Know what your county is doing—before it affects you.

Home›Counties›Montgomery County›Meetings›Hamilton County Commission Commission Meeting — 2012-02-06

VOTING SESSION

Hamilton County Commission Commission Meeting — 2012-02-06

31 agenda items, 2 approved, 0 rejected.

February 6, 2012

MEETING SUMMARY

Approved

Rejected

Tabled

Total Items

Attendance roll pending

AGENDA & VOTES

FREE PREVIEW

ITEM 1·GENERAL

Kurt Bryant – Presentation regarding emailing through internet

TABLED

ITEM 10·GENERAL

Information Systems will manage security policies, network, application, and data access

Information Systems will manage security policies, network, application, and data access centrally using whatever technology solutions it deems suitable. Any attempt to contravene or bypass that security implementation will be deemed an intrusion attempt and will be dealt with in accordance with Montgomery County’s overarching security policy.

TABLED

ITEM 11·GENERAL

Employees, contractors, and temporary staff will follow all enterprise-sanctioned data

Employees, contractors, and temporary staff will follow all enterprise-sanctioned data removal procedures to permanently erase company-specific data from such devices once its use is no longer required. See http://www.mcgtn.org/information-systems for detailed data wipe procedures for mobile devices.

TABLED

ITEM 12·GENERAL

In the event of a lost or stolen mobile device, it is incumbent on the user to report the

In the event of a lost or stolen mobile device, it is incumbent on the user to report the incident to Information Systems immediately. The device will be remotely wiped of all data and locked to prevent access by anyone other than Information Systems. This action will restore the device to its factory default settings. If the device is recovered, it can be submitted to Information Systems for re-provisioning. The remote wipe will destroy all data on the device, whether it is related to county business or personal. This data is not recoverable on the device itself, but can usually be restored from a backup on another device (e.g. a personal computer) if the mobile device remains in or returns to the user’s possession, or a new device is able to store the backup. It is recommended that users back up their personal data frequently to minimize loss if a remote wipe is necessary. By signing this document the user understands that their personal data may be erased in the rare event of a security breach, must be agreed with before connecting the device to corporate resources. When a remote wipe is initiated by the Information Systems department, the user’s mobile device will be wiped of all data and restored to its factory default settings. The wipe is not limited to corporate data. Data that the employee has added to the device for personal use will also be deleted. This data is not recoverable on the device itself, but can usually be restored from a backup on another device (e.g. …

TABLED

ITEM 17·GENERAL

Non-Business usage of a mobile device to capture images, video, or audio, whether

Non-Business usage of a mobile device to capture images, video, or audio, whether native to the device or through third-party applications, is prohibited within the workplace. Help & Support

TABLED

ITEM 18·GENERAL

Information Systems reserves the right, through policy enforcement and any other means

Information Systems reserves the right, through policy enforcement and any other means it deems necessary, to limit the ability of end users to transfer data to and from specific resources on the enterprise network.

TABLED

ITEM 19·GENERAL

Employees, contractors, and temporary staff will make no modifications to the hardware

Employees, contractors, and temporary staff will make no modifications to the hardware or software that change the nature of the device in a significant way (e.g. replacing or overriding the operating system) without the express approval of Montgomery County’s Information Systems department. Organizational Protocol

TABLED

ITEM 20·GENERAL

Information Systems can and will establish audit trails, which will be accessed, published,

Information Systems can and will establish audit trails, which will be accessed, published, and used without notice. Such trails will be able to track the attachment of an external device to the corporate network, and the resulting reports may be used for investigation of possible breaches and/or misuse. The end user agrees to and accepts that his or her access and/or connection to Montgomery County’s networks may be monitored to record dates, times, duration of access, etc., in order to identify unusual usage patterns or other suspicious activity. This monitoring is necessary in order to identify accounts/computers that may have been compromised by external parties.

TABLED

ITEM 21·GENERAL

The end user agrees to immediately report to his/her manager and Montgomery

The end user agrees to immediately report to his/her manager and Montgomery County’s Information Systems department any incident or suspected incidents of unauthorized data access, data loss, and/or disclosure of company resources, databases, networks, etc.

TABLED

ITEM 22·CONTRACTS

Montgomery County may reimburse employees for phone/data plans if they choose to

Montgomery County may reimburse employees for phone/data plans if they choose to purchase their own mobile devices. Users will be given a stipend to cover basic mobile network usage costs and/or phone plan up to $50 per month. Reimbursement eligibility will be determined by each Department Head/Elected Official’s discretion depending on job and mobility requirements Reimbursement details are available at Human Resources.

TABLED

ITEM 23·GENERAL

Every mobile device user will be entitled to, and expected to attend, a training session

Every mobile device user will be entitled to, and expected to attend, a training session about this policy. While a mobile device user will not be granted access to corporate resources using a mobile device without accepting the terms and conditions of this policy, employees are entitled to decline signing this policy if they do not understand the policy or are uncomfortable with its contents. Page 6

TABLED

ITEM 24·ZONING

Any questions relating to this policy should be directed to Kurt Bryant in Information

Any questions relating to this policy should be directed to Kurt Bryant in Information Systems, at kmbryant@mcgtn.net. A copy of this policy can be found at www.mcgtn.org/human-resources/policies Policy Non-Compliance Failure to comply with the Personal Mobile Device Acceptable Use Policy may, at the full discretion of the county, result in the suspension of any or all technology use and connectivity privileges, disciplinary action, and possibly termination of employment. The Immediate Manager or Director will be advised of breaches of this policy and will be responsible for appropriate remedial action. Confidentiality Any county employee utilizing personal mobility device(s) as defined in this policy to access the Montgomery County network may be subject to the Open Records law of Tennessee pursuant to T.C.A. Title 10 Chapter 7 or other applicable provisions thereof. Page 7 Employee Declaration I, [employee name], have read and understand the above Personal Mobile Device Acceptable Use Policy, and consent to adhere to the rules outlined therein. ___________________________________ _______________________________ Employee Signature Date ___________________________________ _______________________________ Manager Signature Date ___________________________________ _______________________________ Information Systems Director Signature Date . 12-2-2 RESOLUTION REQUESTING THAT THE GENERAL ASSEMBLY REPEAL T.C.A. §33-7-304 PUBLIC CHAPTER 531 SECTION 45 AND TO REQUIRE THE STATE OF TEN…

vote

APPROVED

ITEM 4·INFRASTRUCTURE

Highway Dept

Highway Dept. – 2012 County Road System List (requires approval) ANNOUNCEMENTS ADJOURN 12-2-1 RESOLUTION TO ADOPT A MONTGOMERY COUNTY PERSONAL MOBILE DEVICE ACCEPTANCE USE POLICY WHEREAS, with the advent of current technology, many county departments will benefit from the utilization of various mobile devices in day-to-day operations; and WHEREAS, this Board of County Commissioners finds it to be in the best interest of efficient county government that a uniform policy be adopted for the use of said mobile devices; and WHEREAS, a copy of said policy is attached hereto as Exhibit A; and WHEREAS, the adoption of said mobile device policy will provide cost savings in addition to increased efficiency and productivity. NOW, THEREFORE, BE IT RESOLVED by the Montgomery County Board of Commissioners assembled on this 13 th day of February, 2012, that the Personal Mobile Device Acceptable Use Policy attached hereto as Exhibit “A” be approved. Duly passed and approved this 13 th day of February, 2012. Sponsor ______________________________ Commissioner _____________________________ Approved _____________________________ County Mayor Attested ____________________________ County Clerk Page 1 Personal Mobile Device Acceptable Use Policy Purpose The purpose of this policy is to define standards, procedures, and restrictions for end users who have legitimate business uses for connecting a personally-owned mobile device to Montgomery County’s corporate network. This mobile device policy appl…

vote

APPROVED

ITEM 5·GENERAL

Employees using mobile devices and related software for network and data access will,

Employees using mobile devices and related software for network and data access will, without exception, use secure data management procedures. All mobile devices must be protected by a strong password; a PIN is not sufficient. All data stored on the device must be encrypted using strong encryption. See Montgomery County’s password and encryption policy at http://www.mcgtn.org/information-systems for additional background. Employees agree to never disclose their passwords to anyone, even to family members, if business work is conducted from home. Page 4

TABLED

ITEM 6·GENERAL

All users of mobile devices must employ reasonable physical security measures

All users of mobile devices must employ reasonable physical security measures. End users are expected to secure all such devices whether or not they are actually in use and/or being carried. This includes, but is not limited to, passwords, encryption, and physical control of such devices whenever they contain enterprise data.

TABLED

ITEM 7·GENERAL

Any non-county computers used to synchronize with these devices will have installed up-

Any non-county computers used to synchronize with these devices will have installed up- to-date anti-virus and anti-malware software deemed necessary by Montgomery County’s Information Systems department. See http://www.mcgtn.org/information- systems for anti-virus requirements and recommendations.

TABLED

ITEM 9·GENERAL

Any mobile device that is being used to store Montgomery County data must adhere to

Any mobile device that is being used to store Montgomery County data must adhere to the authentication requirements of Montgomery County’s Information Systems department. In addition, all hardware security configurations must be pre-approved by Montgomery County’s Information Systems department before any enterprise data- carrying device can be connected to the corporate network.

TABLED

DOCUMENTS

february_6_2012

Agenda

Get every motion, every vote

Pro members can search across every meeting, see how each commissioner voted on every item, and export the data.

Start Free Trial

$29/month after 7-day trial. Cancel anytime.

Hamilton County Commission Commission Meeting — 2012-02-06

AGENDA & VOTES

Kurt Bryant – Presentation regarding emailing through internet

Information Systems will manage security policies, network, application, and data access

Employees, contractors, and temporary staff will follow all enterprise-sanctioned data

In the event of a lost or stolen mobile device, it is incumbent on the user to report the

Theft of the device

Loss of the device

Termination of employment in which the user has not already cleared corporate data by

Usage of location-based services and mobile check-in services, which use GPS

Non-Business usage of a mobile device to capture images, video, or audio, whether

Information Systems reserves the right, through policy enforcement and any other means

Employees, contractors, and temporary staff will make no modifications to the hardware

Ed Baggett - Nominating Committee

Information Systems can and will establish audit trails, which will be accessed, published,

The end user agrees to immediately report to his/her manager and Montgomery

Montgomery County may reimburse employees for phone/data plans if they choose to

Every mobile device user will be entitled to, and expected to attend, a training session

Any questions relating to this policy should be directed to Kurt Bryant in Information

Mayor Carolyn Bowers - County Mayor Nominations and Appointments

Highway Dept

Employees using mobile devices and related software for network and data access will,

All users of mobile devices must employ reasonable physical security measures

Any non-county computers used to synchronize with these devices will have installed up-

Passwords and other confidential data as defined by Montgomery County’s Information

Any mobile device that is being used to store Montgomery County data must adhere to

DOCUMENTS

Get every motion, every vote