HomeMy WebLinkAbout20053118.tiff WELD COUNTY
CODE ORDINANCE 2005-13
IN THE MATTER OF REPEALING AND REENACTING, WITH AMENDMENTS, CHAPTER 9
INFORMATION SERVICES, OF THE WELD COUNTY CODE
BE IT ORDAINED BY THE BOARD OF COUNTY COMMISSIONERS OF THE COUNTY OF
WELD, STATE OF COLORADO:
WHEREAS,the Board of County Commissioners of the County of Weld, State of Colorado,
pursuant to Colorado statute and the Weld County Home Rule Charter, is vested with the authority
of administering the affairs of Weld County, Colorado, and
WHEREAS, the Board of County Commissioners, on December 28, 2000, adopted Weld
County Code Ordinance 2000-1,enacting a comprehensive Code for the County of Weld,including
the codification of all previously adopted ordinances of a general and permanent nature enacted
on or before said date of adoption, and
WHEREAS, the Weld County Code is in need of revision and clarification with regard to
procedures, terms, and requirements therein.
NOW, THEREFORE, BE IT ORDAINED by the Board of County Commissioners of the
County of Weld, State of Colorado, that Chapter 9, Information Services, of the Weld County Code
be, and hereby is, repealed and re-enacted, with amendments, to read as follows.
CHAPTER 9
INFORMATION SERVICES
Throughout Chapter 9, replace "The Department of Information Services" with "Information
Services".
Throughout Chapter 9, replace "SCT" Corporation with "ACS" Corporation.
Throughout Chapter 9, replace the subcommittee "Human Services" with "Health and Human
Services".
Throughout Chapter 9, replace"Geographical Information System (GIS) Division"with "GIS", and
replace "the Division"with "GIS".
ARTICLE I
INFORMATION SERVICES
Sec. 9-1-70. Specific duties and responsibilities of Governance Committee.
A through G - No change.
H. Communication and enforcement of policies and procedures.
Sec. 9-1-80. Specific duties and responsibilities of users.
2005-3118
PAGE 1 ORD2005-13
The specific duties and responsibilities of each user are as follows:
A. General responsibilities:
1. Designate a management level position to act as a d0 0u ici Ital ink,rmatiu r
services liaison who provides management liaison between the user
department, Governance Committee and tie maiiaycnn,i it If]vm tln,
Department of Information Services.
2 through 3 - No change.
B. No change.
C. New system development responsibilities:
1 through 5 - No change.
6. Maintain communication with the management of the Department of
Information Services non, development pit,jc,,ta by attending regularly
scheduled management review meetings.
Sec. 9-1-90. Specific duties and responsibilities of Department of Information Services via
contract services.
The following specific duties will be assigned to the Department of Information Services:
A and B - No change.
C. Direct action responsibilities:
1. Represent the County to vendors of computer and data communications
equipment, systems and services.
2. Provide for the acquisition and administration of personnel, hardware,
software, contracts, grants and related services necessary to support the
information services requirements of any user or the County in general.
3. Inform users in advance,and cun0kJertheir assessments of proposed major
of governance approved changes to hardware, software and related
resources which may affect their systems.
4- 16 - No change.
17. Allow for testing of new systems and major enhancements and technology
prior to production implementation.
178. Control and coordinate the funding to systems development for projects.
Remainder of Section - renumber.
ARTICLE II
INFORMATION SERVICES GOVERNANCE COMMITTEE
2005-3118
PAGE 2 ORD2005-13
Sec. 9-2-30. Role.
The role of the Information Services Governance Committee includes the following:
A through C - No change.
D. Identify the annual information system priorities and related budgetary impact.
These priority recommendations will become an integral part of the budget process
subject to adjustment during budget preparation/adoption, and upon final budget
approval, will be established as part of the Department of Information Services
annual work program. All projects must be reviewed and approved by the
Information Services Governance Committee before they can be added to the
Information Services annual work plan.
E through G - No change.
Sec. 9-2-80 Purpose and structure of subcommittees.
A through B - No change.
C. The responsibilities of the functional subcommittees are to:
1 through 4 - No change.
5. Ensure that user department systems design decisions are made in
accordance with annual information system work prog,a,110 plans and
approved project schedules.
6 through 8 - No change.
ARTICLE III
COUNTY NETWORK AND INTERNET ACCEPTABLE USE POLICY
Sec. 9-3-10. General provisions.
A. The Department of Information Services, in conjunction with the Information
Services Governance Committee(ICGC), has taken the necessary steps to provide
an a County Network and Internet Acceptable Use Policy(IAUP)on at..#t.ptabl.,use
of the Internet by County agencies and departments. Any County agency or
department eligible for, and having funding for, the Weld County network or the
Internet will be provided with access under the terms and conditions of this policy.
B through C - No change.
D. This policy applies to any activity performed from a County-owned asset and to all
County employees or contracted agents of the County performing work activities on
behalf of the County. Work activities conducted from remote devices or even
personally owned devices are subject to this policy, cacept limit this policy does not
apply to ail CI 1pluyca pct FIJI mng activtic3 solely as a ic-pubIk,Yai R}
with. ut the uoc f CLEF dy-.,v.ticd aaaeta. The policy applies to electronic
communications on County networks and public networks including, but not limited
to, the following:
2005-3118
PAGE 3 ORD2005-13
1. Electronic Communications:
a. E-mail.
b. File transfer(FTP).
c. Remote login, including VPN, and Citrix.
d. Remote control software.
e. Discussion groups/bulletin boards.
f. World Wide Web, Gopher, web servers, wide area information
servers (WAIS).
g. Personal computing devices, including Blackberrys, PDA's, and cell
phones.
h. Digital type devices that can communicate with personal computers
or public networks.
H3xx, such as video conferencing.
j. Voice over IP (VOIP).
2. Public Networks:
a. Internet and Internet Services.
b. America O .16.c, Compuca see, r'rodiyy, etc.Internet Service
Providers.
c. Online search services such as Dialog, Paperchase, etc.
d. D;al„t, I/Bulletin board systems.
ed. Weld County network.
e. On-line search services.
Sec. 9-3-20. Introduction.
Weld County network access and Internet access can provide significant business benefits
for County government agencies. However, there are also significant legal, security and
productivity issues related to how the Internet is used. Examples of such issues are listed below.
A. The potential to receive computer viruses Trojans, worms and spyware from
Internet information sources.
B through F - No change.
Sec. 3-2-25. Authorized County Network Access.
A. Secure New Employee Accounts. Authorized access to the County network for
new employees must be approved by the department head, elected official, or
designated person in the department. Requests for new employee security or
changes to existing security must be submitted using the Security Request Form
(Appendix 9-B).
1. Requests for new employee security must be submitted in advance - - at
least three days prior to hire date, and signed by department head, elected
official, or designated person.
2. All documentation authorizing user access to controlled computing and
information resources must be archived and retrievable upon request for all
active accounts. Requests will be retained for a period of five years.
2005-3118
PAGE 4 ORD2005-13
3. Requested access must be approved by the owner of the data.
4. Login passwords must meet the County required standard, as set forth in
Section 9-3-70.
5. Generic and shared accounts are strictly prohibited. All UserlD's must
uniquely identify users to the system.
B. Secure Employee Terminations.
1. All security requests for employee terminations within the County's
operations must be submitted prior to the last date of employment. Upon
the termination of an employee, all accounts for the employee, including
remote access and email, must be immediately suspended or removed from
all systems.
2. Notification for unplanned terminations must be communicated to
Information Services to immediately disable the account. Security request
forms are required for unplanned terminations,and must be approved by the
department head, elected official, or designated person in the department
to which the terminated employee was assigned.
Sec. 9-3-30. Definitions.
Add the following definitions:
FTP means file transfer protocol.
ISP means Internet Service Provider.
VPN means virtual private network.
Delete the following definitions:
Gopher or Internet gopher means a distributed document delivery service.
It lets users access various types of data residing on multiple hosts. This is done
by presenting the user menu documents and by using a client server
LVii,uiiufl;Ciatilfiflo model.
Sec. 9-3-40. Guidelines.
Replace the entire section with the following:
A. Responding to security incidents. All security incidents shall be reported to the IT
Help Desk for immediate escalation.
B. Responding to malfunctions and violations. All employees must play an active roll
in helping to assure the security and quality of all County applications by reporting
any continual malfunctions in software and hardware. In doing so, employees help
to assure the optimum performance and availability of business systems.
1. Employee obligation to report software malfunction. Any employee that
2005-3118
PAGE 5 ORD2005-13
observes continual or recurring malfunctions in any County software must
report the malfunction to their supervisor or the person responsible for that
software.
2. Employee obligation to report hardware malfunction. Any employee that
observes continual or recurring malfunctions in any County information
system hardware must report the malfunction to their supervisor or the
person responsible for hardware maintenance.
3. Employee obligation to report security and policy violations. Any employee
that observes the violation of security and/or security policy is obligated to
report the malfunction to their supervisor.
C. Employee responsibility. The security, protection, and integrity of County
information assets are a premier responsibility of all County employees and
contractors. It is each employee's responsibility to fully understand the information
security policies contained in this document and to apply these policies effectively
to their daily practices and routines. Should an employee be unable to perform, or
not fully understand any of the following policies, whether whole or in part, it is that
employee's responsibility to alert his or her manager as to their difficulty or
confusion with the policy or policies. It is each employee's duty and responsibility
to report to their immediate supervisor any and all violations of these policies that
he or she may have witnessed or have knowledge of.
D. Manager responsibility. It is the responsibility of all managers to assure that all
employees under their supervision fully understand and are in compliance with
these information security policies. Managers are responsible for keeping their
employees up-to-date on any changes regarding these policies. Should any
employee consistently break company policy, it is that manager's responsibility to
take disciplinary measures in accordance with applicable County disciplinary
policies or procedures. It is the responsibility of all managers to ensure that all
information assets under their domain are secured and managed in order to ensure
compliance with relevant polices and procedures.
E. Use of information systems and resources. Employees who are entitled to the
usage of County computing systems to perform the necessary functions identified
with their position, must not misuse or abuse computing systems and resources.
1. Compliance with software copyrights and licenses. All employees must
comply with and respect the copyright laws and license agreements of the
software licensed to the County for use on business computing systems.
2. Use of illegal software. Employees must not download and/or install pirated
or illegal software that violates existing copyright or license agreements.
3. Use of non-approved software. The County strictly forbids the downloading
or installation of non-county owned or licensed software on County
computing systems without prior consent from a supervisor.
4. Acceptable use of passwords. Each password owner shall safeguard and
protect each password they have created, or that is entrusted to them.
Password sharing and account sharing is strictly prohibited. Writing down
2005-3118
PAGE 6 ORD2005-13
passwords is not an acceptable practice; however, if passwords must be
written down, the information shall be stored securely and be accessible
only by the owner. Storing passwords via electronic file or programmable
function keys, scripts, macros or automated logon sequences is strictly
prohibited.
5. Security of the computer desktop through locking practices and
mechanisms. All users of a computing system must either lock the
computer desktop or log off of the system when walking away from a
computer terminal. Additionally, all computing systems covered by HIPAA
must employ the use of a locking screensaver or similar mechanism to
automatically enable after a minimum usage lapse of 5 minutes.
6. Transmission of sensitive information over unsecured networks. Employees
must not send highly sensitive information over unsecured networks without
the use of encryption to secure the transmission. Such examples would be,
but not be limited to:
a. Use of encryption when sending credit card information over the
Internet(look for"https" in the web page URL to assure encryption).
b. Sending confidential business information over unsecured,
non-county networks.
7. Tampering with security mechanisms. All County computing systems must
be equipped with security mechanisms to protect the information and
resources of each system. Employees are not to temper with, reconfigure,
or disable such mechanisms. Such mechanisms would include, but not be
limited to anti-virus software, access controls.
8. Possession of offensive material. County employees are not permitted to
access, view, download, upload, e-mail, store or print material that could be
considered inappropriate, offensive or disrespectful to others.
9. Communication of personal opinions. Employees must refrain from
expressing personal opinions or communicating in a way that could be
embarrassing to the County while using County computing and
communications systems.
10. Illegal access of computer systems. County computing systems must not
be used to obtain illegal access to computer systems, to interfere with the
normal operations of computer systems or to perform malicious acts against
a computer system.
11. Unauthorized testing of computing system security. Employees must never
test the security of computer systems, whether physical or logic based,
without written permission from senior management of both the facility from
where the test is being launched, and the facility where the system resides.
The only exception to this is if such security testing is a known part of the
employee's job description and function.
12. Disclosure of classified information. Employees must never disclose
2005-3118
PAGE 7 ORD2005-13
information that could be considered sensitive, classified or proprietary to
unauthorized persons.
13. User Data Storage. All employees using a County issued computing
workstation must store information relating to their job function on servers
designated for that purpose. This data should not be stored locally on the
workstation unless it is permitted by Information Services.
14. System Changes. Any software that allows configuration changes to
networks, computers and other hardware or software, should only be
installed by members of Information Services.
F. Use of e-mail systems and resources. Based upon the requirements of an
employee's job function, those with a legitimate business need for a county e-mail
account are entitled to the use of county e-mail systems. Such usage is for
enhancing productivity and communications. However, it is important that
employees not misuse or abuse e-mail systems and resources.
1. Acceptable use of e-mail. The use of county e-mail systems and resources
must be restricted to business purposes only. Incidental personal use is
permissible if such use does not interfere with employee productivity, does
not preempt any business activity, and does not consume more than a trivial
amount of county resources.
2. Transmission of offensive messages. Employees must refrain from
sending e-mail messages that may be considered lewd, offensive, or
harassing by or to other people.
3. Transmission of hostile messages. Employees must refrain from sending
e-mail messages that contain angry, violent, or threatening messages.
4. Transmission of disruptive messages. Employees must not participate in
sending, forwarding, or responding to e-mails that are of a disruptive or
coercive nature, such as the distribution of SPAM or chain letters.
5. Transmission of non-incidental, personal messages. Employees are not
permitted to send messages involving the petition or solicitation for personal
gain or interest.
6. Disclosure of login information. The county identifies passwords as highly
sensitive information. Account owners must never divulge their e-mail
account passwords and login information.
7. E-mail Privacy. All County e-mail is a public record and may be subject to
public inspection.
G. Use of Internet systems and resources. All employees who are granted Internet
access are encouraged to use the Internet as part of their daily work environment.
It is, however, important that employees not misuse or abuse County Internet
resources, which could result in disciplinary action by the County.
1. Acceptable Internet connectivity. Employees are only permitted to access
2005-3118
PAGE 8 ORD2005-13
the Internet for County business, using County computing systems,through
authorized County gateways.
2. Personal use of Internet connectivity. Use of County computing resources
to access the Internet must be for legitimate business purposes only.
Incidental personal use of Internet resources is permissible if the use does
not interfere with employee productivity, does not preempt any business
activity, and does not consume more than a trivial amount of County
resources.
3. Affiliation with the County. Employees may make public their affiliation with
the County in work related mailing lists, chat sessions, and other
communication resources on the Internet. This affiliation may be
accomplished directly or it may be implied; however, employees must
indicate that such opinions expressed are their own and not necessarily
those of the County.
4. Inappropriate use of Internet resources. Employees initiating or
participating in communications of an inappropriate or unprofessional way,
is strictly prohibited. Employees must refrain from the use of lewd,offensive
or hostile language when communicating using county resources. Likewise,
all Internet messages that are intended to harass, annoy or alarm persons
are similarly prohibited.
5. Inappropriate use of Internet resources for illegal access. Employees are
strictly prohibited from contacting or probing information systems,of County
origin or otherwise, with the intent to gain unauthorized access. Similarly,
employees must not attempt to disrupt or interfere with the operation or
function of any information systems.
6. Generation of excessive internet traffic. To minimize network traffic, no
automatic requests for information on the Internet and applications that
generate constant network traffic, e.g., Internet radio stations, channels,
music-sharing services, etcetera, are prohibited.
H. Use of networked systems and resources. All employees of the County are
granted access to the network. Employees will require access to the network for
Internet access, network storage, Internet access, etcetera. It is important that
employees not misuse or abuse this resource, which could result in disciplinary
action by the County.
1. Unauthorized testing of computing system security. Employees must never
test the security of network systems and resources, whether physical or
logic based. The only exception to this is if such security testing is a known
part of the employee's job description and function.
2. Disregard for security mechanisms. Employees must not attempt to bypass
security mechanisms as a means for creating shortcuts or for the
performance of pranks or practical jokes.
3. Unauthorized connections to non-county networks. It is strictly forbidden
for employees to establish unauthorized connections to other non-county
2005-3118
PAGE 9 ORD2005-13
networks, public or private, while connected to a County network. This
includes connecting to non-county wireless networks while connected to the
County network.
4. Use of modems on network connected systems. Remote access systems,
such as modems, are strictly prohibited. Such modems may be used for
specific isolated purposes; however, it must remain in a disconnected state
until the exact time that the system is needed. All modems must be
registered with Information Services.
5. Use of encryption for highly sensitive information. Employees must be
aware that when sending sensitive information over County or public
networks that the County does not use encryption to protect the contents of
such information by default. Therefore, it is the responsibility of all
employees to take the necessary precautions to encrypt highly sensitive
information when transmitting.
6. Network Privacy. County and Information Services employees must
understand that all communications using County resources may be
monitored for statistical, legal, and investigative purposes. County and
Information Services employees should expect no right of privacy to
communications made using County equipment and resources.
Use of remote access (VPN). Remote access into County networks is only
permissible through a County owned, Information Services administered, VPN
(Virtual Private Network) solution.
J. Compliance with legal requirements. All usage of commercial software within the
County must conform to all requirements and restrictions imposed by the licenses.
1. Compliance with software licenses and copyrights. All proprietary software,
either owned or purchased by the County, must be used in a way that does
not violate the license or copyright protecting the software.
2. Maintenance of software licenses. All commercial software licenses must
be maintained to assure that any violation of such licenses does not occur
due to the inability to track or control the use of software licensed to the
County. Installations of software must be documented and the licenses of
such software inventoried.
3. Use of pirated or stolen software. Installation of pirated or stolen software
on County information computing systems is expressly prohibited.
4. Recording of communications. Employees shall not record any
communications without the disclosure of the recording and the specific
consent of all persons involved in the communication. This includes, but is
not limited to:
a. Telephone conversations.
b. Teleconferences.
c. Video Conferences.
2005-3118
PAGE 10 ORD2005-13
Sec. 9-3-50. Roles and responsibilities.
A through B - No change.
C. The role of the County departments and agencies is as follows:
1. Act as the authorizing agent that allows access to the Inter iet.lt is the
responsibility of all managers to assure all employees under their
supervision fully understand, and are in compliance with, the County
policies. Managers are responsible for keeping employees up-to-date on
any changes regarding these policies. Should any employee consistently
break County policy, it is that manager's responsibility to take disciplinary
measures in accordance with applicable County disciplinary policies or
procedures. It is the responsibility of all managers to ensure all information
assets under their domain are secured, managed, and employee access is
limited to job-specific data.
2. Cnswe that guidelines arc followed.
3. Provide for training of employees who need access.
43. Budget for service and associated training, if needed.
54. Establish their own data sensitivity policy.
Sec. 9-3-70. Weld Network and Internet Security.
Replace the entire section with the following:
A. Weld County relies on internet filtering tools to restrict access to appropriate web
sites for County employees.
B. Department Heads or Elected Officials are the only authority who can request
changes to the default filter restrictions applied to their employees Internet access
(Appendix 9-B).
C. The following remote/Internet security guidelines shall be followed:
1. All remote access falls under the guidelines of the Acceptable Use Policy.
2. The user shall make sure that any related passwords are secure, and shall
not share the passwords or write passwords on paper. Each password
owner shall safeguard and protect each password they have created, or that
is entrusted to them. Password sharing and account sharing is strictly
prohibited. Storing passwords via electronic file or programmable function
keys, scripts, macros or automated logon sequences is strictly prohibited.
Each individual with approved access to County information computing
systems and resources is responsible for creating original, unique and
complex passwords(something known only to them and not easily guessed)
for each account.
3. The user is responsible for securing their remote access information.
2005-3118
PAGE 11 ORD2005-13
Sharing remote access in strictly prohibited.
4. All remote devices and access should be turned off when not being used,
such as VPN or modem. The user should be aware that if he or she has
a modem and is on the County network, it is possible for a virus to attack
any or all networked computers. If the modem is external, it shall be turned
off when not in use.
Add Section 9-3-75, as follows:
Sec. 9-3-75. Physical and Environmental Security Policy.
A. Internal security operations. All offices and office areas within Weld County
facilities must be secured,as appropriate,to prevent unauthorized access to county
information computing systems, resources and network, including the wireless
network.
1. A County-wide standard has been developed for wireless access and all
equipment. This standard includes access points, wireless cards and all
other related equipment. Equipment must be purchased by Information
Services. (See Section 9-1-90.)
a. Only County devices with approved wireless cards are allowed on
the wireless network.
b. Only County employees will be given wireless access.
c. The "Computing Device Request Form" (Appendix 9-D) must be
completed and approved by governance.
d. Approved devices will need to be configured by Information Services
for secure access to the County wireless network.
e. All policies and procedures for accessing the County network apply
for wireless access.
B. Computing in public and untrusted zones. Weld County operates several
computing systems in public access areas and within the County jail for inmate use.
Exposures to the County by the use of these systems must be fully understood and
all known exposures mitigated.
1. Public computing systems. Weld County operates several public access
computers,which are available for use by the public,within the Weld County
facilities. These systems, due to the uncontrolled nature of their use, must
be segregated to an isolated or physically separate segment of the Weld
County network. All access to internal county resources must be tightly
controlled and limited to prevent any misuse of these systems. Auditing
must be enabled on these systems. Users of these systems must be aware
of the specificity and sanctions imposed on these computing systems.
2. Inmate computing systems. Weld County provides several computers for
the use of inmates within the County jail. Due to the uncontrolled use of
2005-3118
PAGE 12 ORD2005-13
these systems, all inmate computing systems must only maintain a minimal
set of computer resources to prevent abuse of such systems and resources.
This would include:
a. Computers must not maintain any unnecessary ports or peripherals,
including a CD-ROM drive, floppy drive, serial ports, USB ports,
modem, or other non-essential interfaces.
b. Computers must not have access to other computing systems or
servers, except to accomplish the specific purpose for the inmate
computing systems.
c. Computers must not have Internet access.
d. Network access must be segregated from the other County network
segments.
3. Security zones. Specified areas within a facility that are designated as
performing critical functions or contain sensitive information or systems,
must make use of security mechanisms and procedures greater than those
used for areas of lesser criticality or sensitivity. These zones must be
isolated by security controls of reduced permission from the general facility
population. Permission must be based on the need to physically access the
area for a job function. Such security zones would include:
a. Server room.
b. Communications closet.
C. Equipment security. All information computing equipment, and any information
contained or processed by the equipment, must be reasonably protected from
damage, interruption and interception.
1. Protection from power interruptions. All sensitive electronic equipment
must be reasonably protected from interruptions of the power supply
including power fluctuations, power surges, brownouts, and short and
long-term losses. Equipment performing critical functions should have
additional or increased protection from power interruptions.
2. Safety and protection of electrical and communications cabling. All
electrical power and telecommunications cabling must be run observing all
local codes and requirements to prevent such cabling from becoming
hazardous to environments and personnel. All communications cabling
must be reasonably protected from tampering or interception of
communications.
3. Secure disposal of computing equipment. All Weld County computing
equipment and peripherals must be disposed of securely to prevent
unauthorized access to any residual company information.
a. Hard drives. Prior to the disposal of any hard drive or disk drive, the
device must either be physically destroyed or formatted to current
2005-3118
PAGE 13 ORD2005-13
Department of Defense standards.
b. Optical media. Prior to the disposal of any optical media, such as
CD-ROMs, DVD, and ZIP or Jaz cartridges, these devices must be
physically destroyed. This may be accomplished through the use
of shredding or incineration. The optical disc itself must be cut with
scissors or repeatedly scratched in circular motions over the disc.
c. Analog media. Prior to disposal, all analog media must be
completely destroyed. Floppy diskettes must either be shredded in
a large paper shredder or cut with scissors. Backup tapes should
be dismantled with the actual tape shredded or burned (usually this
is best performed by a licensed media destruction contractor).
d. RAM. Prior to disposal, all Random Access Memory modules must
be destroyed. This includes all memory devices such as memory
from computers, memory from printers and FAX machines, or other
memory devices. This is most commonly accomplished through the
use of a hammer where the device is repeatedly struck to physically
smash the memory chips.
IMPORTANT NOTICE: When manually destroying a media device,
always use protective eyewear and apply common sense to avoid
physical injury.
Sec. 9-3-80. Acceptable use guidelines.
A- No change.
B. General.
1. Part;eipati,.g agei,eics County departments assume responsibility for
providing reasonable publicity and enforcement for this"Internet Acceptable
Use Policy". Ultimate responsibility for traffic that does not conform to this
policy lies with the individual end user. It is the responsibility of the County
agency to monitor and rectify the behavior of its users who disregard this
policy.
2. It is also the responsibility of each County ayes icy department to provide
adequate training for its users to eiisure apprupliat., n..two1k
3. The Department of Information Services and the County accept no
responsibility for the traffic which they transport and which violates the
Acceptable Use Policy of any connected networks, beyond informing the
County agency if and when a violation is brought to the attention of the
Information Services Governance Committee.
4 through 5 - No change.
6. Because of the diversity of resources on the Internet and other public
networks, it is impossible to list all the do's and don'ts. In general, common
2005-3118
PAGE 14 ORD2005-13
sense should be used to judge situations. The following are some
guidelines to start with:
a. Computing resources should be used only for County-related
business in the support of the administrative, instructional, research
and public service objectives of the County.
b. Appropriate use of resources is limited to the official work of the
agenciesCounty. Examples of inappropriate use of resources
include, but are not limited to:
1 through 5 - No change.
6) Attempts to make unauthorized entry to another network
iivdeun the County network.
7 through 10 - No change.
11) Any other activity that can be considered mis-use or harmful
to the County network.
c. Employees must never test the security of computer systems,
whether physical or logic based, without written permission from
senior management of both the facility from which the test is being
launched and the facility where the system resides. The only
exception to this is if such security testing is a known part of the
employee's job description and function.
7. No change.
8. All County--agencies departments must accept these guidelines and
understand that network traffic originating from its location is to be
consistent with this policy. The Department of Information Services cannot
police the network but may refer to the appropriate Elected Official or
Department Head for disciplinary action any agency that appears to be in
persistent and/or serious abuse of this policy. Questions pertaining to the
policy or interpretation of the policy should be submitted to the Intornaf
Information Services Governance Committee.
9. No change.
C. Participation in discussion groups.
1. No change.
2. The user must be aware that the information he or she puts out on the
Internet will be perceived as the official County position unless specifically
identified as personal opinion, even in a discussion. If the user is offering
his or her own opinion, he or she shall be sure it is clearly identified as such.
Also, if you would be emban assed to have someone read it on a postcard,
do not say it on the Internet or in any a mail.
2005-3118
PAGE 15 ORD2005-13
3. No change.
D. No change.
E. Qualifications for access authority. Before the Department of Information Services
approves a user for Inter,let or County network access, a Weld County Computer
Security Request rorm must be properly filled out and processed according to the
ivitriatprvcure,,,c7 it proceos.All County devices are configured for Internet access
unless specifically requested by the department head or elected official.
Sec. 9-3-90. Web server guidelines.
A. Review. The Department of Information Services and the Governance Committee
will review all Web access and Web content proposals to ensure the project
adheres to all guidelines set forth in this Section.
B. Initial approval. Any proposed Web access must be submitted to the Information
Services Governance Committee for initial approval of the proposed project. The
following information must be provided to the Department of Information Services
for review and assistance in submitting the initial request to the Governance
Committee.
1. State the general purpose of the project and how it relates to County
business.
2. Define the scope of the project, including what information is going to be
made available, to whom it will be available, the sensitivity level of the
information, and the identity of the targeted user.
3. Provide initial design documentation, which includes a rough page layout,
uNh.to, linko, imasca, eta.:
4. Identify any County data accessed not located on the Web server and how
the data will be used.
54. Identify the designated contact person within the department for this project,
who will be responsible for maintaining current information.
65. Identify the security requirements of the project.
C. No change.
Sec. 9-3-100. Use of electronic mail.
Electronic mail(e-mail)is defined as any message that is transmitted electronically between
two(2)or more computers or terminals,whether stored digitally or converted to hard (paper)copy.
Under Part 2, Article 72, Title 24, C.R.S., e-mail messages may be considered public records and
may be subject to public inspection, pursuant to Section 24-72-203, C.R.S. All computer-related
information, including e-mail messages and/or digitally stored documents, are the property of the
County and are considered the County's records even if the information resides on privately owned
devices. County e-mail may not be forwarded to employee's personal e-mail accounts.
2005-3118
PAGE 16 ORD2005-13
Sec. 9-3-110. Employee access to e-mail.
A. All County employees with a need are assigned an e-mail address for County
business. will be assigned a user address by the Department of Information
Services. These addresses may be used to send and receive c-mail messages
to/from other County employees. Conduct for use of these e-mail systems is
detailed in the follurr;..y Soutuno.
D. Clcct0d off.c.al0 a..d dcpartnim it Lead& ...ay also-reyueota..a ...ail address that ia
h.te...et-auccoaible. At the request of the Depart,..ent I lead O. Cleated Official,
employees will be provided Internet accessible a-mail addresses for conducting
County business. C...ployeea will be provided such e ...ail addresses Ne..Ji..y
County technology capabilities and availability. Continued access to Internet-
accessible e-mail will be contingent upon the employee's conduct, as 1outlined
w rll cvruualy ...tI..J A.t;ulc al mil cviccJ bolvvv. Cuot5aaau6atcd W.tl. -...a.f alhicJJ
will be evaluated annually and determined through the County's budget process.
Sec. 9-3-120. Employee conduct with e-mail.
As with any County property or equipment, e-mail should be used for official County
business only. Incidental and occasional personal use of e-mail is permitted. However, strictly
forbidden e-mail usage includes use for personal profit or gain;transmission of political messages;
solicitation of funds for political or other purposes; or sending of harassing messages.
A. Employees must refrain from sending e-mail messages that may be considered
lewd, offensive, or harassing by, or to, other people.
B. Employees must refrain from sending e-mail messages that contain angry, violent,
or threatening messages.
C. Employees must not participate in sending, forwarding, or responding to e-mails
that are of a disruptive or coercive nature, such as the distribution of spam or chain
letters.
D. The County identifies passwords as highly sensitive information. Account owners
must never divluge their e-mail account passwords and login information.
E. Employees must never share e-mail accounts.
ARTICLE VI
GIS System Products and Services
Sec. 9-6-60. Service products and services.
A- No change.
B. The following identify the products and services that are proposed for availability to
the public as the GIS system is developed:
1 - No change.
2005-3118
PAGE 17 ORD2005-13
2. Arc Macro Language (AML) products (programs, menus, computer
programs, forms and written procedures) developed for the administration
of the system may be made available to customers and other County
agencies,departments and appointed and elected offices. No maintenance
of the AMLs, etc., products is planned to be furnished by the County. Such
AMLs, etc., products are to be furnished as is, and the decision to release
such products is solely at the discretion of the County. Such products are
available to customers by license agreement and to other County agencies,
departments and appointed and elected offices. It is not intended that
custom AML programs, etcetera, required for the sole use of the customer
will be developed by the GIS Division.
No change to remainder of section.
Sec. 9-6-70. Rates and charges.
A- No change.
B. Rates and charges for custom products, regular, on-going system services, and
technical assistance.
1 through 2 - No change.
3. The rates to be charged for GIS products, subscription services, AML
programs products and digital data are set forth in the Products and Rate
Schedule set out at Appendix 5-F of this Code.
4 - No change.
5. All charges are due and payable and shall be collected at the time the order
for products and services is taken,except as otherwise might be established
by contract or license agreement. Payment shall include appropriate sales
tan an Manta.
No change to remainder of section.
ARTICLE VII
Workstation Remote Control Policy
Sec. 9-7-20. Definitions.
Revise definition of"Remote control software", as follows:
Remote control software: Any software used that enables remote workstations(a second
workstation) to be viewed, controlled or updated remotely, without being physically at the
second workstation. P1, ,a,;ly cuncen red with the ,,d usc, sumo'teoltwa,e tuvl k,•uv wr
us lt,,,utc Control, wlricL o,,c (1) con rya,rort of a lager application calked ZcnWurks.
Sec. 9-7-30. Statement of policy.
A through K - No change.
2005-3118
PAGE 18 ORD2005-13
L. Des;dcs Remote Corttrol,ln addition, other components of the Zc..WOrks
workstation application make it possible to implement-n10ss,,l.a,.ges/fixes, e.g.,
mass changes, fixes, or updates to all of a dcpa.t...ent County workstations
automatically. Updates will be scheduled weekly. It is the end user's responsibility
to support regular maintenance to their workstations to keep workstations secure
and running at optimal performance. This requires end users to adhere to
Information Services guidelines, such as re-booting, etcetera, associated with the
maintenance. Unless under emergency conditions where the IT infrastructure can
be corrupted or damaged, the activity will be scheduled *th the department pi km
cAc..utlu., f tl,a N.ul,000 on a weekly basis.
M. Each occurrence where Rremote-E control software is utilized to diagnose or
resolve a workstation issue will be logged using Information Services Help Desk call
tracking procedures.
N - No change.
Sec. 9-7-40. Procedure.
A. To initiate a remote-control session,support staff must first make an attempt to get
approval from the end user to take control of his or her workstation. Approval can
be obtained multiple ways, e.g., phone, e-mail, chat s�sakui r, etcetera.
B through E - No change.
F. If the end user is not present when the remote control session ends, the support
staff should (cave a ....,te follow up with the end user, indicating the date and time
the session was held,_give a brief description of work performed, and whom to
contact if there are questions. The n„t0 can-take the foil.. of alt This follow up
should be by e-mail or phone message,or a notepad w,,'dvw...ay be left o..tl.e c•RI
use's screen.
ARTICLE VIII
PERSONAL COMPUTING DEVICES
Sec. 9-8-30. Statement of Policy.
A through B - No change.
C. Guidelines.
1 through 3 - No change.
4. To be considered for approval of linking or communicating with the County
network, the personal computing device must meet County hardware and
software standards, as well as wireless standards, established by the
Information Services Governance Committee. Requests failing to meet
County standards will result in denial of access to the County network.
5 through 9 - No change.
10. 1,,f, ,,,,0tk,,, Sc'Jn,co w.lboupput t v..ly ti, Cmdr ata.dal op K,l nvrncatw.t
2005-3118
PAGE 19 ORD2005-13
..uftvva,Lrtltat facilitates u. 1;• vn;tl, G,oupWise cal.'Jai;„y. All Jevibaa
Root b.. Cut ,Natihlc vvitl, tl,at atai Ida,ditcd auftvva,c to 1e ..v,,oid0.
linking or communicating with the County network. In addition,All
personally owned devices must be in full operational order prior to
requesting the installation of synchronization software on the user's desktop
personal computer.
11. If an employee is planning to purchase a personal computing device and
wants to synchronize/link it with the County network, it is the employee's
responsibility to meet County standards for hardware and software, receive
approval from the Elected Official or Department Head, and confirm any
County funding of any additional required hardware and/or synchronization
software. Approvals should be obtained prior to any purchase.
12 - No change.
13. rersonal computing type devices, i.e., PDAs, palm phones, e-mail devices,
p,vic..ty,a, &Oal ..a,„c,au, etc., are lot tl is ,,.,,,,,al i„futit tatiu,r
technology repair costs. Repairs are the responsibility of the individual
tl ue Coo,ty dapartn,ei It.
14. For an employee to synchronize or link personal computing devices with the
County network,the user and personal computing device must be registered
as a user with the Information Services Department.
154. The County does not guarantee continued compatibility with any hardware
device or software being utilized in this environment and is not liable for
personal expenses incurred.
165. The County or ACO Information Services is not responsible for any damage
to personally owned hardware or software that may be incurred while
supporting the personal computing device or related software.
176. Abuse of this policy can result in removal of authorization to have a personal
computing device link or communicate with the County network. Continued
abuse of this policy could lead to employee disciplinary actions, including
termination of employment.
Sec. 9-8-40. Procedure.
A- No change.
B. Any County employee wishing to synchronize a personal computing device with a
desktop personal computer or link it with the County network must first have it
approved by his or her Elected Official or Department Head. There must be a clear
business need to approve the request.
1 through 2 - No change.
3. The requesting user must sign the Personal Computing Device
A..k,,owk.dgn,e,Mau Ili Request Form explaining the County's right to review
any information contained on the device. The Pt.suns Con[put'ug D�a
2005-3118
PAGE 20 ORD2005-13
Acknowledgment This form is available from the Information Services
Department. Along with the user's signature, the employee's full name,
device make and model, operating system and serial number shall be
provided. (See Appendix 9-D.)
C. Information Services will review the information on the-Personal Computing Device
Ask„owLdg,nci,t fuiiir Request Form to ensure the hardware and software meet
County standards.
1. Information Services will inform the employee of approval or denial.
2. h rfo,,,,ation ScrviL.cswill ,nailrtah,a log of all uses whu synchronize or link
a personal computing device with the County network.
D. If hardware or software purchases are involved, purchases will be made after the
Information Services Governance Committee approvals have been obtained.
1. Information Services will process approved requests by ordering and
receiving regular PDA-type devices. County standard equipment.
2 - No change.
E through F - No change.
G. Personal Computing Device Standards.
1. PDA type devices.
a. DcVIee3 rut ,lei,g the r aln, Opel atil,g-syottflr, which r„uot ulou try
compatible witl i designated synchronization software. Documents
To Go software may be necessary to provide compatibility with
Microsoft Word and Excel.
b. Duvicco run, ,Ad the Microsoft Windows Rruket rc operati,ry
system, which must also be compatible with designated
by i,ul a un;Zat;0R software.
2. Software to SyRul risk),i2c GroupWise c010nJa,. Intcll y,6y ei S un 5.n Gild
I yl.e,, manufacturer Puma Tech,iolugy.Technology standards will be
determined by the Information Services Governance Committee and the
Board of Weld County Commissioners. It will be the responsibility of
Information Services to follow those standards when reviewing requests for
personal computing devices and purchasing those devices.
3. Network client software must be compatible with currently established
County network versions and protocols (when available). Check with
h Services Depa,twee et fur cunt,it i equirements.
Revise Appendix 9-A, Information Services Function Sub-Committees, as attached.
Revise Appendix 9-B, Computer Security Request Form, as attached.
Revise Appendix 9-C, GIS Functional Subcommittees, as attached.
2005-3118
PAGE 21 ORD2005-13
Add Appendix 9-D, Computing Device Request Form, as attached.
Add Appendix 9-E, Websense Internet Filter Removal Request Form, as attached.
BE IT FURTHER ORDAINED by the Board that the Clerk to the Board be, and hereby is,
directed to arrange for Colorado Code Publishing to supplement the Weld County Code with the
amendments contained herein, to coincide with chapters, articles, divisions, sections, and
sub sections as they currently exist within said Code; and to resolve any inconsistencies regarding
capitalization,grammar,and numbering or placement of chapters,articles,divisions, sections,and
sub-sections in said Code.
BE IT FURTHER ORDAINED by the Board if any section,subsection,paragraph,sentence,
clause, or phrase of this Ordinance is for any reason held or decided to be unconstitutional, such
decision shall not affect the validity of the remaining portions hereof. The Board of County
Commissioners hereby declares that it would have enacted this Ordinance in each and every
section, subsection, paragraph, sentence, clause, and phrase thereof irrespective of the fact that
any one or more sections, subsections, paragraphs, sentences, clauses, or phrases might be
declared to be unconstitutional or invalid.
The above and foregoing Ordinance Number 2005-13 was, on motion duly made and
seconded, adopted by the following vote on the 7th day of December, A.D., 2005.
BOARD OF COUNTY COMMISSIONERS
WELD COUNTY, COLORADO
ATTEST:
William H. Jerke, Chair
Weld County Clerk to the Board
M. J. Geile, Pro-Tem
BY:
Deputy Clerk to the Board
David E. Long
APPROVED AS TO FORM:
Robert D. Masden
County Attorney
Glenn Vaad
First Reading: October 24, 2005
Publication: November 2, 2005, in the Fort Lupton Press
Second Reading: November 16, 2005
Publication: November 23, 2005, in the Fort Lupton Press
Final Reading: December 7, 2005
Publication: December 14, 2005, in the Fort Lupton Press
Effective: December 19, 2005
2005-3118
PAGE 22 ORD2005-13
APPENDIX 9-A
INFORMATION SERVICES
FUNCTIONAL SUBCOMMITTEES
FINANCE AND ADMINISTRATION: HUMAN SERVICES:
Accounting Public Health and Environment
General Services Human Services
Board of County Commissioners Social Services
Clerk to the Board Extension
County Attorney Paramedic Services
Finance
Personnel
Communications PROPERTY:
CRIMINAL JUSTICE: Assessor
Planning and Building Inspection
Coroner Public Works
District Attorney Treasurer
Office of Emergency Management
Sheriff CLERK AND RECORDER:
Motor Vehicle
Recording
Elections
2005-*
PAGE 23 ORD2005-13
APPENDIX 9-B
COMPUTER SECURITY REQUEST
(Please Print)
Requestor:
Dept: Extension: Date:
NEW EMPLOYEE 0 CHANGE 0
EMPLOYEE TERMINATION 0 Save the HOME DIRECTORY of this user to:
Users Name: Extension:
Dept:
Provide access similar to(name of employee)
ACCESS NOTE
E-Mail Account 0
Internet—Web Filter ❑ Websense
Banner ❑
Contact Barb Eurich—x4445
PeopleSoft ❑
Contact Barb Eurich—x4445
ICRIS ❑ C& R Signature
VPN —Add 0 Delete ❑ ❑ User must have broadband at remote location
Citrix—Assessor 0 0
Clerk to the Board 0
Other 0
Social Services ❑ State User Name -
Cats General Qualifier-
Special Instructions: (Specify any additional application security. Department Head security must be
obtained to access department owned applications.)
Department Head Approval: Date:
Technical Director Approval: Date:
Implemented by: Date:
PAGE 24
2005-*
nRn7nn5-(z
APPENDIX 9-C
GIS FUNCTIONAL SUBCOMMITTEES
FINANCE AND ADMINISTRATION: ASSESSOR:
Accounting Assessor
General Services Treasurer
Board of County Commissioners
Clerk to the Board CLERK AND RECORDER:
County Attorney
Finance Motor Vehicle
Personnel Recording
Elections
CRIMINAL JUSTICE:
PUBLIC WORKS:
Coroner
District Attorney Public Works
Office of Emergency Management Engineering
Sheriff
PLANNING SERVICES:
HUMAN SERVICES:
Planning and Zoning
Public Health and Environment Building Inspection
Human Services
Social Services
Extension
Paramedic Services
2005-'
PAGE 25 ORD2005-13
APPENDIX 9-D
Weld County Government
Computing Device Request Form
By signing below, I acknowledge that I have reviewed Weld County's "Computing Device
Request Form". I understand that it is my responsibility to adhere to the established policies and
practices for authorization to communicate, link, synchronize, copy, or transfer data between my
personal computing device and any device linked to the Weld County network. All devices must
meet stated Weld County standards.
➢ Employee must obtain the department head or elected official approval.
Employee Name:
Department Name:
➢ Provide information on the Computing Device you will be using:
Device Manufacturer:
Device Make & Model:
Device Serial Number:
Device Operating System:
(Include Version#) (must be a version of either Palm OS or Windows CE)
Device owned by (circle one): Weld County or Weld Employee
Employee's Signature: Date:
Director's Signature: Date:
(Requesting Department's Authorizing Signature)
Note: Synchronization software must be legally licensed by Weld County. If required,the requesting department is responsible
for obtaining funding approval and requesting Information Services to purchase the necessary software.
Approved by:
Director: (Information Services Department) Date:
This document is not intended as an express or implied employment contract between Weld
County and any of its employees.
PAGE 26
2005-*
ORD2005-13
APPENDIX 9-E
Information Services
Websense Internet Filter Removal Request
STATUS I CATEGORY (ACCESS
Select access by entire category or by subcategory
Blocked Abortion-Sites with neutral or balanced presentation of the issue. I I
Pro-Choice--Sites that provide information about or are sponsored by organizations that support legal abortion or that offer
support or encouragement to those seeking the procedure.
Pro-Life--Sites that provide information about or are sponsored by organizations that oppose legal abortion or that seek
increased restriction of abortion. I_1
Blocked Adult Material-Parent category that contains the categories:Adult Content, Lingerie and Swimsuit, I I
Nudity,Sex,Sex Education n
Adult Content--Sites that display full or partial nudity in a sexual context,but not sexual activity;erotica;sexual
paraphernalia;sex-oriented businesses as clubs,nightclubs,escort services;and sites supporting online purchase of such
goods and services.
Lingerie and Swimsuit-Sites that offer images of models in suggestive but not lewd costume,with seminudity permitted. l�
Includes classic'cheese-cake,'calendar,and pinup art and photography.Includes also sites offering lingerie or swimwear for l l
sale.
Nudity--Sites that offer depictions of nude or seminude human forms,singly or in groups,not overtly sexual in intent or
effect. I�I
Sex--Sites that depict or graphically describe sexual acts or activity,including exhibitionism;also sites offering direct links to I I
such sites. f'�1
Sex Education--Sites that offer information about sex and sexuality,with no pornographic intent.
Blocked Advocacy Groups-Sites that promote change or reform in public policy,public opinion,social practice' I�
economic activities and relationships. I I
Open Business and Economy-Sites sponsored by or devoted to business firms,business associations,
industry groups,or business in general. n
Financial Data and Services--Sites that offer news and quotations on stocks,bonds,and other investment vehicles,
investment advice,but not online trading.Includes banks,credit unions,credit cards,and insurance.
Blacked Drugs-Parent category that contains the categories:Abused Drugs, Prescribed Medications,Marijuan$
Supplements/Unregulated Compounds 1 1
Abused Drugs—Sites that promote or provide information about the use of prohibited drugs,except marijuana,or the abuse l l
or unsanctioned use of controlled or regulated drugs;also,paraphernalia associated with such use or abuse.
Marijuana--Sites that provide information about or promote the cultivation,preparation,or use of marijuana.
Prescribed Medications—Sites that provide information about approved drugs and their medical use.
Supplements and Unregulated Compounds--Sites that provide information about or promote the sale or use of chemicals
not regulated by the FDA(such as naturally occurring compounds).
Filtered Education-Parent category that contains the categories:Cultural Institutions,Educational Institutions, I�-I
Educational Materials I I
Cultural Institutions--Sites sponsored by museums,galleries,theatres(but not movie theatres),libraries,and similar I�
institutions;also,sites whose purpose is the display of artworks. I I
Educational Institutions--Sites sponsored by schools and other educational facilities,by non-academic research institutions,
or that relate to educational events and activities. n
Educational Materials—Sites that provide information about or that sell or provide curriculum materials or direct instruction;
also,learned journals and similar publications.
Reference Materials--Sites that offer reference-shelf content such as atlases,dictionaries,encyclopedias,formularies,white
and yellow pages,and public statistical data. f'�I
Filtered Entertainment-Sites that provide information about or promote motion pictures,non-news radio and I I
television, books, humor,and magazines.
MP3--Sites that support downloading of MP3 or other sound files or that serve as directories of such sites.
2005-*
PAGE 27 ORD2005-13
APPENDIX 9-E
Information Services
Websense Internet Filter Removal Request
Blocked Gambling -Sites that provide information about or promote gambling or support online gambling, I�
Involving a risk of losing money. I I
Blocked Games-Sites that provide information about or promote electronic games,video games,computer
games,role-playing games,or online games.Includes sweepstakes and giveaways. I I
Open Government-Sites sponsored by branches,bureaus,or agencies of any level of government,except fo•
the armed forces.
Military--Sites sponsored by branches or agencies of the armed services.
Political Organizations--Sites sponsored by or providing information about political parties and interest groups focused on
elections or legislation. I I I�I
Filtered Health-Sites that provide information or advice on personal health or medical services,procedures,or
devices, but not drugs. Includes self-help groups. El
Blocked Illegal or Questionable-Sites that provide instruction in or promote nonviolent crime or unethical or
dishonest behavior or the avoidance of prosecution therefor. n
Information Technology-Sites sponsored by or providing information about computers,software,the
Filtered Internet,and related business firms,including sites supporting the sale of hardware,software, 0
peripherals,and services.
Computer Security--Sites that provide information about or free downloadable tools for computer security. I I
Hacking--Sites that provide information about or promote illegal or questionable access to or use of computer or l�
communication equipment,software,or databases. I I
Proxy Avoidance--Sites that provide information about how to bypass proxy server features or to gain access to URLs in any
way that bypasses the proxy server. 1 1
Search Engines and Portals—Sites that support searching the Web,news groups,or indices or directories thereof. I I
URL Translation Sites—Sites that offer online translation of URLs.These sites access the URL to be translated in a way tha
bypasses the proxy server,potentially allowing unauthorized access. I�I
Web Hosting—Sites of organizations that provide hosting services,or top-level domain pages of Web communities
Blocked Internet Communication-Parent category that contains the categories: Email,Web Chat
Web Chat—Sites that host Web chat services or that support or provide information about chat via HTTP or IRC.
Web-based Email--Sites that host Web-based email.
Blocked 'Job Search-Sites that offer information about or support the seeking of employment or employees. I I I
Blocked Militancy and Extremist-Sites that offer information about or promote or are sponsored by groups
advocating antigovernment beliefs or action. n
Open News and Media-Sites that offer current news and opinion,including those sponsored by newspapers,
general-circulation magazines,or other media.
Alternative Journals—Online equivalents to supermarket tabloids and other fringe publications. 11
Blocked Racism and Hate-Sites that promote the identification of racial groups,the denigration or subjection of
groups,or the superiority of any group. n
Filtered Religion-Parent category that contains the categories:Traditional Religions,Non-Traditional Religions in
Non-Traditional Religions and Occult and Folklore—Sites that provide information about or promote religions not specifies
in Traditional Religions or other unconventional,cultic,or folkloric beliefs and practices. I I
Traditional Religions--Sites that provide information about or promote Buddhism,Bahai,Christianity,Christian Science, l�
Hinduism,Islam,Judaism,Mormonism,Shinto,and Sikhism,as well as atheism. I I
2005-•
PAGE 28 ORD2005-13
APPENDIX 9-E
Information Services
Websense Internet Filter Removal Request
Shopping-Sites that support the online purchase of consumer goods and services except: sexual
Filtered materials, lingerie,swimwear,investments,medications,educational materials,computer software or
hardware,alcohol,tobacco,travel,vehicles and parts,weapons.
Internet Auctions--Sites that support the offering and purchasing of goods between individuals.
Real Estate--Sites that provide information about renting,buying,selling,or financing residential real estate.
Filtered Social Organizations-Parent category that contains the categories: Professional and Worker
Organizations,Service and Philanthropic Organizations,Social and Affiliation Organizations n
Professional and Worker Organizations--Sites sponsored by or that support or offer information about organizations
devoted to professional advancement or workers interests. n
Service and Philanthropic Organizations—Sites sponsored by or that support or offer information about organizations
devoted to doing good as their primary activity. in
Social and Affiliation Organizations—Sites sponsored by or that support or offer information about organizations devoted
chiefly to socializing or common interests other than philanthropy or professional advancement. n
Filtered Society and Lifestyles-Sites that provide information about matters of daily life,excluding
entertainment,health,hobbies,jobs,sex,and sports.
Alcohol and Tobacco--Sites that provide information about,promote,or support the sale of alcoholic beverages or tobacco
products or associated paraphernalia. n
Gay or Lesbian or Bisexual Interest—Sites that provide information about or cater to gay,lesbian,or bisexual lifestyles,
including those that support online shopping,but excluding those that are sexually or issue-oriented.
Hobbies—Sites that provide information about or promote private and largely sedentary pastimes,but not electronic,video,
or online games.
Personal Web Sites--Sites published and maintained by individuals for their personal self-expression and ends.
Personals and Dating--Sites that assist users in establishing interpersonal relationships,excluding those intended to
arrange for sexual encounters and excluding those of exclusively gay or lesbian or bisexual interest.
Restaurants and Dining--Sites that list,review,advertise,or promote food,dining,or catering services.
Filtered 'Special Events-Sites devoted to a current event that requires separate categorization. I I I
Filtered Sports-Sites that provide information about or promote sports,active games,and recreation.
Sport Hunting and Gun Clubs--Sites that provide information about or directories of gun clubs and similar groups,including
war-game and paintball facilities. n
Tasteless-Sites with content that Is gratuitously offensive or shocking, but not violent or frightening.
Blocked Includes sites devoted in part or whole to scatology and similar topics or to improper language, humor, n
or behavior.
Open 'Travel-Sites that provide Information about or promote travel-related services and destinatinations. I I I
Filtered Vehicles-Sites that provide information about or promote vehicles, including those that support online
purchase of vehicles or parts. n
Violence-Sites that feature or promote violence or bodily harm,including self-inflicted harm; or that
Blocked gratuitously display images of death,gore,or injury; or that feature images or descriptions that are El
grotesque or frightening and of no redeeming value.
Blocked Weapons-Sites that provide information about,promote,or support the sale of weapons and related
items. n
Blocked Can't acces site
Filtered Can access using quota time
2005-*
PAGE 29 ORD2005-13
Hello