DOT.Comm Oversight Committee Policy



Similar documents
DEPARTMENT OF MENTAL HEALTH POLICY/PROCEDURE

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

CENG Information Technology Services University of North Texas

CITY OF WAUKESHA HUMAN RESOURCES POLICY/PROCEDURE POLICY B-20 SOFTWARE USAGE AND STANDARDIZATION

Miami University. Payment Card Data Security Policy

Franciscan University of Steubenville Information Security Policy

NETWORK INFRASTRUCTURE USE

SAO Remote Access POLICY

LANDesk Data Analytics

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box Phone: Midland, Texas Fax:

Data Management Policies. Sage ERP Online

Software License and Hardware Use October 3, 2011

Information Technology Cyber Security Policy

INFORMATION SECURITY OVERVIEW

U.S. DEPARTMENT OF THE INTERIOR OFFICE OF SURFACE MINING RECLAMAION AND ENFORCEMENT DIRECTIVES SYSTEM

Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis

Dynamic Service Desk. Unified IT Management. Solution Overview

Device Lifecycle Management

LOS ANGELES UNIFIED SCHOOL DISTRICT POLICY BULLETIN

Managed Information Technology Services For the Town of Moraga

Information Resources Security Guidelines

Automated IT Asset Management Maximize organizational value using BMC Track-It! WHITE PAPER

CHAPTER 15 FDOT INTERNET REQUIREMENTS

Boston Public Schools. Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and. Technology Resources

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:

Managed IT Services. Maintain, manage and report

Caldwell Community College and Technical Institute

Get what s right for your business. Technologies.

Quick Start Guide. Version R9. English

Virginia Commonwealth University School of Medicine Information Security Standard

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee

Information Security Program Management Standard

Altiris Asset Management Suite 7.1 from Symantec User Guide

Advanced Configuration Steps

Appendix D to DIR Contract No. DIR-SDD SYNNEX Corporation STATEMENT OF WORK / SUPPLEMENTAL AGREEMENT for <DIR CUSTOMER> END USER SERVICES

WHITE PAPER. Automated IT Asset Management Maximize Organizational Value Using Numara Track-It! p: f:

Workstation Management

UNIVERSITY GUIDEBOOK. Title of Policy: Acceptable Use of University Technology Resources

MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY

Acceptable Use Policy

Request for Proposals (RFP) Managed Services, Help Desk and Engineering Support for Safer Foundation

The Protection Mission a constant endeavor

1. Provide hardware/software installation, updates, configuration, troubleshooting and resolution.

C-DAC Medical Informatics Software Development Kit End User License Agreement

Software Licence Terms and Conditions for the Provision of Software of WIELAND Dental + Technik GmbH & Co. KG for an Indefinite Period

HIPAA Security Training Manual

APPENDIX 5 TO SCHEDULE 3.3

University of Hartford. Software Management and Compliance Guidelines

Altiris Asset Management Suite 7.1 SP2 from Symantec User Guide

BCS Premier Services Service Description

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

Introduction and Purpose... 2 Scope... 2 Auxiliary units Part-Time, Temporary faculty/staff, Volunteer, Contractor and Student Assistants...

FOLLOW-UP OF PERSONAL COMPUTER LICENSING REPORT NO F. City of Albuquerque Office of Internal Audit and Investigations

Data Security Incident Response Plan. [Insert Organization Name]

Administration A. Superintendent. Technology Services Proposal. Board of Education Dr. Bruce Law Superintendent of Schools DATE: July

IMPLEMENTATION DETAILS

Network Security & Connection Policy

SOLARWINDS, INC. ipmonitor 8.0 MANAGER END USER LICENSE AGREEMENT REDISTRIBUTION NOT PERMITTED

Network and Workstation Acceptable Use Policy

University of Pittsburgh Security Assessment Questionnaire (v1.5)

Copyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience

HP Hardware Technical Support

LHRIC Network Support - Additional Service Features

Service from the Start Bronze with Comprehensive Coverage

HP Technical Phone Support service agreement ( Agreement ) terms and conditions

Dell Advanced Network Monitoring Services Service Description

SOFTWARE MANAGEMENT EXECUTIVE SUMMARY

University Managed Desktop Program. Desktop Computing Support Framework or

Your IT Helpdesk and On-Site and Remote Support Terms and Conditions. Document Revision 1 Sept 09

BUDGET LETTER PEER-TO-PEER FILE SHARING , , EXECUTIVE ORDER S-16-04

COMPUTER USE POLICY. 1.0 Purpose and Summary

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course

Patch Management Policy

DETAIL AUDIT PROGRAM Information Systems General Controls Review

CSG Windows Support Policy

Answer: C. Answer: C. Answer: B

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

S o f t w a r e L i c e n s i n g A g r e e m e n t /T e r m s (End-user Licensing Agreement EULA)

MODULE 3 LICENSED SOFTWARE. Page 2 of 9

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

GoldMine Datasheet Title. Subtitle: Reinvent your Sales, Marketing and Support Proceses. IT Must Innovate to Meet Rising Business Expectations

Managed Service Plans

Supplier Information Security Addendum for GE Restricted Data

ADDENDUM 5 TO APPENDIX 5 TO SCHEDULE 3.3 DESKTOP COMPUTING

Commercial Software Licensing

HP PC Helpdesk Service

DHHS Information Technology (IT) Access Control Standard

Service Schedule for CLOUD SERVICES

Guidelines for Distributed Computing Administration and Security

Customized Cloud Solution

VDI can reduce costs, simplify systems and provide a less frustrating experience for users.

The Internet and 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3

GETTING STARTED WITH A COMPUTER SYSTEM FACTSHEET

Device Management Module (North America)

SUPPLIER SECURITY STANDARD

COUNTY OF ORANGE, CA Schedule 2D Service Desk Services SOW SCHEDULE 2D SERVICE DESK SERVICES SOW. for. Date TBD

Service Level Agreement

Transcription:

DOT.Comm Oversight Committee Policy Enterprise Computing Software Policy Service Owner: DOTComm Operations Effective Date: TBD Review Schedule: Annual Last Review Date: Last Revision Date: Approved by: DOT.Comm Oversight Committee Purpose Pursuant to the duties and responsibilities outlined in the Interlocal and to demonstrate the commitment of DOTComm to manage software as a valuable asset, ensure compliance with software license agreements and prevent copyright infringement. To ensure that software assets are updated to prevent security vulnerabilities. This document establishes a policy for the purchase, installation, and use of computer software and provides safeguards against software copyright infringement. Policy The Douglas-Omaha Technology Commission is committed to procuring installing and managing software assets in compliance with its legal obligations and for the maximum benefit of the departments and employees. DOTComm, designated department personnel or authorized vendors shall install and use only licensed software on all platforms, including but not limited to desktops, laptops, tablets, mobile phones, and servers. It is intended that DOTComm, designated department personnel or authorized vendors shall acquire, reproduce, distribute, transmit, use and maintain computer software in compliance with applicable state and federal regulations, including copyright laws. Users include DOTComm, City and County employees, state agency employees, contractors, vendors and interns who connect to the enterprise network. Users shall comply with the terms and conditions of the applicable software license agreements and shall not knowingly use unauthorized software. Software Use: All computer software bought or leased for use is considered government property and shall be protected as such.

All computer software developed by DOTComm employees or contract workers is considered government property and shall be protected as such. Users of information resources are responsible for notifying their supervisor and the Service Desk of the presence or suspected presence of any unauthorized software installed or running on IT assets. Users that receive authorization to download, install or execute software shall halt any download immediately if a click-wrap or End User License Agreement (EULA) is encountered and notify the Service Desk to ensure that a review of this agreement has been completed. Software Copies Unless otherwise provided in the software license agreement, reproducing copyrighted software, except for backup and archival purposes, is a violation of the U.S. Copyright Law and this policy. License and Media Control All license agreements and proof of ownership for software shall be centrally managed in the Desktop Support offices of DOTComm. Each network device is required to have a valid user connection license. (Client Access License, Network Option, Enterprise Version, etc.) Each network device is required to be supported through an appropriately licensed and valid manufacturer supported Operating System. Through the use of software management tools, the Desktop Support offices of DOTComm shall keep and maintain a catalog of all software licenses owned and deployed and shall coordinate any necessary actions with affected users to keep the enterprise in compliance with all license agreements. The catalog will include, but is not limited to, the following information about the software: Software Title Vendor / Reseller Maintenance Period of Service Manufacturer / Publisher License Quantity Purchase Order All licenses, keys, serial numbers, media, documentation, registration cards and other identifying information pertaining to agency software must be delivered to the Desktop Support offices of DOTComm. This will allow for a single point of accountability and enhance supportability for re-installation of software. The supported Desktop Microsoft Operating System software versions are Microsoft Windows Professional or Enterprise. Exceptions and Exclusions to this policy are made on a case by case basis based on the best decisions for the enterprise and the client s business operations. All exceptions and exclusions from this policy are made

through a joint agreement of the City and County Information Technology Coordinators, (ITCs), and DOTComm Chief Information Officer, (CIO). Those excluded devices will not be eligible for any Service Level Agreements including service requests, projects and issue resolution. Also, items in the exclusion list will not be eligible for escalation in priority for acquisition, repair or installation. Best effort to restore the affected unit to normal operating parameters will be provided. See exclusion rider for systems which are excluded from Service Level Agreements. Software considered critical to a departments operation is not eligible for the exemption and exclusion process and maintenance must be active. Personally Owned Software Users shall not install, use or distribute personally-owned software on enterprise assets. Users with a legitimate business requirement for specialized user owned software shall follow the DOTComm Service Desk software request process to obtain approval for the software. Software Inventory and Periodic Reviews DOTComm Desktop Support shall conduct routine inventory activities to validate and account for all agency software assets, including installed software and available assets which are not installed. This will be done using software management tools. Strategies to ensure license compliance include the following: 1. Software Inventory: Workstations shall be scanned on a routine basis to detect and inventory all software residing on the agency s workstations. All workstations shall be periodically scanned to detect specific software. (e.g., all copies in use of Microsoft Visio software) Periodic software license compliance reviews may be triggered by: a) Requests for software using the Software Request Form; b) Software upgrade requirements; and c) Software usage analysis. 2. Maintenance Renewals All maintenance renewals shall be reviewed by the CIO and ITCs to ensure that the software is owned, installed, used and still required before software maintenance is renewed. Software Evaluation and Testing Prior to obtaining a software product, an evaluation may be conducted to determine the viability of using the software in the enterprise infrastructure. Software publishers and vendors may provide evaluation copies of software free of charge for limited use or a limited period with an option to purchase

or return upon review. In all instances a software request must be entered and approved by the DOTComm Service Desk prior to commencing the evaluation. Use of evaluation copies of software may be allowed only when the following conditions are met: Employee has a legitimate business requirement and provides a valid justification for the use of the software. Employee has authorization from the applicable department manager to use the software. (Authorization can be done through email) Software evaluation will require coordination through the DOTComm Change Control Process. Authorization Glossary U.S. Code, Title 17, Copyright Act of 1976 The rights granted to the owner of a copyright are clearly stated in the Federal Copyright Act, Title 17 of the U.S. Code. Software is automatically protected by federal copyright law from the moment of its creation. Persons who purchase a copy of software have no right to make additional copies without the permission of the copyright owner, except for the rights to (1) copy the software onto a single computer and (2) to make another copy for archival purposes only. Interlocal Agreement City of Omaha: City Personnel Policy #32 Computer and Network Use Employee Rights and Privileges Douglas County Civil Service Commission Personnel Policy Manual Article 21: Internet, Computer, and Software Usage DOT.Comm Computer and Network Use Policy Designated Department Personnel - People within the departments who have been granted administrative access to Network Devices for the purpose of installing, removing or updating software. Enterprise Network - A proprietary system of integrating computing devices for file sharing and storage, print and communication resources within a closed network. Access to an enterprise network requires specific rights and privileges to be explicitly granted to individuals and groups. Authority to use network resources is provided through the purchase of user connection licenses. Evaluation copies of Software - These are full or partial versions of software assets made available to prospective buyers for the purpose of test driving. They usually have automatic expiration dates or limited use provisions in the licensing documentation. IT Asset - In the IT world an IT asset is any resource, tangible or intangible that is capable of being owned or controlled to produce value and that is held to have positive economic or business process value. (PCs, Printers,

Network switches, router, or software used in the enterprise) Network Access Policy - Policies adopted by the DOTComm Oversight Committee to allow authorized access and prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network Device - Any device equipped with an operating system and accessed by a user on a properly licensed and configured network. Operating System - Basic computer software that allows the device to be useful as a computer capable of running organic and third party software. Personally Owned Software - Software not purchased by a department or government entity. Software individually owned or possessed by a network user. Software Assets - Software assets include Desktop and Server operating systems, user productivity suites, Commercial Off the Shelf software and third party developed software. Software Management Tools - Software products for managing large groups of computers as well as various mobile devices such as mobile phones and tablet computers. Software provides remote control, patch management, software distribution, operating system deployment, network access protection and hardware and software inventory. Users - Individual computer operators who are authorized to log into an enterprise computer network for the purpose of accessing resources needed for file sharing and storage, printing and communications. User Connection License - This is a system through which access to a proprietary enterprise network of integrated computing devices for file sharing and storage, print and communication resources is provided and paid for. A click-wrap agreement or EULA is a license agreement that is commonly presented prior to downloading or during the installation or execution of a software product Such agreements typically require the user to click on a button or icon that states ok or agree before downloading, installing or executing the software. By clicking on the button or icon, the user would contractually obligate City and County to the terms and conditions of the software licensing agreement. Annexes: Exception Rider: This will be a list of IT Assets that are excluded Existing Software Management: This will be a list of known existing software that does not meet the policy and a remediation plan Existing Software Maintenance: This will be a list of software that does have maintenance and a list without including remediation plans.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information