Acceptable Use of State Systems Policy
Date Issued (revised): December 9. 2019 (Addendum added November, 2006)
Date Effective: immediately
Supersedes: May, 2006
Changes: Eliminate all references to the Department of Information Technology (DOIT).
The purpose of this document is to provide common standards for the use of State of Connecticut Executive Branch electronic communications, including but not limited to electronic mail systems (E-mail), the Internet, computers, laptops and related technologies and equipment (herein referred to as “State systems”).
The intent of this policy is to provide information concerning the appropriate and inappropriate use of State systems. Examples are included in order to assist readers with the intent of specific sections of this policy. However, the examples contained within this policy do not exhaust all possible uses or misuses.
Please refer to the Addendum for Frequently Asked Questions (FAQ's) containing additional information.
E-mail or electronic mail refers to the electronic transfer of information typically in the form of electronic messages, memoranda, and attached documents from a sending party to one or more receiving parties via an intermediate telecommunications system. E-mail is the means of sending messages between computers using a computer network. E-mail services, as defined by this policy, refer to the use of state-provided electronic mail systems.
Internet refers to a “worldwide system of computer networks - a network of networks in which users at any one computer can, if they have permission, get information from any other computer (and sometimes talk directly to users at other computers). The world-wide web is the most widely used part of the Internet, (often abbreviated "WWW" or called "the Web").
Intranet refers to an internal network or website within an organization. The main purpose of an intranet is to share company information and computing resources among employees.
CTNET refers to the equipment and services which provide State of
Scope of Policy
This policy covers all State of
This policy does not apply to the Judicial or Legislative Branches of government. However, these branches may consider adopting any or all parts of this policy for use within their own branches.
In accordance with C.G.S. §4d-8(a), the Office of Policy and Management is responsible for developing and implementing policies pertaining to information and telecommunication systems for state agencies.
Executive Branch agencies are responsible for providing all users with a copy of this policy, obtaining a signed acknowledgment of receipt from each user, and keeping a copy of the signed acknowledgement on file.
Agencies may establish additional restrictions regarding the use of State systems within their local environments. Should conflict exist between this policy and an agency policy, the more restrictive policy would take precedence.
Distribution of software within or between State agencies may be subject to more restrictive agency computer use policies. When in doubt, users are urged to inquire about all applicable restrictions.
The Director of Human Resources (or person serving in this capacity) within each State agency is responsible for addressing individual employee questions concerning this policy and the appropriate use of State systems. The Office of Labor Relations and the Chief Information Officer (CIO) of the Department of Administrative Services, Bureau of Enterprise Services and Technology (DAS-BEST) will serve as consultants to agencies in this regard.
Ownership of Messages, Data and Documents
State systems and all information contained therein are State property. Information created, sent, received, accessed or stored using these systems is the property of the State.
No Presumption of Privacy
All activities involving the use of State systems are not personal or private; therefore, users should have no expectation of privacy in the use of these resources. Information stored, created, sent or received via State systems is potentially accessible under the Freedom of Information Act. Pursuant to Public Act 98-142 and the State of
As a user, it is important to identify yourself clearly and accurately in all electronic communications. Concealing or misrepresenting your name or affiliation is a serious abuse. Using identifiers of other individuals as your own constitutes fraud. This includes but is not limited to using a computer Logon ID other than the individual User ID authorized. Individuals may not provide their passwords or logon ids to others.
Users should also be mindful that the network is a shared resource and be aware of the impact of their activities on other users. For example, a user with a need to frequently move large files across CTNET should consider scheduling this to occur during off hours so as not to degrade network performance.
Usage of State Systems
State systems are provided at State expense and are to be used solely to conduct State of
System usage must be in accordance with each user’s job duties and responsibilities as they relate to the user’s position with the State of
Examples of Acceptable Use of State Systems
Examples of acceptable use of State systems include job-related activities involving any of the State systems and in accordance with the above criteria. The following items are examples of acceptable activities:
E-mail: sending and receiving correspondence for job related purposes; communicating with local governments, vendors, other state agencies and/or employees, etc., on work-related issues; collaborating with other organizations, states, and the federal government about initiatives and projects of interest to
Internet: researching state and federal legislation and regulations as they pertain to the user’s State position; obtaining information useful to users in their official capacity.
Misuse of State Systems
State systems are provided at State expense and are to be used solely to conduct State of
Examples of Unacceptable Use of State Systems
Any and all personal activities involving any of the State systems. The following items are examples of prohibited activities; however, users are reminded prohibited activities are not limited to these examples:
Email: creating or forwarding jokes, chain messages, or any other non-work related messages; checking and/or responding to personal e-mail via another (second party) e-mail system such as Yahoo! or Hotmail; sending or forwarding messages referring to political causes or activities; messages concerning participation in sports pools, baby pools or other sorts of gambling activities; religious activities; stock quotes; distribution groups or “listservs” for non-work related purposes; solicitations or advertisements for non-work related purposes.
Internet: pirating software; stealing passwords; hacking other machines on the Internet; participating in the viewing or exchange of pornography or obscene materials; engaging in other illegal or inappropriate activities using the Internet; personal job searches; shopping on-line for non-work related items; checking/viewing stocks or conducting any personal financial planning activities.
Use of a personal Internet account using state systems is strictly prohibited.
Any usage of CTNET for illegal or inappropriate purposes is prohibited. Illegal activities are violations of local, state, and/or federal laws and regulations (please see Connecticut General Statutes, §53a-251). Inappropriate uses are violations of the appropriate use of State systems, as defined in this document.
Failure to identify the author(s) of information accessed and obtained through CTNET (i.e., that which is subject to copyright laws, trademarks, etc.)
Connecting personally owned hardware or installing and/or using non-State licensed software. State policy on downloading software is included in Connecticut Software Management Policy. See “Additional Resources” below.
Any unauthorized access to any computer system, application or service.
Any activities for private, commercial purposes, such as business transactions between individuals and/or commercial organizations.
Any usage that interferes with or disrupts network users, services, or computers. Disruptions include, but are not limited to, distribution of unsolicited advertising, and deliberate propagation of computer viruses.
Any activities where users engage in acts that are deliberately wasteful of computing resources or which unfairly monopolize resources to the exclusion of others. These acts include, but are not limited to, broadcasting unsolicited mailings or other messages, creating unnecessary output or printing, or creating unnecessary network traffic.
Public Act No. 98-142, An Act Requiring Notice to Employees of Electronic Monitoring by Employers, and the State of Connecticut’s “Electronic Monitoring Notice” -
“Electronic and Voice Mail Management and Retention Guide for State and Municipal Government Agencies” – http://ctstatelibrary.org/wp-content/uploads/2015/05/GL2009-2-EmailManagement.pdf
Connecticut Software Management Policy by the State of