AD. Remote Access: The ability to log into a computer or network within an organization from an external location. Remote access is typically accomplished via a connection to the internet or by dialing directly via an analog modem. AE. Removable Media: Any device that stores information that can be removed from one ‘computer and moved to another (Le., floppy disks, CD ROM/DVD cisks, tape cassettes, flash drive, etc.). AF. Sanitization: A disposal method sufficient to preclude the recognition or reconstruction of information, followed by a verification process to prove the success of this method, AG. Shareware: Software obtained through public sources with the normally limited features, periodic visual reminders to purchase or a time limited cutoff to prevent use without purchase, AH. Software: The instruction set used to make the hardware (central processing chips, monitors, drives, etc.) perform tasks. ‘Al. Software Licensing: Software that is legally licensed and is installed so that itis in compliance with the associated license. Software purchased for one computer often cannot be legally installed on any other computer because the original license allows only one installation. é}‘AJ. Unauthorized Software: Any software that has not been approved by IT. This includes any software not required for job related duties, AK. Uploads: Copies of files sent to another computer. AL. User-name: ‘The name that identifies a user to a computer network, generally used in conjunction with a password to establish the user's right to access a computer or network. ‘AM. Virtual Private Network(VPN): A network that uses a public telecommunication infrastructure, such as the internet, to provide remote offices or individual users with secure access to their organization's network. AL. Wireless: The ability to connect and sendireceive files wirelessly (i.¢., cellphone system, cellular digital packet data, or other means). SECTION IT-004 POLICIES: 1. SUPPORTED SOFWARE STANDARDS ‘A. In order to provide the best support possible and to minimize problems with incompatible software and file/document formats, all hardware and software must be approved in advance by IT. Il, PRIVACY AND CONFIDENTIALITY ‘The City respects the individual privacy of its employees; however, to the extent permissible by law, ‘employee privacy does not extend to the employee's work related conduct or to use of government ‘operated equipment or supplies. This includes the components that permit City employees to connect to the internet and to utilize the email system, Employees are to specifically understand that personal messages or files have no guarantee or expectation of privacy since such messages or files are commingled with all other messages or files on our systems and are subject to the same legal and regulatory exposure, internal review and monitoring, In addition, be advised that internet access and usage may also be monitored. To promote security, employees must refrain from sharing passwords or other access codes with non-authorized individuals. Each City employee is responsible for actions conducted under his or her email name or log on account ‘A. Email that is sent through the City computer system may be retrieved by authorized personnel at a later time, even though it may have been deleted from the assigned employee's mailbox. Please be aware that Email could also be subject to a discovery motion in a criminal case, civil case, FOIL. request, or internal investigation. B. Users shall maintain the confidentiality of the City's trade secrets and private or confidential information. Trade secrets may include, but not be limited to, information regarding the development of systems, processes, products, know-how and technology. Do not post internal reports, policies, procedures or other internal business related confidential communications, C. Because of the need to protect and monitor the City's network, the City cannot guarantee the confidentiality or privacy of any information stored on any network device by a user. 4D. Ultimately, you are responsible for anything you post on the City's network, system's and devices, and on other networks, such as social media. Please consider some of the risks and rewards that are involved. Keep in mind that any of your conduct that adversely affects your job performance, the performance of fellow co-workers or otherwise adversely affects constitutents, customers, stakeholders, suppliers, contractors, or people who work with or on behalf of the City or the City's legitimate business interests may result in disciplinary action up to and including termination. Wl, SECURITY ‘A. Users shall follow City rules, regulations and shall abide by all use and dissemination of information agreement and contracts. Users shall also abide by applicable federal, state and local laws when using City computer and information systems. B. Employees assigned a device will be responsible for its physical security and the information contained therein, and for obtaining any required maintenance through IT. IT shall assign computers to specific departments or users. It shall be the assigned user's responsibility to safeguard the computer using every precaution available (.e., locking their vehicle when left Unattended, locking office doors, etc.). Devices are to be used only by authorized personnel. ‘Authorization for the use of computers by employees other than those specifically designated must be obtained from IT. C. Authorized users of a shared device are responsible for its security and the access to that computer during the time that itis under their control, and any period when they are logged on to that ‘computer. D. Users may not leave a computer terminal (shared or otherwise) without securing it by logging off or locking the station. E. All ity users will be responsible for having passwords to access various computer systems. These systems include, but are not limited to, AS400 and City email systems. Users assigned to areas of the City that require them to have access to specific computer systems will be responsible for having passwords to those systems. Users shall not facilitate unauthorized personnel access to any City computer. For example, a user should not post or tape such passwords or codes to his or her computer screen or have such information visible on a user's workstation or desk. Users shall rot give their password in any discernible form (written or verbal) to unauthorized personnel. Users shall not leave written passwords and access codes in or near their computer. Users, when requested, shall be required to disclose to their Department Head and IT staff any passwords, ‘codes and security information necessary to access the computer system to ensure the security of the system and its information, and for business and maintenance purposes. F. All employees viewing any information contained in the City system are responsible for the security and safe keeping of that information. Information and reports viewed in electronic form are considered the same as printed material. G. Atno time will IT create generic or multi-user network profiles. By default, all users of the City ‘computer systems and network will be provided with the most restrictive network profile possible that still allows the user to perform their duties. If you have any questions or concerns regarding a profile, please contact IT at (315) 448-8250. H. IT will be responsible for loading and maintaining virus protection on all City computers and network drives, except as otherwise provided or required in this policy. In addition, IT will be responsible for providing information describing the use of utilities, which safeguard the computer (virus scanning, file backup). As such, please contact IT at (315) 448-8250 regarding any questions or concerns pertaining to virus protection and utility usage. 5|. IT must be notified immediately at (315) 448-8250 when City computers or peripheral equipment are damaged, stolen, or if unauthorized access is observed, attempted or gained. J. Itis prohibited to effect security breaches or disruption of network communication, including but not limited to: accessing data of which the employee is not an intended recipient or logging into a server ‘or account that the employee is not authorized to access unless these functions are within the scope of that employee's regular duties. K. In order to maintain confidentiality of the City computer system and security of City facilities, whenever an employee of the City is relieved of duty for any reason (i.e., suspension, termination, retirement, leave of absence, or resignation), the department head will immediately notify IT L. To protect the security and integrity of the City network, IT will change the master network password whenever a member of the City or IT who had access to that password, is relieved of their duties for any reason. M. All network administrators and other users are required to change their passwords every 180 days. IV. APPROPRIATE USE, RESPONSIBILITES AND RECOMMENDATIONS A. City employees are permitted to access City computers, intranet, internet and email systems, as well as list servers and webcasts, as may reasonably be required for the performance of their assigned duties. In addition to the requirements provided in sections I! and II! of this policy, Employees are responsible for backing up data on their local hard drives, getting Windows updates frequently, and getting virus updates frequently (if not automatic). In the event your PC is mistakenly left on overnight, please re-boot it the next day in order to get the updated anti- virus protection. B. In order to keep the email storage space within its limits, its recommended that users periodically delete Email from their “inbox,” “deleted items,” and "sent items.” To minimize spam and viruses, it is good practice not to open email from unknown senders. Itis also recommended that the network drives (H and S) be used by employees because such network drives are backed up nightly. If using a power on password, then it must be given to IT. V. INAPPROPRIATE USE ‘A. Avoid using the City’s computer, intranet, intemet, and email system in any way that reasonably could be viewed as inappropriate, malicious, obscene, threatening or intimidating, that disparages co-workers, volunteers, constituents, customers, stakeholders, suppliers or contractors or that might constitute harassment or bullying, Examples of such conduct include, but are not limited to: Sexually explicit or obscene remarks Profane or vulgar language ‘Any comments that may be construed as discriminatory Messages containing unwelcome propositions or love letters Unauthorized mass electronic mailings or chain letters Use of systems for political campaigns, endorsements, opinions or any other political activity Solicitation of funds for commercial, personal, religious or charitable causes not sponsored by the City > Promotions of social functions, parties or other non-job related activities > Computer games, i.e. but not limited to, card games (soitaire, hearts) > > vvvvvvv Use of streaming (internet radio and video) websites Use of Peer to Peer sharing websites (downloading and sharing music and video files) 6> Installing unauthorized software applications, tools, utiities, intemet access protocols, internet programs, remote control, terminal access, or bulletin board type programs on the City's computer systems whether accessed via the internet or other communications methods Installing any networking hardware, networking software, or hacker tools. Use of any spy-ware or advertising software, ie. Gator, hotbar, etc. No device, network and/or system owned, operated, maintained and/or managed by the City will be used for criminal activity Offensive remarks or posts meant to intentionally harming someone's reputation. Behavior that could contribute to a hostile work environment on the basis of race, sex, diabilty, religion or any other status protected by law or City policy. > Auser that needs to drive a vehicle for their work, City issued or personal, shall not operate @ ‘computer, cellphone or smartphone while the vehicle is in motion. Employees assigned portable computers will stop their vehicle and park in a safe manner before attempting to ‘access information. At no time will an employee of the City operate a City vehicle with a ‘computer positioned in front of the driver. This paragraph does not apply to employees that are specifically exempt by applicable law from the requirements provided in this paragraph. vv vy VI. MONITORING AND REPORTING VIOLATIONS: A. Notwithstanding any provision to the contrary, the City may inspect and monitor at any time its devices, equipment, networks and systems, including, but not limited to, its computers, files, internet/intranet activity, emails, and any other electronic information created sent, received, accessed, or stored on a City system, device, equipment or network. As such, an employee or user has no expectation of privacy in the use of such devices, equipment, networks and systems. ‘Any reports or suspicions of inappropriate computer use, improper activity, violation of this ‘Computer Use Policy, any access of data, or any attempt to obtain access to data by a person not authorized to access that data, must be immediately reported to and investigated by a supervisor andlor department head. This responsibility applies regardless of whether the breach comes from inside or outside of the City’s network. All such violations must also be reported to both IT and the Director of Administration who will then notify all pertinent parties including those required by New York State Technology Law section 208, as amended from time to time. The supervisor and/or department head is encouraged to enlist IT when conducting their investigation of the reported or suspected situation Prior to taking any disciplinary action, based on a violation of this policy, the supervisor, department head and/or IT, will consult with the Office of the Personnel and Labor Relations. Vil. ELECTRONIC NOTIFICATION OF BREACH A As permitted pursuant to section 208 of the New York State Technology Law, by signing the “Receipt of Computer Use Policy’ document attached to this policy, you agree that you can be notified via electronic methods as your official notification, when there has been or is reasonably believed to have been an unintended disclosure or compromise of your private information.vil, IK, INTERNET ‘A. Internet access is made available to all computer and network users for work related purposes. IT may monitor, without notice to the user, internet activity, by a specific employee and of specific Internet sites. B. Anemployee who abuses internet access or City computer privileges by accessing inappropriate sites, or using the internet or computer for other than work-related purposes, such as shopping and web surfing, may be subject to disciplinary action and/or the loss of internet access privileges and/or the loss of assigned device(s). This paragraph is not intended to prohibit an employee granted access to email for work-related purposes from reasonable usage of his or her email during non-work hours, such as during lunch breaks, for purposes of excercising such person's rights under Article 14 of the New York State Civil Service Law or other applicable law. However, the City reserves the right to prohibit or limit such usage where special circumstances or the City's interest warrant otherwise, for example, for disciplinary purposes, to maintain production, email efficiency or functioning, or to prevent system damage or overload due to excessive use. No user will use another user's computer to access inappropriate sites. No user will use another user's device when their internet andlor device privileges are revoked. C. IT shall be responsible for the installation and maintenance of firewall and web filtering security devices for City information systems. These devices ensure the integrity and security of computer networks. No user shall attempt to subvert or bypass the City’s firewall in an attempt to access non- authorized sites. ACCESS, REMOTE ACCESS, & WIRELESS ACCESS A. Users of the City will utilize the following operational procedures when connecting to the City's network from any host. These procedures are designed to minimize the potential exposure of the City to damages, which may result from unauthorized use of City resources, Damages include but are not limited to: Loss of sensitive/confidential City data Loss of intellectual property Data or security breaches Damage to critical City internal systems @ The use of remote access software, other than Microsoft Outlook Web Access, will be limited to IT and/or approved vendors. IT will reserve the right to use remote access software in efforts to troubleshoot computer problems. As such, no employee of the City, other than an authorized member of IT, shall access or attempt to access remotely, any City network resource other than Microsoft Outlook Web Access at any time from equipment that is not under the control of IT (i. laptops, tablets, smartphones etc. (i) Noemployee will attempt to gain access to any area of the City’s computer system that they are not authorized to access. No attempt will be made to access authorized resources by unauthorized means. This includes, but is not limited to, other's mailboxes, hard drives, or networked software programs. (ii) Multiple users may share computers as long as each user accesses information through their own assigned login. No user may access any network or computer resources by using another user's login information.(iv) tis the responsibility of employees with remote access privileges to ensure that a remote connection to the City’s network is not used by any unauthorized persons to gain ‘access to City information system resources. No user will reveal their account password to others or allow use of their account by others, including family and/or other household members, when work is being done from home. An employee who is granted remote ‘access privileges must remain constantly aware that remote connections between their location and the City are literal extensions of the City network. These connections provide a potential path to the City's most sensitive information. The employee must take every reasonable measure to protect the City's systems, network and data (v) Remotely located Departments such as fire stations, recreactional centers or City affiliated organizations (Ex. Home Headquarters) that connect to the City Network through a Point to Point (PTP) VPN will be configured, managed and monitored by IT or will adhere to the City standards, should the PTP be installed by a third party Documentation verifying the security of the PTP will be provided by the third party. (vi) The City's public wireless should be accessed by employees only during non-working hours such as during a lunch break. (vil) ‘The City utilizes appropriate encryption to ensure that all wireless data is secured. No device owned or operated by the City will connect to any wireless access point, router, bridge, or host over any wireless network that is not equipped with the aforementioned encryption appropriately configured by IT unless it has been approved by IT. No member of the City will bypass or attempt to bypass encryption hardware or software to access non-encrypted networks, (vii) ‘The following functions are prohibited unless the member is a network administrator and the functions are part of her/his regular duties: * Port scanning or security scanning; Executing any form of network monitoring which will intercept data not intended for the employee's host; Circumventing user authentication or security of a host, network or account, Interfering with or denying service to any user other than the employee's host; or Using any program/scripticommand, or sending messages of any kind, with the intent to interfere with, or disable, a user's terminal session, by any means, locally or via the internet/intranet/extranet. X. PHYSICAL ACCESS ‘A. All physical access to City buildings through electronic Card Access will be requested by a department head only XI, CITY DATA & EQUIPMENT ‘A. The use of any City devices, equipment, systems or confidential information for personal use, such as for academic or school projects, is strictly prohibited. IT will remove any unauthorized software found on City computers during maintenance work or upgrades. B, Computers that are assigned to a department for use by multiple users within a department shall not be kept isolated, or stored away by any single user, so as to prevent other users from performing computer tasks related to their duties. 9Xll, SPECIAL CONSIDERATIONS FOR LAPTOPS AND MOBILE DEVICES ‘A. The physical security of the City’s laptop is your personal responsbilty, so please take all reasonable precautions. Be sensible and stay alert to the risks. Keep your laptop in your possession and within sight. Be extra careful in public places. It takes just a fraction of a second for an unattended laptop to be stolen. B. Ifyou have to leave the laptop temporarily unattended, even for a short while, use a laptop security cable or similar device to attach it imly to a desk or similar heavy furniture or lock the laptop away out of sight when you are not using it. This applies at home, in the office or any other location. Never leave a laptop visibly unattended in a vehicle. f absolutely necessary, lock it out of sight in the trunk or glove box. Its generally much safer to take it with you. C. Please remember that laptops can and will be damaged if not properly cared for. Use the device as intended. Do not sit on or use the laptop as a writing surface, Heavy pressure may damage the screen and other parts of the device. Extreme hot and cold conditions can affect the performance and life of the laptop. Even if the device is out of plain sight, avoid leaving it in unconditioned spaces for long periods during summer and winter months. D. Viruses are a major threat and laptops are particularly vuinerableif their anti-virus software is not kept up- to-date, The anti-virus software must be updated at least monthly. Therefore itis highly recommended that you bring the laptop into the office weekly and connect it to the network in order to ensure that virus {definitions are kept updated. If you suspect the antivirus software is not functioning correctly contact IT at (315) 448-8250. , Always vius-scan any files downloaded to your computer from any source (CD/DVD, USB hard disks and ‘memory sticks, network fies, email attachments or files from the internet). Virus scans normally happen ‘automatically. Be especially careful to virus-scan your system before you send any files out. This includes ‘email attachments and CD-ROMs that you create. If you need assistance and/or training on how to scan specific files for viruses please contact IT. F. Please report all security and/or virus warning message(s) promptly to the IT helpdesk to minimize damage to the laptop and/or network. Do not forward any files or upload data onto the network if you suspect your laptop might be infected. G. Unlike desktop computers which have network drives that are backed up by IT, laptops may not always have a network location to save work. Itis important to connect the laptop to the network, logon and upload data from the laptop to a network share on a regular basis. f you are unable to access the network or if you need assistance, please contact the IT helpdesk. Remember, ifthe laptop is stolen, lost or damaged, or if it simply matfunctions, it may be impossible to retrieve any ofthe data from the laptop. Xill, COPYRIGHT MATERIAL ‘A. Respect and adhere to all copyright and other intellectual property laws. For the City's protection ‘as well as your own, its critical that you show proper respect for, adherance to, and do not violate the laws governing copyright, fair use of copyrighted material owned by others, trademarks and other intellectual property, including the City’s own copyrights, trademarks and brands. Examples that may be in violation of such laws, include, but are not limited to, the unauthorized copying of ‘copyrighted material, such as, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which the City or the end user does not have an active license is strictly prohibited. 10XIV. MAINTENANCE, INSPECTIONS, & MONITORING A. ITis responsible for all maintenance, support and repair of City devices. All users may submit a request for maintenance via helpdesk@syrgov.net. B. City devices are subject to inspection at any time. It is the responsibility of IT to conduct periodic inspections of City computers and to notify the respective department head when appropriate. C. Please be aware that City computer, device and system activity including, but not limited to, files accessed, email and internet websites may be monitored at any time. All personnel are advised that the City possesses and may utilize at any time, activity-monitoring software capable of capturing keystrokes and screen shots of a member's computer, device and system activity. Activity reports may be furnished to the user's Department Head. XV. CERTIFICATION & TRAINING ‘A. Upon appointment, each employee must sign and agree to the rules, regulations and procedures detailed in the "Computer User Policy’, which is required by the City for access to all City computers, network resources and systems. B. Itwill be the responsibility of the City to design and administer adqi ional computer training specific to the software available to the assigned employee XVI. ELECTRONIC MAIL (email) ‘A. Requests for a departmental or non-user specific (special projects) email address will be submitted to IT by a department head only. B._ Refrain from using the City’s email system for personal use, such as receiving messages from or on social networks, blogs or other online tools utilized for personal use. This paragraph is not intended to prohibit an employee granted access to email for work-related purposes from reasonable usage of his or her email during non-work hours, such as during lunch breaks, for purposes of excercising such person's rights under Article 14 of the New York State Civil Service Law or other applicable law. However, the City reserves the right to prohibit or limit such usage where special circumstances or the City's interest warrant otherwise, for example, for disciplinary purposes, to maintain production, email efficiency or functioning, or to prevent system damage or overload due to excessive use. C. No user shall attempt to gain unauthorized access to another user's mailbox. However, a user's department head shall have the right to access that user's mailbox for business purposes. D. Emails with large or numerous electronic file attachments are discouraged. IT may limit mailbox sizes of any user. E. Employees with City email accounts are required to check for new messages each day they report to work, F. Email attachments are now the number one source of computer viruses. It is recommended that you avoid opening any email attachment unless you were expecting to receive it from that person. G. The City's email system shall not be used for the creation or distribution of any disruptive or offensive messages, including but not limited to pornography, offensive comments about race, uxvil. xv. color, national origin, ancestry, gender, religion, religious practice, age, disability, sexual orientation, and/or political beliefs. Employees who receive any emails with this type of content from any City employee should report the matter to their supervisor immediately. All messages should be professional and courteous: and in conformity with City policies, including, but not limited to, the City’s Ethic's Policy, Mobile Communication Devices Policy, Harassment in the Workplace Policy, ‘Sexual Harassment Policy, Workplace Violence Protection Policy, and City department specific policies and procedures. RETAILIATION PROHIBITED ‘A. The City prohibits taking negative action against any person for reporting a possible deviation from this policy or for cooperating in an investigation. Any person who retaliates against another person, individual or entity for reporting a possible deviation from this policy or for cooperating in an investigation will be subject to disciplinary action, up to and including termination. EMPLOYEE RIGHTS ‘A. This policy is not intended to interfere with, restrain or coerce employees in the exercise of their rights under Article 14 of the New York State Civil Service Law or other applicable law. Version 04_2015RECEIPT OF COMPUTER USE POLICY Ihave received a copy of the City's Computer Use Policy Name (print) Signature Department Date For existing employees, please retum the signed copy to your department within 5 days of receiving this. For new employees, this is required before getting a sign-on / password. Version 04_2015