Note: This message is displayed if (1) your browser is not standards-compliant or (2) you have you disabled CSS. Read our Policies for more information.
These FAQs are intended to provide guidance to workforce members on the secure and appropriate use of Information Resources.
Why is my account disabled if I don’t complete the training?
It is a requirement for all Executive branch workers and 21 days (including weekends) provides enough time to find the needed 20 minutes to train on and accept the IRUA. The majority of workers complete the training in the first week.
What should I do if I am not sure whether the Security Policies or IRUA allow me to do an action on my computer that I’m contemplating (e.g. – surfing the Internet, moving data to a device, etc.)?
Don’t take unnecessary risks. Consult with your management before proceeding. They will give the necessary guidance.
To what and to whom do these Security Policies and IRUA apply?
The Security Policies and IRUA apply to all Executive branch employees, contractors, interns, volunteers and others who are authorized to access Information Resources to provide government services to state agencies (collectively defined as "workforce members").
I have contractors working for me, do they need to complete the Information Resources Use Agreement?
The standard for determining if a contractor must complete is whether or not their duties require an Active Directory (AD) ID. Those needing an AD login ID will be required to take the training. Agencies may identify additional resources needing the training that do not have an AD ID.
May I adjust my internet browser security settings?
No. Internet security settings are designed to protect Information Resources from all kinds of threats such as viruses, spyware, etc.
Should I be worried if I tried to access a web page that is blocked?
Accidents happen. In most cases there is nothing to worry about. IOT does not actively monitor for attempts to go to blocked sites. If your attempt to visit a site was blocked was innocent that is usually fairly obvious by examining other Internet use.
May I download or install applications onto my computer?
No. Only personnel authorized by IOT may install applications onto state Information Resources.
May I download necessary free applications or other files that would assist me in my work (e.g., Avery has free templates for some labels)?
Not without permission. Only personnel authorized by IOT may install applications onto state Information Resources. You may apply security patches or application updates if directed by IOT or your agency to do so. Avery templates are permitted.
May I send and receive personal e-mail from Websites like Hotmail?
Yes as long as this is within your agencies limited use policy. However, you should be very careful. You can be disciplined if you infect your work computer through negligence including through accessing your personal email.
May I send personal e-mail (to set up lunch, etc.) from my state e-mail account?
Yes, subject to the Appropriate Use and your agency’s limited use policies.
May I use or download another application to check email?
No. Only the state e-mail account and pre-approved Web mail may be used.
Should I respond to a spam message to follow its "unsubscribe" instructions?
No. Often following "unsubscribe" instructions in spam merely confirms to the person sending the spam that they have reached a valid email address, and thus could actually increase spam. The appropriate action is to report the receipt of spam to the IOT Postmaster so they may then attempt to block it.
May I place personal appointments on my calendar in Microsoft Outlook?
Yes. Electronic calendars are useful tools for scheduling meetings because other users can check your availability. Thus it is helpful to place times that you will be unavailable for personal reasons on your calendar as well. If desired, you may mark personal appointments as "Private" by checking the box in the bottom right corner in the appointment dialog box.
May I store personal email addresses and phone numbers in my Microsoft Outlook account?
May I share my passwords with my assistant for e mail?
No. Due to the sensitive nature of computer files, sharing computer passwords is prohibited. You can set up your e-mail files, however, to permit your assistant to read, author, or edit your e-mail and calendar items. For assistance, please contact the IOT help desk.
How do I get work completed at home onto my state computer?
State information should not be stored on your home computers or any personal storage device. You should use approved remote access tools to work from home if necessary (Citrix or VPN). If you must store data on an external device it should always be stored on a State provided flash drive, not your PCs local drive. The drive you will be provided will be encrypted. You should report it if lost but the information will not be readable by anyone finding it. This drive must be turned in to your manager when your employment changes.
You should not burn information to CDs or DVDs. This creates an additional, easily lost, and likely unencrypted instance of State information.
May I copy files from my state computer onto a flash drive to work on at home?
Yes, as long as the flash drive is provided to you by your agency. Use of a personal flash drive is strictly prohibited. You should not copy work files to take home onto a CD or DVD.
Can I email files to my personal account to work on over the weekend?
No. State information should not be emailed to personal email accounts. An instance of that information is created and stored in a location outside of the State’s control.
May I "Remote Desktop" to my home computer?
No. Connecting to a Remote Desktop outside of the state's firewall opens Information Resources to security risks.
May I use GoToMyPC or LogMeIn to access my work computer?
No. The approved methods of accessing the State network are Citrix and VPN services provided by IOT.
May I listen to Internet radio on my computer?
Internet radio is not available to users on the State network because of the potential increases in our cost of bandwidth. Internet radio is available to some users needing it to perform their job. However, this exception is to enable targeted use to meet a particular business need and not for general use.
CDs may be listened to during business hours with agency permission. CDs should not be copied to either local or network drives of state equipment.