The URL can be used to link to this page

Browse Search

Home My WebLink About20053432.tiff NOTICE OF FINAL READING OF ORDINANCE Pursuant to the Weld County Home Rule Charter,Ordinance Number2005-13 was introduced on first reading on October 24, 2005, and a public hearing and second reading was held on November 16,2005. A public hearing and final reading was completed on December 7,2005,with no change being made to the text of said Ordinance,and on motion duly made and seconded,was adopted. Effective date of said Ordinance is listed below. Any backup material, exhibits or information previously submitted to the Board of County Commissioners concerning this matter may be examined in the office of the Clerk to the Board of County Commissioners,located in the Weld County Centennial Center,91510th Street,Third Floor, Greeley, Colorado, between the hours of 8:00 a.m. and 5:00 p.m., Monday thru Friday,or may be accessed through the Weld County Web Page(www.co.weld.co.us). E-Mail messages sent to an individual Commissioner may not be included in the case file. To ensure inclusion of your E-Mail correspondence into the case file, please send a copy to charding@co.weld.co.us. ORDINANCE NO. 2005-13 ORDINANCE TITLE: IN THE MATTER OF REPEALING AND REENACTING, WITH AMENDMENTS, CHAPTER 9 INFORMATION SERVICES, OF THE WELD COUNTY CODE EFFECTIVE DATE: December 19, 2005 BOARD OF COUNTY COMMISSIONERS WELD COUNTY, COLORADO DATED: December 9, 2005 PUBLISHED: December 14, 2005, in the Fort Lupton Press GD5- 35/8„7 NOTICEOF FINAL READING OF PROOF OF PUBLICATION ORDINANCE FORT LUPTON Home the Weld County Homme Rule Charter, Ordinance Number 2005-13 was introduced STATE OF COLORADO on first reading on October 24, 2005, and a public hearing and COUNTY OF WELD SS. second reading was held on November 16, 2005. A public hearing and final reading was completed on December 7, 2005, with no change being made to the text of said Ordinance, and on I, Karen Lambert, do solemnly swear that I motion duly made and seconded, was adopted.Effective date of am the Publisher of the Fort Lupton Press; said Ordinance is listed below.Any backup material, exhibits or that the same is a weekly newspaper printed information previously submitted County the Board of County and published in the County of Weld, State Commissioners concerning this matter may be examined in the of Colorado, and has a general circulation office of the Clerk to the Board of County Commissioners,located in therein; that said newspaper has been the CenterrNeld 915 0th`yStr et, Thy d published continuously and uninterruptedly Floor,Greeley,Colorado,between the hours of 8:00 a.m. and 5:00 in said county of Adams for a period of more p.m., Monday thru Friday, or may be accessed through the Weld than fifty-two consecutive weeks prior to the Coun'co.weld.co s). E-Mail Web Page `ww first publication of the annexed legal notice messages sent to an individual Commissioner may not be or advertisement; that said newspaper has e. included in the case file. To naue inclusion of your e.Mail been admitted to the United States mails as correspondence into the case file, please send a copy to second-class matter under the provisions of ORDINANCENO. 2005-13 the act of March 3, 1879, or any ORDINATLE: IN THE MATTER R OF RCE IEPEALING AND amendments thereof, and that said REENACTING, WITH AMENDMENTS, CHAPTER 9 newspaper is a weekly newspaper duly INFORMATION SERVICES, OF THE WELD COUNTY CODE qualified for publishing legal notices and 9 2005 advertisements DATE: December 19, advertisements within the meaning of the BOARD OF COUNTY COMMISSIONERS laws of the State of Colorado. That the WELD COUNTY, 90 0DO DATED: December annexed legal notice or advertisement was PUBLISHED: December 14, 2005,in the Fort Lupton Press published in the regular and entire issue of every number of said weekly newspaper for the period of 1 consecutive insertion(s); and that the first publication of said notice was in the issue of newspaper, dated 14th day of December, 2005, and the last on the 14th day of December, 2005. vier u Gubscribed aid s rn before me, this the 9th day of December, 206 lO ' 61 td Notary Public. • R- 04 CASE NO.370207 key 22586 I NOTICE OF SECOND READING OF ORDINANCE Pursuant to the Weld County Home Rule Charter, Ordinance Number 2005-13 was introduced on first reading on October 24, 2005, and a public hearing and second reading was held on November 16, 2005, with changes being made as listed below. A public hearing and third reading is scheduled to be held in the Chambers of the Board, First Floor Hearing Room, 915 10th Street, Greeley, Colorado 80631 on December 7, 2005. All persons in any manner interested in the next reading of said Ordinance are requested to attend and may be heard. Please contact the Clerk to the Board's Office at phone (970) 336-7215, Extension 4225, or fax (970) 352-0242, prior to the day of the hearing if, as a result of a disability, you require reasonable accommodations in order to participate in this hearing. Any backup material, exhibits or information previously submitted to the Board of County Commissioners concerning this matter may be examined in the office of the Clerk to the Board of County Commissioners, located in the Weld County Centennial Center, 915 10th Street, Third Floor, Greeley, Colorado, between the hours of 8:00 a.m. and 5:00 p.m., Monday thru Friday, or may be accessed through the Weld County Web Page (www.co.weld.co.us). E-Mail messages sent to an individual Commissioner may not be included in the case file. To ensure inclusion of your E-Mail correspondence into the case file, please send a copy to charding@co.weld.co.us. ORDINANCE NO. 2005-13 ORDINANCE TITLE: IN THE MATTER OF REPEALING AND REENACTING, WITH AMENDMENTS, CHAPTER 9 INFORMATION SERVICES, OF THE WELD COUNTY CODE DATE OF NEXT READING: December 7, 2005, at 9:00 a.m. BOARD OF COUNTY COMMISSIONERS WELD COUNTY, COLORADO DATED: November 18, 2005 PUBLISHED: November 23, 2005, in the Fort Lupton Press * * * * * * * * * * * CHANGES MADE TO CODE ORDINANCE #2005-13 ON SECOND READING Section 9-3-90. Web server guidelines. C. Guidelines. If initial approval is granted for the project,the following guidelines must be followed during the development: 1 through 9 - No change. 10. Contents of Web pages should must be approved by the Department Head/Elected Official or his or her designee. NOTICE OF PROOF OF PUBLICATION SECOND READING OF FORT LUPTON ORDINANCE Pursuant to the Weld County STATE OF COLORADO Home Rule Charter, Ordinance Number 2005-13 was introduced COUNTY OF WELD SS. on first reading on October 24, 2005, and a public hearing and second reading was held on November 16,2005,with changes being made as listed below. A public hearing and third reading is I, Karen Lambert, do solemnly swear that scheduled to be held in the Chambers of the Board,First Floor am the Publisher of the Fort Lupton Press; Hearing Room, 915 10th Street, Greeley, Colorado 80631 on that the same is a weekly newspaper printed December 7,2005.All persons in any manner interested in the next and published in the County of Weld, State reading of said Ordinance are requested to attend and may be of Colorado, and has a general circulation heard. Please contact the Clerk to the therein; that said newspaper has been Board's Office at phone (970) 336-7215, Extension 4225, or fax published continuously and uninterruptedly (970) 209;0242,prior to the day of the the hearing if,as a result of in said county of Adams for a period of more a disability,you require reasonable than fifty-two consecutive weeks prior to the accommodations in order to participate in thisheanng. first publication of the annexed legal notice Any backup material, exhibits or information previously submitted to or advertisement; that said newspaper has the Board of County been admitted to the United States. mails as Commissioners concerning this matter may be examined in the office of the Clerk to the Board of second-class matter under the provisions of heunty WeltlmmCounI n ty rs'Coentenniail the act of March 3, 1879, or any Center, 915 10th Street, Third Floor,Greeley,Colorado,between amendments thereof, and that said the hours of 8:00 a.m. and 5:00 p.m., Monday thnr Friday,or may newspaper is a weekly newspaper duly be accessed through the Weld County Web Page qualified for publishing legal notices and (www.co.weld.co.us). E-Mail messages sent to an individual advertisements within the meaning of the Commissioner may not be included laws of the State of Colorado. That the in the case file.To ensure inclusion of your E-Mail correspondence into the case file,please send a copy to annexed legal notice or advertisement was charding@co.weld.co.us. published in the regular and entire issue of ORDINANCE NO. 2005-13 every number of said weekly newspaper for ORDINATLE: IN THE MATTER R OF RCE IEPEALING AND the period of 1 consecutive insertion(s); and REENACTING,AMENDMENTS, CHAPTER WITH 9 that the first publication of said notice was in INFORMATTHE WELD CCOUNTY CODE ON SERVICES, OF the issue of newspaper, dated 23rd day of DATE OF NEXT READING: November, 2005, and the last on the 23rd December 7,2005,at 9:00 am. BOARD OF COUNTY day of November, 2005. COMMISSIONERS WELD COUNTY,COLORADO DATED: November 18,2005 PUBLISHED: November 23, 2005,in the Fort Lupton Press CHANGES MADE TO CODE ORDINANCE #2005-13 ON SECOND READING Section 9-3-90. Web server guidelines. C.Guidelines. If initial approval is granted for the project, the following guidelines must be followed during the development: 1 through 9-No change. 10.Contents of pros pages should mus t be approved th by the Department Head/Elected Official �'�. i or his or her designee. Publisher. S scribed and swornbefore me, this the 18th day of November, 2005. oa .GZerfity ota Public. ;Li•0Lp CASE NO.370207 key 21970 WELD COUNTY CODE ORDINANCE 2005-13 IN THE MATTER OF REPEALING AND REENACTING, WITH AMENDMENTS, CHAPTER 9 INFORMATION SERVICES, OF THE WELD COUNTY CODE BE IT ORDAINED BY THE BOARD OF COUNTY COMMISSIONERS OF THE COUNTY OF WELD, STATE OF COLORADO: WHEREAS,the Board of County Commissioners of the County of Weld, State of Colorado, pursuant to Colorado statute and the Weld County Home Rule Charter,is vested with the authority of administering the affairs of Weld County, Colorado, and WHEREAS,the Board of County Commissioners, on December 28, 2000, adopted Weld County Code Ordinance 2000-1,enacting a comprehensive Code for the County of Weld, including the codification of all previously adopted ordinances of a general and permanent nature enacted on or before said date of adoption, and WHEREAS,the Weld County Code is in need of revision and clarification with regard to procedures, terms, and requirements therein. NOW, THEREFORE, BE IT ORDAINED by the Board of County Commissioners of the County of Weld,State of Colorado,that Chapter 9, Information Services,of the Weld County Code be, and hereby is, repealed and re-enacted, with amendments, to read as follows. CHAPTER 9 INFORMATION SERVICES Throughout Chapter 9, replace "The Department of Information Services" with "Information Services". Throughout Chapter 9, replace "SCT" Corporation with "ACS" Corporation. Throughout Chapter 9, replace the subcommittee "Human Services" with "Health and Human Services". Throughout Chapter 9, replace"Geographical Information System(GIS) Division"with"GIS", and replace "the Division" with "GIS". ARTICLE I INFORMATION SERVICES Sec. 9-1-70. Specific duties and responsibilities of Governance Committee. A through G - No change. H. Communication and enforcement of policies and procedures. Sec. 9-1-80. Specific duties and responsibilities of users. The specific duties and responsibilities of each user are as follows: A. General responsibilities: 1. Designate a management level position to act as a liaison between the user department, Governance Committee and Information Services. 2 through 3 - No change. B. No change. C. New system development responsibilities: 1 through 5 - No change. 6. Maintain communication with Information Services by attending regularly scheduled management review meetings. Sec. 9-1-90. Specific duties and responsibilitiesof Information Services via contract services. The following specific duties will be assigned to the Department of Information Services: A and B - No change. C. Direct action responsibilities: 1. Represent the County to vendors of computer and data communications equipment, systems and services. 2. Provide for the acquisition and administration of personnel, hardware, software, contracts, grants and related services necessary to support the information services requirements of any user or the County in general. 3. Inform users in advance of governance approved changes to hardware, software and related resources which may affect their systems. 4 - 16 - No change. 17. Allow for testing of new systems and major enhancements and technology prior to production implementation. 18. Control and coordinate the funding for projects. Remainder of Section - renumber. ARTICLE II INFORMATION SERVICES GOVERNANCE COMMITTEE Sec. 9-2-30. Role. The role of the Information Services Governance Committee includes the following: A through C - No change. D. Identify the annual information system priorities and related budgetary impact. These priority recommendations will become an integral part of the budget process subject to adjustment during budget preparation/adoption, and upon final budget approval, will be established as part of the Department of Information Services annual work program. All projects must be reviewed and approved by the Information Services Governance Committee before they can be added to the Information Services annual work plan. E through G - No change. Sec. 9-2-80 Purpose and structure of subcommittees. A through B - No change. C. The responsibilities of the functional subcommittees are to: 1 through 4 - No change. 5. Ensure that user department systems design decisions are made in accordance with annual information system work plans and approved project schedules. 6 through 8 - No change. ARTICLE III COUNTY NETWORK AND INTERNET ACCEPTABLE USE POLICY Sec. 9-3-10. General provisions. A. The Department of Information Services,in conjunction with the Information Services Governance Committee, has taken the necessary steps to provide a County Network and Internet Acceptable Use Policy on use of the Internet by County agencies and departments. Any County agency or department eligible for, and having funding for, the Weld County network or the Internet will be provided with access under the terms and conditions of this policy. B through C - No change. D. This policy applies to any activity performed from a County-owned asset and to all County employees or contracted agents of the County performing work activities on behalf of the County. Work activities conducted from remote devices or even personally owned devices are subject to this policy. The policy applies to electronic communications on County networks and public networks including,but not limited to, the following: 1. Electronic Communications: a. E-mail. b. File transfer (FTP). c. Remote login, including VPN, and Citrix. d. Remote control software. e. Discussion groups/bulletin boards. f. World Wide Web, web servers, wide area information servers (WAIS). g. Personal computing devices,including Blackberrys,PDA's,and cell phones. h. Digital type devices that can communicate with personal computers or public networks. H3xx, such as video conferencing. j. Voice over IP (VOIP). 2. Public Networks: a. Internet and Internet Services. b. Internet Service Providers. c. Bulletin board systems. d. Weld County network. e. On-line search services. Sec. 9-3-20. Introduction. Weld County network access and Internet access can provide significant business benefits for County government agencies. However, there are also significant legal, security and productivity issues related to how the Internet is used. Examples of such issues are listed below. A. The potential to receive computer viruses Trojans,worms and spyware from Internet information sources. B through F - No change. Sec. 3-2-25. Authorized County Network Access. A. Secure New Employee Accounts. Authorized access to the County network for new employees must be approved by the department head, elected official, or designated person in the department. Requests for new employee security or changes to existing security must be submitted using the Security Request Form (Appendix 9-B). 1. Requests for new employee security must be submitted in advance - - at least three days prior to hire date, and signed by department head, elected official, or designated person. 2. All documentation authorizing user access to controlled computing and information resources must be archived and retrievable upon request for all active accounts. Requests will be retained for a period of five years. 3. Requested access must be approved by the owner of the data. 4. Login passwords must meet the County required standard, as set forth in Section 9-3-70. 5. Generic and shared accounts are strictly prohibited. All UserlD's must uniquely identify users to the system. B. Secure Employee Terminations. 1. All security requests for employee terminations within the County's operations must be submitted prior to the last date of employment. Upon the termination of an employee, all accounts for the employee, including remote access and email,must be immediately suspended or removed from all systems. 2. Notification for unplanned terminations must be communicated to Information Services to immediately disable the account. Security request forms are required for unplanned terminations, and must be approved by the department head,elected official,or designated person in the department to which the terminated employee was assigned. Sec. 9-3-30. Definitions. Add the following definitions: FTP means file transfer protocol. ISP means Internet Service Provider. VPN means virtual private network. Delete the following definitions: Sec. 9-3-40. Guidelines. Replace the entire section with the following: A. Responding to security incidents. All security incidents shall be reported to the IT Help Desk for immediate escalation. B. Responding to malfunctions and violations. All employees must play an active roll in helping to assure the security and quality of all County applications by reporting any continual malfunctions in software and hardware. In doing so,employees help to assure the optimum performance and availability of business systems. 1. Employee obligation to report software malfunction. Any employee that observes continual or recurring malfunctions in any County software must report the malfunction to their supervisor or the person responsible for that software. 2. Employee obligation to report hardware malfunction. Any employee that observes continual or recurring malfunctions in any County information system hardware must report the malfunction to their supervisor or the person responsible for hardware maintenance. 3. Employee obligation to report security and policy violations. Any employee that observes the violation of security and/or security policy is obligated to report the malfunction to their supervisor. C. Employee responsibility. The security, protection, and integrity of County information assets are a premier responsibility of all County employees and contractors. It is each employee's responsibility to fully understand the information security policies contained in this document and to apply these policies effectively to their daily practices and routines. Should an employee be unable to perform, or not fully understand any of the following policies,whether whole or in part, it is that employee's responsibility to alert his or her manager as to their difficulty or confusion with the policy or policies. It is each employee's duty and responsibility to report to their immediate supervisor any and all violations of these policies that he or she may have witnessed or have knowledge of. D. Manager responsibility. It is the responsibility of all managers to assure that all employees under their supervision fully understand and are in compliance with these information security policies. Managers are responsible for keeping their employees up-to-date on any changes regarding these policies. Should any employee consistently break company policy, it is that manager's responsibility to take disciplinary measures in accordance with applicable County disciplinary policies or procedures. It is the responsibility of all managers to ensure that all information assets under their domain are secured and managed in order to ensure compliance with relevant polices and procedures. E. Use of information systems and resources. Employees who are entitled to the usage of County computing systems to perform the necessary functions identified with their position, must not misuse or abuse computing systems and resources. 1. Compliance with software copyrights and licenses. All employees must comply with and respect the copyright laws and license agreements of the software licensed to the County for use on business computing systems. 2. Use of illegal software. Employees must not download and/or install pirated or illegal software that violates existing copyright or license agreements. 3. Use of non-approved software. The County strictly forbids the downloading or installation of non-county owned or licensed software on County computing systems without prior consent from a supervisor. 4. Acceptable use of passwords. Each password owner shall safeguard and protect each password they have created, or that is entrusted to them. Password sharing and account sharing is strictly prohibited. Writing down passwords is not an acceptable practice; however, if passwords must be written down,the information shall be stored securely and be accessible only by the owner. Storing passwords via electronic file or programmable function keys, scripts, macros or automated logon sequences is strictly prohibited. 5. Security of the computer desktop through locking practices and mechanisms. All users of a computing system must either lock the computer desktop or log off of the system when walking away from a computer terminal. Additionally,all computing systems covered by HIPAA must employ the use of a locking screensaver or similar mechanism to automatically enable after a minimum usage lapse of 5 minutes. 6. Transmission of sensitive information over unsecured networks. Employees must not send highly sensitive information over unsecured networks without the use of encryption to secure the transmission. Such examples would be, but not be limited to: a. Use of encryption when sending credit card information over the Internet(look for"https"in the web page URL to assure encryption). b. Sending confidential business information over unsecured, non-county networks. 7. Tampering with security mechanisms. All County computing systems must be equipped with security mechanisms to protect the information and resources of each system. Employees are not to temper with, reconfigure, or disable such mechanisms. Such mechanisms would include, but not be limited to anti-virus software, access controls. 8. Possession of offensive material. County employees are not permitted to access,view,download,upload,e-mail,store or print material that could be considered inappropriate, offensive or disrespectful to others. 9. Communication of personal opinions. Employees must refrain from expressing personal opinions or communicating in a way that could be embarrassing to the County while using County computing and communications systems. 10. Illegal access of computer systems. County computing systems must not be used to obtain illegal access to computer systems, to interfere with the normal operations of computer systems or to perform malicious acts against a computer system. 11. Unauthorized testing of computing system security. Employees must never test the security of computer systems, whether physical or logic based, without written permission from senior management of both the facility from where the test is being launched, and the facility where the system resides. The only exception to this is if such security testing is a known part of the employee's job description and function. 12. Disclosure of classified information. Employees must never disclose information that could be considered sensitive, classified or proprietary to unauthorized persons. 13. User Data Storage. All employees using a County issued computing workstation must store information relating to their job function on servers designated for that purpose. This data should not be stored locally on the workstation unless it is permitted by Information Services. 14. System Changes. Any software that allows configuration changes to networks, computers and other hardware or software, should only be installed by members of Information Services. F. Use of e-mail systems and resources. Based upon the requirements of an employee's job function, those with a legitimate business need for a county e-mail account are entitled to the use of county e-mail systems. Such usage is for enhancing productivity and communications. However, it is important that employees not misuse or abuse e-mail systems and resources. 1. Acceptable use of e-mail. The use of county e-mail systems and resources must be restricted to business purposes only. Incidental personal use is permissible if such use does not interfere with employee productivity,does not preempt any business activity,and does not consume more than a trivial amount of county resources. 2. Transmission of offensive messages. Employees must refrain from sending e-mail messages that may be considered lewd, offensive, or harassing by or to other people. 3. Transmission of hostile messages. Employees must refrain from sending e-mail messages that contain angry, violent, or threatening messages. 4. Transmission of disruptive messages. Employees must not participate in sending, forwarding, or responding to e-mails that are of a disruptive or coercive nature, such as the distribution of SPAM or chain letters. 5. Transmission of non-incidental, personal messages. Employees are not permitted to send messages involving the petition or solicitation for personal gain or interest. 6. Disclosure of login information. The county identifies passwords as highly sensitive information. Account owners must never divulge their e-mail account passwords and login information. 7. E-mail Privacy. All County e-mail is a public record and may be subject to public inspection. G. Use of Internet systems and resources. All employees who are granted Internet access are encouraged to use the Internet as part of their daily work environment. It is, however, important that employees not misuse or abuse County Internet resources, which could result in disciplinary action by the County. 1. Acceptable Internet connectivity. Employees are only permitted to access the Internet for County business, using County computing systems,through authorized County gateways. 2. Personal use of Internet connectivity. Use of County computing resources to access the Internet must be for legitimate business purposes only. Incidental personal use of Internet resources is permissible if the use does not interfere with employee productivity, does not preempt any business activity, and does not consume more than a trivial amount of County resources. 3. Affiliation with the County. Employees may make public their affiliation with the County in work related mailing lists, chat sessions, and other communication resources on the Internet. This affiliation may be accomplished directly or it may be implied; however, employees must indicate that such opinions expressed are their own and not necessarily those of the County. 4. Inappropriate use of Internet resources. Employees initiating or participating in communications of an inappropriate or unprofessional way, is strictly prohibited. Employees must refrain from the use of lewd,offensive or hostile language when communicating using county resources. Likewise, all Internet messages that are intended to harass, annoy or alarm persons are similarly prohibited. 5. Inappropriate use of Internet resources for illegal access. Employees are strictly prohibited from contacting or probing information systems,of County origin or otherwise,with the intent to gain unauthorized access. Similarly, employees must not attempt to disrupt or interfere with the operation or function of any information systems. 6. Generation of excessive internet traffic. To minimize network traffic, no automatic requests for information on the Internet and applications that generate constant network traffic, e.g., Internet radio stations, channels, music-sharing services, etcetera, are prohibited. H. Use of networked systems and resources. All employees of the County are granted access to the network. Employees will require access to the network for Internet access, network storage, Internet access,etcetera. It is important that employees not misuse or abuse this resource, which could result in disciplinary action by the County. 1. Unauthorized testing of computing system security. Employees must never test the security of network systems and resources, whether physical or logic based. The only exception to this is if such security testing is a known part of the employee's job description and function. 2. Disregard for security mechanisms. Employees must not attempt to bypass security mechanisms as a means for creating shortcuts or for the performance of pranks or practical jokes. 3. Unauthorized connections to non-county networks. It is strictly forbidden for employees to establish unauthorized connections to other non-county networks, public or private, while connected to a County network. This includes connecting to non-county wireless networks while connected to the County network. 4. Use of modems on network connected systems. Remote access systems, such as modems, are strictly prohibited. Such modems may be used for specific isolated purposes;however,it must remain in a disconnected state until the exact time that the system is needed. All modems must be registered with Information Services. 5. Use of encryption for highly sensitive information. Employees must be aware that when sending sensitive information over County or public networks that the County does not use encryption to protect the contents of such information by default. Therefore, it is the responsibility of all employees to take the necessary precautions to encrypt highly sensitive information when transmitting. 6. Network Privacy. County and Information Services employees must understand that all communications using County resources may be monitored for statistical, legal, and investigative purposes. County and Information Services employees should expect no right of privacy to communications made using County equipment and resources. Use of remote access (VPN). Remote access into County networks is only permissible through a County owned, Information Services administered, VPN (Virtual Private Network) solution. J. Compliance with legal requirements. All usage of commercial software within the County must conform to all requirements and restrictions imposed by the licenses. 1. Compliance with software licenses and copyrights. All proprietary software, either owned or purchased by the County, must be used in a way that does not violate the license or copyright protecting the software. 2. Maintenance of software licenses. All commercial software licenses must be maintained to assure that any violation of such licenses does not occur due to the inability to track or control the use of software licensed to the County. Installations of software must be documented and the licenses of such software inventoried. 3. Use of pirated or stolen software. Installation of pirated or stolen software on County information computing systems is expressly prohibited. 4. Recording of communications. Employees shall not record any communications without the disclosure of the recording and the specific consent of all persons involved in the communication. This includes, but is not limited to: a. Telephone conversations. b. Teleconferences. c. Video Conferences. Sec. 9-3-50. Roles and responsibilities. A through B - No change. C. The role of the County departments and agencies is as follows: 1. It is the responsibility of all managers to assure all employees under their supervision fully understand,and are in compliance with,the County policies. Managers are responsible for keeping employees up-to-date on any changes regarding these policies. Should any employee consistently break County policy, it is that ma nager's responsibility to take disciplinary measures in accordance with applicable County disciplinary policies or procedures. It is the responsibility of all managers to ensure all information assets under their domain are secured, managed, and employee access is limited to job-specific data. 2. Provide for training of employees who need access. 3. Budget for service and associated training, if needed. 4. Establish their own data sensitivity policy. Sec. 9-3-70. Weld Network and Internet Security. Replace the entire section with the following: A. Weld County relies on internet filtering tools to restrict access to appropriate web sites for County employees. B. Department Heads or Elected Officials are the only authority who can request changes to the default filter restrictions applied to their employees Internet access (Appendix 9-B). C. The following remote/Internet security guidelines shall be followed: 1. All remote access falls under the guidelines of the Acceptable Use Policy. 2. The user shall make sure that any related passwords are secure, and shall not share the passwords or write passwords on paper. Each password owner shall safeguard and protect each password they have created, or that is entrusted to them. Password sharing and account sharing is strictly prohibited. Storing passwords via electronic file or programmable function keys, scripts, macros or automated logon sequences is strictly prohibited. Each individual with approved access to County information computing systems and resources is responsible for creating original, unique and complex passwords(something known only to them and not easily guessed) for each account. 3. The user is responsible for securing their remote access information. Sharing remote access in strictly prohibited. 4. All remote devices and access should be turned off when not being used, such as VPN or modem. The user should be aware that if he or she has a modem and is on the County network, it is possible for a virus to attack any or all networked computers. If the modem is external, it shall be turned off when not in use. Add Section 9-3-75, as follows: Sec. 9-3-75. Physical and Environmental Security Policy. A. Internal security operations. All offices and office areas within Weld County facilities must be secured, as appropriate, to prevent unauthorized access to county information computing systems, resources and network, including the wireless network. 1. A County-wide standard has been developed for wireless access and all equipment. This standard includes access points, wireless cards and all other related equipment. Equipment must be purchased by Information Services. (See Section 9-1-90.) a. Only County devices with approved wireless cards are allowed on the wireless network. b. Only County employees will be given wireless access. c. The "Computing Device Request Form" (Appendix 9-D) must be completed and approved by governance. d. Approved devices will need to be configured by Information Services for secure access to the County wireless network. e. All policies and procedures for accessing the County network apply for wireless access. B. Computing in public and untrusted zones. Weld County operates several computing systems in public access areas and within the County jail for inmate use. Exposures to the County by the use of these systems must be fully understood and all known exposures mitigated. 1. Public computing systems. Weld County operates several public access computers,which are available for use by the public,within the Weld County facilities. These systems,due to the uncontrolled nature of their use, must be segregated to an isolated or physically separate segment of the Weld County network. All access to internal county resources must be tightly controlled and limited to prevent any misuse of these systems. Auditing must be enabled on these systems. Users of these systems must be aware of the specificity and sanctions imposed on these computing systems. 2. Inmate computing systems. Weld County provides several computers for the use of inmates within the County jail. Due to the uncontrolled use of these systems,all inmate computing systems must only maintain a minimal set of computer resources to prevent abuse of such systems and resources. This would include: a. Computers must not maintain any unnecessary ports or peripherals, including a CD-ROM drive, floppy drive, serial ports, USB ports, modem, or other non-essential interfaces. b. Computers must not have access to other computing systems or servers, except to accomplish the specific purpose for the inmate computing systems. c. Computers must not have Internet access. d. Network access must be segregated from the other County network segments. 3. Security zones. Specified areas within a facility that are designated as performing critical functions or contain sensitive information or systems, must make use of security mechanisms and procedures greater than those used for areas of lesser criticality or sensitivity. These zones must be isolated by security controls of reduced permission from the general facility population. Permission must be based on the need to physically access the area for a job function. Such security zones would include: a. Server room. b. Communications closet. C. Equipment security. All information computing equipment, and any information contained or processed by the equipment, must be reasonably protected from damage, interruption and interception. 1. Protection from power interruptions. All sensitive electronic equipment must be reasonably protected from interruptions of the power supply including power fluctuations, power surges, brownouts, and short and long-term losses. Equipment performing critical functions should have additional or increased protection from power interruptions. 2. Safety and protection of electrical and communications cabling. All electrical power and telecommunications cabling must be run observing all local codes and requirements to prevent such cabling from becoming hazardous to environments and personnel. All communications cabling must be reasonably protected from tampering or interception of communications. 3. Secure disposal of computing equipment. All Weld County computing equipment and peripherals must be disposed of securely to prevent unauthorized access to any residual company information. a. Hard drives. Prior to the disposal of any hard drive or disk drive,the device must either be physically destroyed or formatted to current Department of Defense standards. b. Optical media. Prior to the disposal of any optical media, such as CD-ROMs, DVD, and ZIP or Jaz cartridges, these devices must be physically destroyed. This may be accomplished through the use of shredding or incineration. The optical disc itself must be cut with scissors or repeatedly scratched in circular motions over the disc. c. Analog media. Prior to disposal, all analog media must be completely destroyed. Floppy diskettes must either be shredded in a large paper shredder or cut with scissors. Backup tapes should be dismantled with the actual tape shredded or burned (usually this is best performed by a licensed media destruction contractor). d. RAM. Prior to disposal,all Random Access Memory modules must be destroyed. This includes all memory devices such as memory from computers, memory from printers and FAX machines, or other memory devices. This is most commonly accomplished through the use of a hammer where the device is repeatedly struck to physically smash the memory chips. IMPORTANT NOTICE: When manually destroying a media device, always use protective eyewear and apply common sense to avoid physical injury. Sec. 9-3-80. Acceptable use guidelines. A- No change. B. General. 1. County departments assume responsibility for providing reasonable publicity and enforcement for this "Internet Acceptable Use Policy". Ultimate responsibility for traffic that does not conform to this policy lies with the individual end user. It is the responsibility of the County agency to monitor and rectify the behavior of its users who disregard this policy. 2. It is also the responsibility of each County department to provide adequate training for its users. 3. The Department of Information Services and the County accept no responsibility for the traffic which they transport and which violates the Acceptable Use Policy of any connected networks, beyond informing the County if and when a violation is brought to the attention of the Information Services Governance Committee. 4 through 5 - No change. 6. Because of the diversity of resources on the Internet and other public networks,it is impossible to list all the do's and don'ts. In general,common sense should be used to judge situations. The following are some guidelines to start with: a. Computing resources should be used only for County-related business in the support of the administrative,instructional, research and public service objectives of the County. b. Appropriate use of resources is limited to the official work of theCounty. Examples of inappropriate use of resources include, but are not limited to: 1 through 5 - No change. 6) Attempts to make unauthorized entryon the County network. 7 through 10 - No change. 11) Any other activity that can be considered mis-use or harmful to the County network. c. Employees must never test the security of computer systems, whether physical or logic based, without written permission from senior management of both the facility from which the test is being launched and the facility where the system resides. The only exception to this is if such security testing is a known part of the employee's job description and function. 7. No change. 8. All County departments must accept these guidelines and understand that network traffic originating from its location is to be consistent with this policy. The Department of Information Services cannot police the network but may refer to the appropriate Elected Official or Department Head for disciplinary action any agency that appears to be in persistent and/or serious abuse of this policy. Questions pertaining to the policy or interpretation of the policy should be submitted to the Information Services Governance Committee. 9. No change. C. Participation in discussion groups. 1. No change. 2. The user must be aware that the information he or she puts out on the Internet will be perceived as the official County position unless specifically identified as personal opinion,even in a discussion. If the user is offering his or her own opinion, he or she shall be sure it is clearly identified as such. 3. No change. D. No change. E. All County devices are configured for Internet access unless specifically requested by the department head or elected official. Sec. 9-3-90. Web server guidelines. A. Review. The Department of Information Services and the Governance Committee will review all Web access and Web content proposals to ensure the project adheres to all guidelines set forth in this Section. B. Initial approval. Any proposed Web access must be submitted to the Information Services Governance Committee for initial approval of the proposed project. The following information must be provided to the Department of Information Services for review and assistance in submitting the initial request to the Governance Committee. 1. State the general purpose of the project and how it relates to County business. 2. Define the scope of the project, including what information is going to be made available, to whom it will be available, the sensitivity level of the information, and the identity of the targeted user. 3. Identify any County data accessed not located on the Web server and how the data will be used. 4. Identify the designated contact person within the department for this project, who will be responsible for maintaining current information. 5. Identify the security requirements of the project. C. No change. Sec. 9-3-100. Use of electronic mail. Electronic mail(e-mail)is defined as any message that is transmitted electronically between two(2)or more computers or terminals,whether stored digitally or converted to hard(paper)copy. Under Part 2,Article 72,Title 24,C.R.S.,e-mail messages may be considered public records and may be subject to public inspection, pursuant to Section 24-72-203, C.R.S. All computer-related information, including e-mail messages and/or digitally stored documents, are the property of the County and are considered the County's records even if the information resides on privately owned devices. County e-mail may not be forwarded to employee's personal e-mail accounts. Sec. 9-3-110. Employee access to e-mail. A. All County employees with a need are assigned an e-mail address for County business. Sec. 9-3-120. Employee conduct with e-mail. As with any County property or equipment, e-mail should be used for official County business only. Incidental and occasional personal use of e-mail is permitted. However, strictly forbidden e-mail usage includes use for personal profit or gain;transmission of political messages; solicitation of funds for political or other purposes; or sending of harassing messages. A. Employees must refrain from sending e-mail messages that may be considered lewd, offensive, or harassing by, or to, other people. B. Employees must refrain from sending e-mail messages that contain angry,violent, or threatening messages. C. Employees must not participate in sending,forwarding,or responding to e-mails that are of a disruptive or coercive nature, such as the distribution of spam or chain letters. D. The County identifies passwords as highly sensitive information. Account owners must never divluge their e-mail account passwords and login information. E. Employees must never share e-mail accounts. ARTICLE VI GIS System Products and Services Sec. 9-6-60. Service products and services. A- No change. B. The following identify the products and services that are proposed for availability to the public as the GIS system is developed: 1 - No change. 2. Arc Macro Language (AML) products (programs, menus, computer programs, forms and written procedures)developed for the administration of the system may be made available to customers and other County agencies,departments and appointed and elected offices. No maintenance of the products is planned to be furnished by the County. Such products are to be furnished as is,and the decision to release such products is solely at the discretion of the County. Such products are available to customers by license agreement and to other County agencies, departments and appointed and elected offices. It is not intended that custom programs, etcetera, required for the sole use of the customer will be developed by the GIS Division. No change to remainder of section. Sec. 9-6-70. Rates and charges. A - No change. B. Rates and charges for custom products, regular, on-going system services, and technical assistance. 1 through 2 - No change. 3. The rates to be charged for GIS products, subscription services, AML products and digital data are set forth in the Products and Rate Schedule set out at Appendix 5-F of this Code. 4 - No change. 5. All charges are due and payable and shall be collected at the time the order for products and services is taken,except as otherwise might be established by contract or license agreement. No change to remainder of section. ARTICLE VII Workstation Remote Control Policy Sec. 9-7-20. Definitions. Revise definition of"Remote control software", as follows: Remote control software: Any software used that enables remote workstations(a second workstation)to be viewed, controlled or updated remotely,without being physically at the second workstation. Sec. 9-7-30. Statement of policy. A through K - No change. L. In addition, other components of the workstation application make it possible to implement mass changes,fixes,or updates to all County workstations automatically. Updates will be scheduled weekly. It is the end user's responsibility to support regular maintenance to their workstations to keep workstations secure and running at optimal performance. This requires end users to adhere to Information Services guidelines,such as re-booting,etcetera,associated with the maintenance. Unless under emergency conditions where the IT infrastructure can be corrupted or damaged, the activity will be scheduled on a weekly basis. M. Each occurrence where remote control software is utilized to diagnose or resolve a workstation issue will be logged using Information Services Help Desk call tracking procedures. N - No change. Sec. 9-7-40. Procedure. A. To initiate a remote control session,support staff must first make an attempt to get approval from the end user to take control of his or her workstation. Approval can be obtained multiple ways, e.g., phone, e-mail, etcetera. B through E - No change. F. If the end user is not present when the remote control session ends, the support staff should follow up with the end user, indicating the date and time the session was held, a brief description of work performed, and whom to contact if there are questions. This follow up should be by e-mail or phone message. ARTICLE VIII PERSONAL COMPUTING DEVICES Sec. 9-8-30. Statement of Policy. A through B - No change. C. Guidelines. 1 through 3 - No change. 4. To be considered for approval of linking or communicating with the County network, the personal computing device must meet County hardware and software standards, as well as wireless standards, established by the Information Services Governance Committee. Requests failing to meet County standards will result in denial of access to the County network. 5 through 9 - No change. 10. All personally owned devices must be in full operational order prior to requesting the installation of synchronization software on the user's desktop personal computer. 11. If an employee is planning to purchase a personal computing device and wants to synchronize/link it with the County network, it is the employee's responsibility to meet County standards, receive approval from the Elected Official or Department Head, and confirm any County funding of any additional required hardware and/or synchronization software. Approvals should be obtained prior to any purchase. 12 - No change. 13. For an employee to synchronize or link personal computing devices with the County network,the user and personal computing device must be registered as a user with the Information Services Department. 14. The County does not guarantee continued compatibility with any hardware device or software being utilized in this environment and is not liable for personal expenses incurred. 15. The County or Information Services is not responsible for any damage to personally owned hardware or software that may be incurred while supporting the personal computing device or related software. 16. Abuse of this policy can result in removal of authorization to have a personal computing device link or communicate with the County network. Continued abuse of this policy could lead to employee disciplinary actions, including termination of employment. Sec. 9-8-40. Procedure. A- No change. B. Any County employee wishing to synchronize a personal computing device with a desktop personal computer or link it with the County network must first have it approved by his or her Elected Official or Department Head. There must be a clear business need to approve the request. 1 through 2 - No change. 3. The requesting user must sign the Personal Computing Device Request Form explaining the County's right to review any information contained on the device. This form is available from the Information Services Department. Along with the user's signature,the employee's full name,device make and model, operating system and serial number shall be provided. (See Appendix 9-D.) C. Information Services will review the information on the Computing Device Request Form to ensure the hardware and software meet County standards. Information Services will inform the employee of approval or denial. D. If hardware or software purchases are involved, purchases will be made after the Information Services Governance Committee approvals have been obtained. 1. Information Services will process approved requests by ordering and receiving County standard equipment. 2 - No change. E through F - No change. G. Personal Computing Device Standards. 1. Technology standards will be determined by the Information Services Governance Committee and the Board of Weld County Commissioners. 'twill be the responsibility of Information Services to follow those standards when reviewing requests for personal computing devices and purchasing those devices. Revise Appendix 9-A, Information Services Function Sub-Committees, as attached. Revise Appendix 9-B, Computer Security Request Form, as attached. Revise Appendix 9-C, GIS Functional Subcommittees, as attached. Add Appendix 9-D, Computing Device Request Form, as attached. Add Appendix 9-E, Websense Internet Filter Removal Request Form, as attached. BE IT FURTHER ORDAINED by the Board that the Clerk to the Board be, and hereby is, directed to arrange for Colorado Code Publishing to supplement the Weld County Code with the amendments contained herein, to coincide with chapters, articles, divisions, sections, and sub sections as they currently exist within said Code;and to resolve any inconsistencies regarding capitalization,grammar, and numbering or placement of chapters,articles,divisions,sections, and sub-sections in said Code. BE IT FURTHER ORDAINED by the Board if any section,subsection, paragraph,sentence, clause, or phrase of this Ordinance is for any reason held or decided to be unconstitutional, such decision shall not affect the validity of the remaining portions hereof. The Board of County Commissioners hereby declares that it would have enacted this Ordinance in each and every section, subsection, paragraph, sentence, clause, and phrase thereof irrespective of the fact that any one or more sections, subsections, paragraphs, sentences, clauses, or phrases might be declared to be unconstitutional or invalid. NOTICE PURSUANT to the Weld County Home Rule Charter,Ordinance Number2005-13 published above, was introduced and, on motion duly made and seconded, approved upon first reading on October 24, 2005. A public hearing and second reading is scheduled to be held in the Chambers of the Board, First Floor Hearing Room, 915 10th Street, Greeley, Colorado 80631, on November 16, 2005. All persons in any manner interested in the reading of said Ordinance are requested to attend and may be heard. Please contact the Clerk to the Board's office at phone (970) 336-7215, Extension 4225, or fax (970)352-0242, prior to the day of the hearing if,as the result of a disability,you require reasonable accommodations in order to participate in this hearing. Any backup material, exhibits or information previously submitted to the Board of County Commissioners concerning this matter may be examined in the office of the Clerk to the Board of County Commissioners,located in the Weld County Centennial Center,Third Floor,915 10th Street, Greeley,Colorado, between the hours of 8:00 a.m. and 5:00 p.m., Monday thru Friday,or may be accessed through the Weld County Web Page(www.co.weld.co.us). E-Mail messages sent to an individual Commissioner may not be included in the case file. To ensure inclusion of your E-Mail correspondence into the case file, please send a copy to charding@co.weld.co.us. SECOND READING:November 16, 2005, at 9:00 a.m. THIRD READING: December 7, 2005, at 9:00 a.m. BOARD OF COUNTY COMMISSIONERS WELD COUNTY, COLORADO DATED: October 28, 2005 PUBLISHED: November 2, 2005, in the Fort Lupton Press WELD COUNTY 3. Inform users in advance of PROOF OF PUBLICATION CODE ORDINANCE 2005-13 governance approved changes to IN THE MATTER OF REPEALING hardware, software and related FORT LUPTON N AND REENACTING, WITH resources which may affect their AMENDMENTS, CHAPTER 9 systems. STATE OF COLORADO INFORMATION SERVICES, OF s-16-Nochange. THE WELD COUNTY CODE 17. Allow for testing of new ..-aE IT ORDAINED BY THE systems and major enhancements COUNTY OF WELD SS. ARD OF COUNTY and technology prior to production ,MMISSIONERS OF THE implementation. OUNTY OF WELD, STATE OF 18. Control and coordinate the COLORADO: funding for projects. WHEREAS, the Board of County Remainder of Section-renumber. Commissioners of the County of ARTICLE II I, Karen Lambert, do solemnly swear that I Weld,State of Colorado,pursuant INFORMATION SERVICES to Colorado statute and the Weld GOVERNANCE COMMITTEE am the Publisher of the Fort Lupton Press; County Home Rule Charter, is Sec.9-2-30.Role. that the same is a weekly newspaper rinted vested with the authority of The role of the Informationp administering the affairs of Weld Services Governance Committee County,Colorado,and includes theC-ollowing: and published in the County of Weld, State WHEREAS, the rs,on December rd of cembernty D. Identify ChNochange. Commissioners,on December 28, D. Identity the annual information of Colorado, and has a general circulation 2000,adopted Weld County Code system priorities and related therein; that said newspaper has been Ordinance 2000-1, enacting budgetary impact. These priority comprehensive Code for the recommendations will become an County of Weld, including the integral part of the budget process published continuously and uninterruptedly codification of all previously subject to adjustment during adopted ordinances of a general budget budget option, and in said county of Adams for a period of more and permanent nature enacted on upon final budget approval,will be than fifty-two consecutive weeks prior to the or before said date of adoption, established as part of the y' and Department of Information WHEREAS, the Weld County Services annual work program.All first publication of the annexed legal notice Code is in need of revision and projects must be reviewed and clarification with regard to approved by the Information or advertisement; that said newspaper has procedures, terms, and Services Govemance Committee been admitted to the United States mails as requirements therein. before they can be added to the NOW, THEREFORE, BE IT Information Services annual work ORDAINED by the Board of plan. second-class matter under the provisions of County Commissioners of the E through G-No change. County of Weld,StateofColorado, Sec. 9-2-80 Purpose and the act of March 3, 1879, or any that Cha pter Chapter 9, Information structure of subcommittees. es. Services,of the Weld County Code CA. The h B No change. amendments thereof, and that said be and hereby is, repealed , to responsibilities rofe the newspaper is a weekly newspaper duly re-enacted, with amendments, to functional subcommittees are to: read as follows.9 5 through 4-Nouser change. CHAPTERS 5. Ensure that user department qualified for publishing legal notices and INFORMATION SERVICES systems design deosions are Throughout Chapter 9, replace made in accordance with annual advertisements within the meaning of the "The Department of Information information system work plans and laws of the State of Colorado. That the Services" with 'Information approved project schedules. Services". 6 through 8-No change. Throughout Chapter 9, replace ARTICLE III annexed legal notice or advertisement was "SCE" Corporation with "ACS" COUNTY NETWORK AND corporation. INTERNET ACCEPTABLE USE published in the regular and entire issue of committ Ca 'Human replace thees" POLICY every number of said weekly newspaper for rcommlth a Services. Sec.The Dap General Infer ono. hr ugholut and Human Services". S. ic Department i Information the period of 1 consecutive insertions , and Throughout Chapter 9, replace Services, in conjunction with the "Geographical Information System Information Services Governance that the first publication of said notice was in (GIS) Division" with "GIS", and Committee, has taken the replace"the Division'with"GIS". necessary steps to provide a ARTICLE I County Network and Internet the issue of newspaper, dated 2nd day of INFORMATION SERVICES Acceptable Use Policy on use of November 2005, and the last on the 2nd Sec.9-1-70.Specific duties and the Internet by County agencies , day responsibilities of Governance and departments. Any County Committee. agency or department eligible for, of November, 2005. A through G-No change. and having funding for, the Weld H. Communication and County network or the Internet will enforcement of policies and be provided with access under the procedures. terms and conditions of this policy. Sec.9-1-80.Specific duties and B through C-No change. responsibilities of users. D. This policy applies to any The specific duties and activity performed from a responsibilities of each user are as County-owned asset and to all follows: County employees or contracted A.General responsibilities: agents of the County performing 1. Designate a management level work activities on behalf of the position to act as a liaison between County.Work activities conducted the user department, Govemance from remote devices or even Committee and Information personally owned devices are Services. subject to this policy. The policy 2 through 3-No change. applies to electronic B.No change. communications on County C. New system development networks and public networks responsibilities: including, but not limited to, the 1 through 5-No change. following: 6. Maintain communication a with I.Electronic Communications: --` Information Services s attending a.E-mail. regularly scheduled management b.File transfer(FTP). review meetings. c. Remote login, including VPN, Sec.9-1-90.Specific duties and and Citnz. r, Cu,blis er. u scn a an rn be re me, this the responsibilltlesof information d.Remote control software. Services via contract services. e. Discussion groups/bulletin .- ' ', ay of October, 2005. The following specific duties will be boards. '-f. 4 assigned to the Department of f. World Wide Web, web sery '•`'?' \• Information Services: wide area information se i l \ I A and B No change.spa g. e } O.Direct action responsibilities: g. Personal computing devi �S t 1. Represent the County to including Blackberrys, PDA's d t rVk vendors of computer and data cell phones. i i;(_ ‘ ,_ ommunications equipment, h. Digital type devices that 'stems and services. communicate with rso t ublc- pk dti•. ar-"all"> computers or public networks t a _. Provide for the acquisition and I. H3xx, such as video `tiR_7 ,^, '>c• administration of personnel, conferencing.o ing. VT`+•`W�. hardware, software, contracts, j.Voice over IP(VOIP). grants and related services 2.Public Networks: '" 77"..,..,, necessary to support the clear-"all"> Lily SI O �''' information services requirements a.Internet and Internet Services. I — of any user or the County in b.Internet Service Providers. general. c.Bulletin board systems. CASE NO.370207 key 21409 d.Weld County network. or recuning malfunctions in any the use of a locking screensaver or 2. Transmission of offensive e.On-line search services. County information system similar mechanism to automatically messages.Employees must refrain Sec.9-3-20.Introduction. hardware must report the enable after a minimum usage from sending e-mail messages that Weld County network access and malfunction to their supervisor or lapse of 5 minutes. may be considered lewd,offensive, Internet access can provide the person responsible for 6. Transmission of sensitive or harassing by or to other people. significant business benefits for hardware maintenance. information over unsecured 3. Transmission of hostile County government agencies. 3. Employee obligation to report networks. Employees must not messages.Employees must refrain .,,Uowever,there are also significant security and policy violations.Any send highly sensitive information from sending e-mail messages that al, security and productivity employee that observes the over unsecured networks without contain angry, violent, or ues related to how the Internet violation of security and/or security the use of encryption to secure the threatening messages. ,s used. Examples of such issues policy is obligated to report the transmission. Such examples 4. Transmission of disruptive are listed below. malfunction to their supervisor. would be,but not be limited to: messages. Employees must not A. The potential to receive C. Employee responsibility. The a.Use of encryption when sending participate in sending,forwarding, computer viruses Trojans, worms security,protection,and integrity of credit card information over the or responding to e-mails that are of and spyware from Internet County information assets are a Internet(look for"https"in the web a disruptive or coercive nature, information sources. premier responsibility of all County page URL to assure encryption). such as the distribution of SPAM or B through F-No change. employees and contractors. It is b. Sending confidential business chain letters. Sec. 3-2-25. Authorized County each employee's responsibility to information over unsecured, 5. Transmission of Network Access. fully understand the information non‑county networks. non‑incidental, personal A. Secure New Employee security policies contained in this 7. Tampering with security messages. Employees are not Accounts.Authorized access to the document and to apply these mechanisms.All County computing permitted to send messages County network for new employees policies effectively to their daily systems must be equipped with involving the petition or solicitation must be approved by the practices and routines. Should an security mechanisms to protect the for personal gain or interest. department head, elected official, employee be unable to perform,or information and resources of each 6. Disclosure of login information. or designated person in the not fully understand any of the system. Employees are not to The county identifies passwords as department. Requests for new following policies, whether whole temper with,reconfigure,or disable highly sensitive information. employee security or changes to or in part, it is that employee's such mechanisms. Such Account owners must never existing security must be submitted responsibility to alert his or her mechanisms would include,but not divulge their e-mail account using the Security Request Form manager as to their difficulty or be limited to anti8#8209;virus passwords and login information. (Appendix 9‑B). confusion with the policy or software,access controls. 7. E-mail Privacy. All County 1. Requests for new employee policies.It is each employee's duty clear—"all"> 08#8209:mail is a public record security must be submitted in and responsibility to report to their 8. Possession of offensive and may be subject to public advance - - at least three days immediate supervisor any and all material. County employees are inspection. prior to hire date, and signed by violations of these policies that he not permitted to access, view, G. Use of Internet systems and department head, elected official, or she may have witnessed or download,upload,e-mail,store or resources.All employees who are or designated person. have knowledge of. print material that could be granted Internet access are 2. All documentation authorizing D.Manager responsibility.It is the considered inappropriate,offensive encouraged to use the Internet as user access to controlled responsibility of all managers to or disrespectful to others. part of their daily work computing and information assure that all employees under 9. Communication of personal environment. It is, however, resources must be archived and their supervision fully understand opinions. Employees must refrain important that employees not retrievable upon request for all and are in compliance with these from expressing personal opinions misuse or abuse County Internet active accounts. Requests will be information security policies. or communicating in a way that resources, which could result in retained for a period of five years. Managers are responsible for could be embarrassing to the disciplinary action by the County. 3. Requested access must be keeping their employees County while using County 1.Acceptable Internet connectivity. approved by the owner of the data. up‑to‑date on any computing and communications Employees are only permitted to 4.Login passwords must meet the changes regarding these policies. systems. access the Internet for County County required standard, as set Should any employee consistently 10. Illegal access of computer business,using County computing forth in Section 9-3-70. break company policy, it is that systems. County computing systems, through authorized 5. Generic and shared accounts manager's responsibility to take systems must not be used to County gateways. are strictly prohibited.All UserlD's disciplinary measures in obtain illegal access to computer 2. Personal use of Internet must uniquely identify users to the accordance with applicable County systems, to interfere with the connectivity. Use of County system. disciplinary policies or procedures. normal operations of computer computing resources to access the B.Secure Employee Terminations. It is the responsibility of all systems or to perform malicious Internet must be for legitimate 1. All security requests for managers to ensure that all acts against a computer system. business purposes only.Incidental ""ployee terminations within the information assets under their 11. Unauthorized testing of personal use of Internet resources mty's operations must be domain are secured and managed computing system security. is permissible if the use does not omitted prior to the last date of in order to ensure compliance with Employees must never test the interfere with employee employment.Upon the termination relevant polices and procedures. security of computer systems, productivity,does not preempt any of an employee, all accounts for E.Use of information systems and whether physical or logic based, business activity, and does not the employee, including remote resources. Employees who are without written permission from consume more than a trivial access and email, must be entitled to the usage of County senior management of both the amount of County resources. immediately suspended or computing systems to perform the facility from where the test is being clear="all"> removed from all systems. necessary functions identified with launched, and the facility where 3. Affiliation with the County. 2. Notification for unplanned their position, must not misuse or the system resides. The only Employees may make public their terminations must be abuse computing systems and exception to this is if such security affiliation with the County in work communicated to Information resources. testing is a known part of the related mailing lists,chat sessions, Services to immediately disable 1. Compliance with software employee's job description and and other communication the account. Security request copyrights and licenses. All function. resources on the Internet. This forms are required for unplanned employees must comply with and 12. Disclosure of classified affiliation may be accomplished terminations, and must be respect the copyright laws and information. Employees must directly or it may be implied; approved by the department head, license agreements of the software never disclose information that however,employees must indicate elected official, or designated licensed to the County for use on could be considered sensitive, that such opinions expressed are person in the department to which business computing systems. classified or proprietary to their own and not necessarily the terminated employee was 2. Use of illegal software. unauthorized persons. those of the County. assigned. Employees must not download 13. User Data Storage. All 4. Inappropriate use of Internet Sec.9-3-30.Definitions. and/or install pirated or illegal employees using a County issued resources. Employees initiating or Add the following definitions: software that violates existing computing workstation must store participating in communications of FTP means file transfer protocol. copyright or license agreements. information relating to their job an inappropriate or unprofessional ISP means Internet Service 3. Use of non8#8209;approved function on servers designated for way, is strictly prohibited. Provider. software. The County strictly that purpose.This data should not Employees must refrain from the VPN means virtual private network. forbids the downloading or be stored locally on the workstation use of lewd, offensive or hostile Delete the following definitions: installation of non‑county unless it is permitted by language when communicating Sec.9-3-40.Guidelines. owned or licensed software on Information Services. using county resources. Likewise, Replace the entire section with the County computing systems without 14.System Changes.Any software all Internet messages that are following: prior consent from a supervisor. that allows configuration changes intended to harass,annoy or alarm A. Responding to security 4. Acceptable use of passwords. to networks, computers and other persons are similarly prohibited. incidents. All security incidents Each password owner shall hardware or software,should only 5. Inappropriate use of Internet shall be reported to the IT Help safeguard and protect each be installed by members of resources for illegal access. Desk for immediate escalation. password they have created, or Information Services. Employees are strictly prohibited B.Responding to malfunctions and that is entrusted to them. F. Use of e-mail systems and from contacting or probing violations.All employees must play Password sharing and account resources. Based upon the information systems, of County an active roll in helping to assure sharing is strictly prohibited. requirements of an employee's job origin or otherwise,with the intent the security and quality of all Writing down passwords is not an function, those with a legitimate to gain unauthorized access. County applications by reporting acceptable practice; however, if business need for a county e-mail Similarly, employees must not any continual malfunctions in passwords must be written down, account are entitled to the use of attempt to disrupt or interfere with software and hardware, In doing the information shall be stored county e-mail systems. Such the operation or function of any so, employees help to assure the securely and be accessible only by usage is for enhancing productivity information systems. optimum performance and the owner. Storing passwords via and communications. However, it 6.Generation of excessive internet availability of business systems. electronic file or programmable is important that employees not traffic.To minimize network traffic, 1. Employee obligation to report function keys, scripts, macros or misuse or abuse e-mail systems no automatic requests for software malfunction. Any automated logon sequences is and resources. information on the Internet and •--^Thployee that observes continual strictly prohibited. 1. Acceptable use of e-mail. The applications that generate constant recurring malfunctions in any 5. Security of the computer use of county e-mail systems and network traffic, e.g., Internet radio aunty software must report the desktop through locking practices resources must be restricted to stations, channels, malfunction to their supervisor or and mechanisms. All users of a business purposes only.Incidental music‑sharing services, the person responsible for that computing system must either lock personal use is permissible if such etcetera,are prohibited. software. the computer desktop or log off of use does not interfere with H.Use of networked systems and clear-"all"> the system when walking away employee productivity, does not resources. All employees of the 2. Employee obligation to report from a computer terminal. preempt any business activity,and County are granted access to the hardware malfunction. Any Additionally,all computing systems does not consume more than a network. Employees will require employee that observes continual covered by HIPAA must employ trivial amount of county resources. access to the network fordint ari .370207 key 21409 access, network storage, Internet b.Teleconferences. allowed on the wireless network. be run observing all local codes access, etcetera. It is important c.Video Conferences. clearer"all"> and requirements to prevent such that employees not misuse or Sec. 9-3-50. Roles and b. Only County employees will be cabling from becoming hazardous abuse this resource, which could responsibilities. given wireless access. to environments and personnel.All result in disciplinary action by the A through B-No change. c.The'Computing Device Request communications cabling must be County. C. The role of the County Form' (Appendix 9-0) must be reasonably protected from 1. Unauthorized testing of departments and agencies Is as completed and approved by tampering or interception of ..computing system security. follows: govemance. communications. iployees must never test the 1. It is the responsibility of all d. Approved devices will need to 3. Secure disposal of computing ;urity of network systems and managers to assure all employees be configured by Information equipment. All Weld County resources, whether physical or under their supervision fully Services for secure access to the computing equipment and logic based.The only exception to understand,and are in compliance County wireless network. peripherals must be disposed of this is if such secunty testing is a with, the County policies. e. All policies and procedures for securely to prevent unauthorized known part of the employee's job Managers are responsible for accessing the County network access to any residual company description and function. keeping employees up-to-date on apply for wireless access. information. 2. Disregard for security any changes regarding these B. Computing in public and a.Hard drives.Prior to the disposal mechanisms.Employees must not policies. Should any employee untrusted zones. Weld County of any hard drive or disk drive,the attempt to bypass security consistently break County policy,it operates several computing device must either be physically mechanisms as a means for is that managers responsibility to systems in public access areas destroyed or formatted to current creating shortcuts or for the take disciplinary measures in and within the County jail for Department of Defense standards. performance of pranks or practical accordance with applicable County inmate use. Exposures to the clear=alr> jokes. disciplinary policies or procedures. County by the use of these b. Optical media. Prior to the 3. Unauthorized connections to It is the responsibility of all systems must be fully understood disposal of any optical media,such non‑county networks. It is managers to ensure all information and all known exposures mitigated. as CD‑ROMs, DVD, and strictly forbidden for employees to assets under their domain are 1.Public computing systems.Weld ZIP or Jaz cartridges, these establish unauthorized connections secured, managed, and employee County operates several public devices must be physically to other none#8209;county access is limited to access computers, which are destroyed, This may be networks, public or private, while job8#8209;specifc data. available for use by the public, accomplished through the use of connected to a County network. 2. Provide for training of within the Weld County facilities. shredding or incineration. The This includes connecting to employees who need access. These systems, due to the optical disc itself must be cut with none#8209;county wireless 3. Budget for service and uncontrolled nature of their use, scissors or repeatedly scratched in networks while connected to the associated training,if needed. must be segregated to an isolated circular motions over the disc. County network. 4. Establish their own data or physically separate segment of c.Analog media.Prior to disposal, 4. Use of modems on network sensitivity policy. the Weld County network. All all analog media must be connected systems. Remote Sec. 9-3-70. Weld Network and access to internal county completely destroyed. Floppy access systems,such as modems, Internet Security. resources must be tightly diskettes must either be shredded are strictly prohibited. Such Replace the entire section with the controlled and limited to prevent in a large paper shredder or cut modems may be used for specific following: any misuse of these systems. with scissors.Backup tapes should isolated purposes; however, it A. Weld County relies on Internet Auditing must be enabled on these be dismantled with the actual tape must remain in a disconnected filtering tools to restrict access to systems. Users of these systems shredded or bumed(usually this is state until the exact time that the appropriate web sites for County must be aware of the specificity best performed by a licensed system is needed. All modems employees. and sanctions imposed on these media destruction contractor). must be registered with Information B. Department Heads or Elected computing systems. d. RAM. Prior to disposal, all Services. Officials are the only authority who 2. Inmate computing systems. Random Access Memory modules 5. Use of encryption for highly can request changes to the default Weld County provides several must be destroyed. This includes sensitive information. Employees filter restrictions applied to their computers for the use of inmates all memory devices such as must be aware that when sending employees Internet access within the County ail. Due to the memory from computers, memory sensitive information over County (Appendix 98#8209;B). uncontrolled use of)these systems, from printers and FAX machines, or public networks that the County C. The following remote/Internet all inmate computing systems must or other memory devices. This is does not use encryption to protect security guidelines shall be only maintain a minimal set of most commonly accomplished the contents of such information by followed: computer resources to prevent through the use of a hammer default. Therefore, it is the 1.All remote access falls under the abuse of such systems and where the device is repeatedly responsibility of all employees to guidelines of the Acceptable Use resources.This would include: struck to physically smash the take the necessary precautions to Policy. a. Computers must not maintain memory chips. ' "trypt highly sensitive information 2. The user shall make sure that any unnecessary ports or IMPORTANT NOTICE: When :n transmitting. any related passwords are secure, peripherals, including a manually destroying a media Network Privacy. County and and shall not share the passwords CD‑ROM drive, floppy device, always use protective Information Services employees or write passwords on paper.Each drive, serial ports, USB ports, eyewear and apply common sense must understand that all password owner shall safeguard modem, or other to avoid physical injury. communications using County and protect each password they non8#8209;essential interfaces. Sec. 9-340. Acceptable use resources may be monitored for have created, or that is entrusted b. Computers must not have guidelines. statistical, legal, and investigative to them. Password sharing and access to other computing systems A-No change. purposes.County and Information account sharing is strictly or servers, except to accomplish B.General. Services employees should expect prohibited. Storing passwords via the specific purpose for the inmate 1. County departments assume no right of privacy to electronic file or programmable computing systems. responsibility for providing communications made using function keys, scripts, macros or c. Computers must not have reasonable publicity and County equipment and resources. automated logon sequences is Internet access. enforcement for this 'Internet I. Use of remote access (VPN). strictly prohibited. Each individual d. Network access must be Acceptable Use Policy'. Ultimate Remote access into County with approved access to County segregated from the other County responsibility for traffic that does networks is only permissible information computing systems network segments. not conform to this policy lies with through a County owned, and resources is responsible for 3.Security zones.Specified areas the individual end user. It is the Information Services administered, creating original, unique and within a facility that are designated responsibility of the County agency VPN (Virtual Private Network) complex passwords (something as performing critical functions or to monitor and rectify the behavior solution. known only to them and not easily contain sensitive information or of its users who disregard this J. Compliance with legal guessed)for each account. systems, must make use of policy. requirements. All usage of 3. The user is responsible for security mechanisms and 2. It is also the responsibility of commercial software within the securing their remote access procedures greater than those each County department to provide County must conform to all information. Sharing remote used for areas of lesser criticality adequate training for its users. requirements and restrictions access in strictly prohibited. or sensitivity.These zones must be 3. The Department of Information imposed by the licenses. 4.All remote devices and access isolated by security controls of Services and the County accept no 1. Compliance with software should be turned off when not reduced permission from the responsibility for the traffic which licenses and copyrights. All being used, such as VPN or general facility population. they transport and which violates proprietary software,either owned modem.The user should be aware Permission must be based on the the Acceptable Use Policy of any or purchased by the County, must that if he or she has a modem and need to physically access the area connected networks, beyond be used in a way that does not is on the County network, it is for a job function. Such security informing the County if and when a violate the license or copyright possible for a virus to attack any or zones would include: violation is brought to the attention protecting the software. all networked computers. If the a,Server room. of the Information Services 2. Maintenance of software modem is external, it shall be b.Communications closet. Governance Committee. licenses. All commercial software tumed off when not in use. C. Equipment security. All 4 through 5-No change. licenses must be maintained to Add Section 9-3-75,as follows: information computing equipment, 6. Because of the diversity of assure that any violation of such Sec. 94-75. Physical and and any information contained or resources on the Internet and other licenses does not occur due to the Environmental Security Policy. processed by the equipment,must public networks,it is impossible to inability to track or control the use A. Internal security operations.All be reasonably protected from list all the do's and don'ts. In of software licensed to the County. offices and office areas within damage, interruption and general,common sense should be Installations of software must be Weld County facilities must be interception. used to judge situations. The documented and the licenses of secured,as appropriate,to prevent 1. Protection from power following are some guidelines to such software inventoried. unauthorized access to county interruptions. All sensitive start with: clear-'all'> information computing systems, electronic equipment must be a.Computing resources should be 3. Use of pirated or stolen resources and network, including reasonably protected from used only for County-related software. Installation of pirated or the wireless network. interruptions of the power supply business in the support of the Bolen software on County 1.A County‑wide standard including power fluctuations,power administrative, instructional, ormation computing systems is has been developed for wireless surges, brownouts, and short and research and public service )ressly prohibited. access and all equipment. This long8#8209;term losses. objectives of the County. .. Recording of communications. standard includes access points, Equipment performing critical b.Appropriate use of resources is Employees shall not record any wireless cards and all other related functions should have additional or limited to the official work of communications without the equipment. Equipment must be increased protection from power theCounty. Examples of disclosure of the recording and the purchased by Information interruptions. inappropriate use of resources specific consent of all persons Services. (See Section 2. Safety and protection of include,but are not limited to: involved in the communication. 98#8209;18#8209;90.) electrical and communications 1 through 5-No change. This includes,but is not limited to: a. Only County devices with cabling. All electrical power and 6)Attempts to make unauthorized a.Telephone conversations. approved wireless cards are telecommunications cabling must entryon the County networkASE NO.370207 key 21409 7 through 10-No change. documents,are the property of the control software",as follows: damage to personally owned 11)Any other activity that can be County and are considered the Remote control software : Any hardware or software that may be considered mis-use or harmful to County's records even if the software used that enables remote incurred while supporting the the County network. information resides on privately workstations (a second personal computing device or c. Employees must never test the owned devices.County e-mail may workstation) to be viewed, related software. security of computer systems, not be forwarded to employee's controlled or updated remotely, 16.Abuse of this policy can result whether physical or logic based, personal e-mail accounts. without being physically at the in removal of authorization to have Without written permission from Sec. 9-3-110. Employee access second workstation. a personal computing device link nior management of both the to e-mail. Sec.9-740.Statement of policy. or communicate with the County ;ility from which the test is being A. All County employees with a A through K-No change. network. Continued abuse of this ,aunched and the facility where the need are assigned an e-mail L.In addition,other components of policy could lead to employee system resides.The only exception address for County business. the workstation application make it disciplinary actions, including to this is if such security testing is a Sec.94-120.Employee conduct possible to implement mass termination of employment. known part of the employee's job with e-mail. changes, fixes, or updates to all Sec.9-8-40.Procedure. description and function. As with any County property or County workstations automatically. A-No change. 7.No change. equipment, e8#8209;mail should Updates will be scheduled weekly. B. Any County employee wishing B. All County departments must be used for official County It is the end user's responsibility to to synchronize a personal accept these guidelines and business only. Incidental and support regular maintenance to computing device with a desktop understand that network traffic occasional personal use of their workstations to keep personal computer or link it with originating from its location is to be e8#8209;mail is permitted. workstations secure and running at the County network must first have consistent with this policy. The However, strictly forbidden optimal performance.This requires it approved by his or her Elected Department of Information e8#8209;mail usage includes use end users to adhere to Information Official or Department Head.There Services cannot police the network for personal profit or gain; Services guidelines, such as must be a clear business need to but may refer to the appropriate transmission of political messages; re-booting, etcetera, associated approve the request. Elected Official or Department solicitation of funds for political or with the maintenance. Unless 1 through 2-No change. Head for disciplinary action any other purposes; or sending of under emergency conditions where 3. The requesting user must sign agency that appears to be in harassing messages. the IT infrastructure can be the Personal Computing Device persistent and/or serious abuse of A. Employees must refrain from corrupted or damaged,the activity Request Form explaining the this policy.Questions pertaining to sending e-mail messages that may will be scheduled on a weekly County's right to review any the policy or interpretation of the be considered lewd, offensive, or basis. information contained on the policy should be submitted to the harassing by,or to,other people. M.Each occurrence where remote device.This form is available from Information Services Govemance B. Employees must refrain from control software is utilized to the Information Services Committee. sending e-mail messages that diagnose or resolve a workstation Department.Along with the user's clear-"all"> contain angry, violent, or issue will be logged using signature, the employee's full 9.No change. threatening messages. Information Services Help Desk name, device make and model, C. Participation in discussion C.Employees must not participate call tracking procedures. operating system and serial groups. in sending, forwarding, or N-No change. number shall be provided. (See 1.No change. responding to e-mails that are of a Sec.9-740.Procedure. Appendix 9-D.) 2.The user must be aware that the disruptive or coercive nature,such A. To initiate a remote control C.Information Services will review information he or she puts out on as the distribution of seam or chain session, support staff must first the information on the Computing the Internet will be perceived as letters. make an attempt to get approval Device Request Form to ensure the official County position unless D. The County identifies from the end user to take control of the hardware and software meet specifically identified as personal passwords as highly sensitive his or her workstation. Approval County standards. Information opinion,even in a discussion.If the information.Account owners must can be obtained multiple ways, Services will inform the employee user is offering his or her own never divluge their e-mail account e.g.,phone,e-mail,etcetera. of approval or denial. opinion,he or she shall be sure it passwords and login information. 8 through E-No change. D. If hardware or software is clearly identified as such. E. Employees must never share clear-"all"> purchases are involved,purchases 3.No change. e-mail accounts. F. If the end user is not present will be made after the Information D.No change. cleareall"> when the remote control session Services Govemance Committee E. All County devices are ARTICLE VI ends, the support staff should approvals have been obtained. configured for Internet access GIS System Products and follow up with the end user, 1. Information Services will unless specifically requested by Services indicating the date and time the process approved requests by the department head or elected Sec. 9-640. Service products session was held, a brief ordering and receiving County official. and services. description of work performed,and standard equipment. r"c. 94-90. Web server A-No change. whom to contact if there are 2-No change. delines. B. The following identify the questions.This follow up should be E through F-No change. Review. The Department of products and services that are by e-mail or phone message. Gear-"alr> Information Services and the proposed for availability to the ARTICLE VIII G. Personal Computing Device Governance Committee will review public as the GIS system is PERSONAL COMPUTING Standards. all Web access and Web content developed: DEVICES 1. Technology standards will be proposals to ensure the project 1-No change. Sec.94-30.Statement of Policy. determined by the Information adheres to all guidelines set forth 2. Arc Macro Language (AML) A through B-No change. Services Govemance Committee in this Section. products (programs, menus, C.Guidelines. and the Board of Weld County B. Initial approval. Any proposed computer programs, forms and 1 through 3-No change. Commissioners. It will be the Web access must be submitted to written procedures)developed for 4.To be considered for approval of responsibility of Information the Information Services the administration of the system linking or communicating with the Services to follow those standards Governance Committee for initial may be made available to County network, the personal when reviewing requests for approval of the proposed project. customers and other County computing device must meet personal computing devices and The following information must be agencies, departments and County hardware and software purchasing those devices. provided to the Department of appointed and elected offices. No standards, as well as wireless Revise Appendix 9-A, Information Information Services for review maintenance of the products is standards, established by the Services Function and assistance in submitting the planned to be furnished by the Information Services Govemance Sub-Committees,as attached. initial request to the Govemance County. Such products are to be Committee. Requests failing to Revise Appendix 9-B, Computer Committee. furnished as is,and the decision to meet County standards will result Security Request Form, as 1.State the general purpose of the release such products is solely at in denial of access to the County attached. project and how it relates to the discretion of the County.Such network. Revise Appendix 9-C, GIS County business. products are available to 5 through 9-No change. Functional Subcommittees, as 2. Define the scope of the project, customers by license agreement 10. All personally owned devices attached. including what information is going and to other County agencies, must be in full operational order Add Appendix 9-D, Computing to be made available, to whom it departments and appointed and prior to requesting the installation Device Request Form, as will be available, the sensitivity elected offices. It is not intended of synchronization software on the attached. level of the information, and the that custom programs, etcetera, user's desktop personal computer. Add Appendix 9-E, Websense identity of the targeted user. required for the sole use of the 11. If an employee is planning to Internet Filter Removal Request 3. Identify any County data customer will be developed by the purchase a personal computing Form,as attached. accessed not located on the Web GIS Division. device and wants to BE IT FURTHER ORDAINED by server and how the data will be No change to remainder of section. synchronize/link it with the County the Board that the Clerk to the , used. Sec.94-70.Rates and charges. network, it is the employee's Board be, and hereby is,directed 4. Identify the designated contact A-No change. responsibility to meet County to arrange for Colorado Code person within the department for B. Rates and charges for custom standards, receive approval from Publishing to supplement the Weld this project, who will be products,regular,on-going system the Elected Official or Department County Code with the amendments responsible for maintaining current services,and technical assistance. Head, and confirm any County contained herein, to coincide with information. 1 through 2-No change. funding of any additional required chapters, articles, divisions, 5. Identify the security 3.The rates to be charged for GIS hardware and/or synchronization sections,and sub sections as they requirements of the project. products, subscription services, software. Approvals should be currently exist within said Code; C.No change. AML products and digital data are obtained prior to any purchase. and to resolve any inconsistencies Sec. 9-3-100. Use of electronic set forth in the Products and Rate 12-No change. regarding capitalization, grammar, mall. Schedule set out at Appendix 5-F 13. For an employee to and numbering or placement of Electronic mail (e8#8209;mail) is of this Code. synchronize or link personal chapters, articles, divisions, defined as any message that is 4-No change. computing devices with the County sections,and sub-sections in said transmitted electronically between 5.All charges are due and payable network, the user and personal Code. two (2) or more computers or and shall be collected at the time computing device must be BE IT FURTHER ORDAINED by ^1miners, whether stored digitally the order for products and services registered as a user with the the Board if any section, converted to hard(paper)copy. is taken,except as otherwise might Information Services Department. subsection, paragraph, sentence, cider Par 2, Article 72, Title 24, be established by contract or 14. The County does not clause,or phrase of this Ordinance C.R.S., e-mail messages may be license agreement. guarantee continued compatibility is for any reason held or decided to considered public records and may No change to remainder of section. with any hardware device or be unconstitutional, such decision be subject to public inspection, ARTICLE VII software being utilized in this shall not affect the validity of the pursuant to Section 24-72-203, Workstation Remote Control environment and is not liable for remaining portions hereof. The C.R.S. All computer-related Policy personal expenses incurred. Board of County Commissioners information, including e-mail Sec.9.7.20.Definitions. 15. The County or Information hereby declares that it would have messages and/or digitally stored Revise definition of "Remote Services is not responsible for any enacted this Ordinance Ark, IN I. 370207 key 21409 and every section, subsection, paragraph, sentence, clause, and phrase thereof irrespective of the fact that any one or more sections, subsections, paragraphs, sentences, clauses, or phrases might be declared to be ,...ipconstitutional or invalid. 3TICE -URSUANT to the Weld County Home Rule Charter, Ordinance Number 2005-13 published above, was introduced and, on motion duly made and seconded, approved upon first reading on October 24,2005.A public hearing and second reading is scheduled to be held in the Chambers of the Board, First Floor Hearing Room, 915 10th Street,Greeley,Colorado 80631,on November 16,2005.All persons in any manner interested in the reading of said Ordinance are requested to attend and may be heard. Please contact the Clerk to the Board's office at phone (970) 336-7215, Extension 4225, or fax (970)352-0242,prior to the day of the hearing if, as the result of a disability, you require reasonable accommodations in order to participate in this hearing. Any backup material, exhibits or information previously submitted to the Board of County Commissioners concerning this matter may be examined in the office of the Clerk to the Board of County Commissioners,located in the Weld County Centennial Center, Third Floor, 915 10th Street, Greeley, Colorado, between the hours of 8:00 a.m. and 5:00 p.m.,Monday thru Friday, or may be accessed through the Weld County Web Page (wwa.co.weld.co.us). E-Mail messages sent to an individual Commissioner may not be included in the case file. To ensure Inclusion of your E-Mall correspondence Into the case P ', please send a copy to vtling@co.weld.co.us. BOND READING: November 16,2005,at 9:00 a.m. THIRD READING: December 7, 2005,at 9:00 a.m. BOARD OF COUNTY COMMISSIONERS WELD COUNTY,COLORADO DATED:October 28,2005 PUBLISHED: November 2, 2005, in the Fort Lupton Press CASE NO.370207 key 21409 Hello