Rules of Behavior for ISG Users
You must conduct only authorized business on the system.
Your level of access to IdeaScale Gov (ISG) systems and networks is limited to ensure your access is no more than necessary to perform your legitimate tasks or assigned duties. If you believe you are being granted access that you should not have, you must immediately notify the ISG Security Team at [email protected].
You must maintain the confidentiality of your authentication credentials such as your password. Do not reveal your authentication credentials to anyone; an ISG employee should never ask you to reveal them.
You must follow proper logon/logoff procedures. You must manually logon to your session; do not store your password locally on your system or utilize any automated logon capabilities. You must promptly logoff when session access is no longer needed. If a logoff function is unavailable, you must close your browser. Never leave your computer unattended while logged into the system.
You must report all security incidents or suspected incidents (e.g., lost passwords, improper or suspicious acts) related to ISG systems and networks to the ISG Security Team at [email protected].
You must not establish any unauthorized interfaces between systems, networks, and applications owned by IdeaScale .
Your access to ISG systems and networks is governed by, and subject to, all Federal laws, including, but not limited to, the Privacy Act, 5 U.S.C. 552a, if ISG maintains individual Privacy Act information. Your access to ISG constitutes your consent to the retrieval and disclosure of the information within the scope of your authorized access, subject to the Privacy Act, and applicable State and Federal laws.
You must safeguard system resources against waste, loss, abuse, unauthorized use or disclosure, and misappropriation.
You must not process U.S. classified national security information on the system.
You must not browse, search or reveal information hosted by ISG except in accordance with that which is required to perform your legitimate tasks or assigned duties.
You must not retrieve information, or in any other way disclose information, for someone who does not have authority to access that information.
You must ensure that Web browsers use Secure Socket Layer (SSL) version 3.0 (or higher) and Transport Layer Security (TLS) 1.2 (or higher). SSL and TLS must use a minimum of 256-bit, encryption.
You must ensure that your web browser is configured to warn about invalid site certificates.
You must ensure that web browsers warn if the user is changing between secure and non-secure mode.
You must ensure that your web browser window used to access systems owned by IdeaScale is closed before navigating to other sites/domains.
You must ensure that your web browser checks for a publisher’s certificate revocation.
You must ensure that your web browser checks for server certificate revocation.
You must ensure that web browser checks for signatures on downloaded files.
You must ensure that web browser empties/deletes temporary Internet files when the browser is closed.
By your signature or electronic acceptance (such as by clicking an acceptance button on the screen) you acknowledge and agree that your access to and use of ISG is covered by, and subject to, these rules.
You understand that any person who obtains information from a computer connected to the Internet in violation of her employer’s computer-use restrictions is in violation of the Computer Fraud and Abuse Act.
You agree to contact the ISG Security Team at [email protected] if you do not understand any of these rules.