D-57

Questions and Answers

What constitutes a significant security risk for City computers and data, according to the directive?

• Exchanging job-related information with other government employees.
• Connecting a 'networked' PC directly to the internet without using the City's firewall. (correct)
• Allowing employees to install personal software on City-owned computers.
• Accessing the internet through City Net without proper authorization.

According to the directive, what action should a commanding officer take when a Fire Department computer malfunctions?

• Reinstall the operating system and restore from the most recent backup.
• Contact the vendor directly to schedule a repair.
• Immediately contact the Office of Management Information Services with specific details about the issue. (correct)
• Attempt to repair the computer themselves to minimize downtime.

What is the primary responsibility of the Network Administrative Unit within the Philadelphia Fire Department?

• To standardize, acquire, maintain, and repair the PFD Wide Area Network and related equipment. (correct)
• To oversee all aspects of departmental Internet access and email systems.
• To ensure compliance with city-wide cybersecurity policies.
• To manage the department's budget for IT infrastructure.

What does the directive state regarding the use of City-furnished Internet access and computers for political activities?

The use of City resources for political activities is strictly prohibited. (B)

Under what conditions is the Fire Department permitted to review and disclose monitored Internet pages of its employees?

For auditing purposes, to assure proper use, prevent security violations, review job performance, or for any other reason deemed appropriate by the Department. (C)

What guideline does the directive provide concerning the content of Fire Department email communications?

Emails should be drafted with the same care and formality as a printed memorandum. (A)

According to the directive, who has the authority to grant access to the Internet for computers linked to City Net?

The Mayor's Office of Information Services (MOIS) and the Department of Public Property, Communications Division, and the Fire Department's Office of Management Information Services and Network Administrative Unit. (A)

How does the directive define the handling of email communications that fall under the Department's Record Retention Schedule?

Such emails should be saved for the period specified in the Schedule and deleted when that time has expired. (B)

According to the email usage guidelines outlined in the directive, what is the appropriate course of action if an issue could be handled by someone at the appropriate level but the chain-of-command is not followed?

It violates the established protocol because those who need to be aware of the issue may not be. (B)

What restriction does the directive place on the installation of software on department computers?

Installation of any unapproved software is prohibited. (B)

According to the directive, who is responsible for the administrative aspects, logistics of deployment, and use of computers, related hardware, and software?

The Office of Management Information Services. (C)

According to the directive, under what conditions may an employee access the Internet using another person’s user name or network password?

With the knowledge and express consent of the person to whom they are assigned, except as authorized by the supervisor. (A)

According to the directive, what responsibility do all members of the PFD have regarding the PFD Wide Area Network?

To familiarize themselves and comply with the PFD Wide Area Network Directive and the PC User's Manual Booklet. (D)

What does the directive state with regard to releasing computerized data to outside agencies?

It requires the approval of the Fire Commissioner. (C)

According to the directive, what examples of acceptable internet use are provided for employees with the approval of one's unit head?

Searching the Internet for information relating to a current project required by your assigned job duties. (D)

According to the directive, what constitutes unacceptable use of City-furnished internet access or computers regarding personal information?

Creating, hosting, or maintaining personal Internet pages. (B)

What is the policy on the use of City-owned equipment for accessing personal internet accounts?

It is strictly prohibited. (B)

The directive provides that no one is permitted to furnish their Log-in Password to any other personnel. What reason does the directive give for this policy?

It compromises Network and Unit security. (B)

According to the directive, who is authorized to order vendor repairs on Fire Department computers?

Only the Office of Management Information Service's personnel. (B)

What does the directive state about conflicts arising from a unit's deviation from the policies outlined?

They are subject to review and resolution by the Commissioner and the Deputy Commissioner for Administrative Services. (D)

What should members be aware of concerning existing Fire Department and City policies and conduct on the email system as stated in the directive?

All existing Fire Department and City policies apply to conduct on the email system, especially those that deal with intellectual property protection, privacy, misuse of City resources, sexual and personal harassment, information and data security, and confidentiality. (B)

What actions does the Office of Management Information Services (MIS) exercise responsibility for with regard to hardware and software?

Evaluating and acquiring approved hardware and software. (D)

What guidelines does the directive provide concerning privacy within the city's email system?

Users have a limited expectation of privacy since the e-mail system and messages are considered City property and may be monitored without notice. (B)

According to the document, what measures should be taken if an email falls within a record type in the Department's Record Retention Schedule?

Save the e-mail for the period of time provided in the Schedule and delete when that time has expired. (B)

What does the directive state regarding the monitoring of employee internet usage?

The Office of Management Information Services and the Network Administrator reserve the right to monitor the Internet Usage of Department employees in the course of carrying out their authorized duties. (C)

According to the directive, what responsibility does the Network Administrator have regarding Wide Area Network hardware and software?

Evaluation, acquisition, and deployment (A)

What is the firewall's function in protecting the City Net, according to the text?

Preventing unauthorized access to City computers and data from the Internet. (B)

According to the directive, under what circumstance(s) is participating in public debate on the Internet permissible?

When it is directly related to job duties and has the approval of a supervisor. (D)

What is the rule that applies to confidential or sensitive city information that may be distributed over or in any way posted on the Internet?

It may not be distributed or posted in any way. (D)

What must users determine before deleting any email message according to the directive?

Whether the message constitutes a public record under the Fire Department's Record Retention Schedule. (B)

According to the directive, what constitutes the primary purpose of Internet access provided by the city to its employees?

To perform city job responsibilities and enhance their ability to conduct the City's business. (B)

If an employee were to carbon copy (cc) someone above their immediate supervisor in an email, what would the implication be, according to the directive?

It results in a breakdown of the chain-of-command. (A)

What items does the directive instruct unit heads to ensure personnel do not do in the vicinity of workstations to prevent data corruption or hardware damage?

Eat, drink, or smoke. (A)

What is the critical implication of connecting a PC directly to the Internet (e.g., via modem) while also being linked to City Net, bypassing the firewall?

It creates a significant security vulnerability, posing a serious and unacceptable risk to City computers and data. (D)

According to the directive, what is a key consideration users must address before deleting an email message from the city's email system?

Whether the message constitutes a public record under the Fire Department's Record Retention Schedule. (C)

What delineates an acceptable instance of internet usage for a Fire Department employee, assuming approval from their unit head?

Searching for information on the Internet related to a current project required by assigned job duties. (A)

In the context of email communication within the Philadelphia Fire Department, what action is discouraged due to its potential disruption of the established chain of command?

Carbon copying (cc) someone above an immediate supervisor without following the chain-of-command. (D)

Under what specific condition is an employee authorized to access the Internet using another individual's username and network password?

Only with the express knowledge and consent of the person to whom they are assigned, except as authorized by your supervisor. (A)

Flashcards

Directive Purpose

Addresses policies, duties, responsibilities, and authority concerning the PFD Wide Area Network and associated hardware/software.

Office of Management Information Services (MIS)

The Network Administrative Unit, located in Fire Headquarters, responsible for standardization, maintenance and repair of the PFD Wide Area Network.

Computer Documentation

Instructional and training aids for Information Services, including PC Users Manual, System Orientation, Chiefs' Staff Meeting Notes, Memoranda, E-Mail announcements.

Individual Responsibility

Each member must exercise control as directed by their rank in the implementation of this directive.

MIS Responsibilities

Evaluate and acquire approved hardware and software for the PFD Wide Area Network.

Hardware/Software Installs

Directing installation of hardware/software, evaluating system malfunctions for the Wide Area Network.

Network Admin Duties

Administers network computer repair/maintenance and oversees the Network Administrative Unit.

Network Upgrade Approval

Approves upgrades and modifications to safeguard the integrity of the network system.

Network Administrator Role

Evaluates, acquires, and deploys Wide Area Network hardware and software.

Resource Optimization

Determines optimal use for network resources-related hardware and software.

Troubleshooting Responsibility

Handles configuration, placement, and troubleshooting of network computers, printers, and hardware.

Software Administration

Administers distribution, configuration, and troubleshooting of approved software and applications.

Email oversight

Administers electronic Inter-/Intra-Departmental communications (e-mail), including related hardware/software.

Internet Account Admin

Administers all departmentally-sanctioned Internet Access Accounts.

Firewall monitoring

Maintains and monitors Network Security, including Firewall.

Contractor Coordination

Coordinates outside contractors/services relative to network functionality.

Workstation Conduct

Ensure workstations are used properly, prohibiting data corruption or hardware damage.

Unauthorized Changes

Ensure no unauthorized upgrades, changes, additions or repairs are made to unit's computer.

System Oversight

Oversee system usage, promptly report malfunctions to MIS. Order items as needed.

User Responsibility

Familiarize with PFD Wide Area Network Directive and PC User's Manual Booklet.

Password Restrictions

No one is permitted to furnish their Login Password to any other personnel.

Policy Abidance

Adhere to city policies concerning email and Internet usage.

Software Restrictions

Installation of unauthorized software is prohibited.

Email Chain-of-Command

Follow chain-of-command in emails; avoid copying superiors, resolve issues at appropriate level.

Email Legalities

Use of City e-mail systems is subject to laws prohibiting infringement of intellectual property rights, harassment, discrimination.

Copyright Protection

Ensure use does not infringe copyright, trademark, or intellectual property rights.

Email content restrictions

Avoid defamatory, fraudulent, harassing, offensive, or discriminatory language.

Email privacy

The e-mail system and messages are property of the City, can be monitored and disclosed.

Email retention

E-Mail communications are considered City property, may be retrieved even if deleted.

Policy Advice

All existing Fire Department and City policies apply to the e-mail system.

Internet Guidelines

Provides guidelines for appropriate and inappropriate use of the Internet.

Internet use

Internet is to be used job related activities only.

Internet content legalities

Internet use is subject to laws and City policies prohibiting infringement of intellectual property rights, harassment, discrimination, and defamation.

Confidentiality

Confidential city information may not be distributed.

Email username

You may not send or receive e-mail under different username not provided by the city.

No personal use allowed

You may not use city furnished computers to send personal emails.

No politics allowed

Do not use your City access to engage in political activity

Personal access prohibited

You are not permitted to access the Internet from Fire Department for personal use.

Equipment regulations

You may not use City equipment to access your personal Internet account.

Not personal pages

You may not use City computers to create, host, or maintain personal Internet pages.

Acceptable Use - Search

Acceptable uses include searching the Internet for information needed to complete project.

Firewall

The Firewall prevents gaining access to City computers and data.

Confidentiality Breach

Releasing data to an outside agency without approval of the Fire Commissioner.

Computer monitoring

Computers are subject to inspection by the Office of Management Information Services.

Repair Authorizations

Office of Management Information Service’s personnel are authorized to order vendor repairs on Fire Department computers.

Reporting Issues

Contact MIS if a computer fails, providing computer's public property number, serial number and error messages.

Study Notes

Policy

• This directive outlines the policies, duties, responsibilities, and authority of the Office of Management Information Services and Wide Area Network Administration.
• It covers all issues related to the PFD (Philadelphia Fire Department) Wide Area Network and its associated hardware and software.

Office of Management Information Services (MIS)

• Located in Fire Headquarters, the Network Administrative Unit is in charge of standardizing, acquiring, maintaining, and repairing the PFD Wide Area Network, along with related equipment.
• The Network Administrative Unit offers guidance to other units in developing and maintaining official PFD publications on the World Wide Web.
• It also supervises the PFD E-Mail System and all aspects of Departmental Internet Access.

Computer Documentation

• The Office of Management Information Services has created instructional and training materials for all personnel.
• Available documentation includes the PC Users Manual Booklet, System Orientation presentation, Chiefs' Staff Meeting Notes, Memoranda, and E-Mail announcements.

Responsibilities of All Members

• Each member must exercise appropriate control as directed by their rank when implementing this directive.

Responsibilities of the Office of Management Information Services (MIS)

• Evaluate and acquire approved hardware and software.
• Direct the installation of hardware, software, and assess system malfunctions.
• Manage the repair and maintenance of all Wide Area Network computers and related equipment.
• Oversee the Network Administrative Unit.
• Approve all upgrades and changes to the Network system to protect its integrity.

Responsibilities of the Network Administrator

• Evaluate, acquire, and deploy Wide Area Network hardware and software.
• Determine the optimal use of network resources-related hardware and software.
• Configure, place, and troubleshoot Wide Area Network computers, printers, and related hardware.
• Administer the distribution, configuration, and troubleshooting of approved software and applications.
• Administer electronic Inter-/Intra-Departmental communications (e-mail), including related hardware and software.
• Administer departmentally-sanctioned Internet Access Accounts.
• Maintain and monitor Network Security, including the Firewall.
• Coordinate outside contractors and services related to network functionality.

Responsibilities of Officers and Unit Heads

• Ensure personnel operate workstation computers without corrupting data or damaging hardware/software, including prohibiting eating, drinking, or smoking near workstations.
• Ensure no unauthorized upgrades, changes, additions, or repairs are made to the unit's computers, including hardware and software.
• Oversee system usage and promptly report malfunctions to the Office of Management Information Services.
• Order necessary supplies like disks, paper, and toner, and perform routine data backups.

Responsibilities of Users

• All PFD members must understand and follow the PFD Wide Area Network Directive and the PC User's Manual Booklet.
• Sharing Log-in passwords is not allowed, as it compromises Network and Unit security.
• Authorized users must follow city and departmental policies on email and Internet use.
• Users cannot make unauthorized changes to hardware or software, and unauthorized software installations are prohibited.

Email Usage Guidelines

• Draft emails with the same formality as printed memos, avoiding informal or offensive remarks.
• Emails should follow the chain of command.
• Copying someone above your direct supervisor can disrupt the chain of command and prevent issues from being handled at the appropriate level.
• City email systems are subject to all laws and policies prohibiting intellectual property rights infringement, harassment, discrimination, and defamation.
• Do not use email for communications or data transfers that infringe copyright or violate Fire Department/City policies.
• Emails must not contain defamatory, fraudulent, harassing, or offensive content, including sexually explicit material.

Email Privacy

• The City owns the email system and its messages, stored on Fire Department and City network servers and desktop computers.
• The Office of Management Information Services and Network Administrator can access and disclose employee emails for official duties.
• The Fire Department may monitor, review, and disclose stored emails without notice for auditing, security, performance reviews, or other reasons.
• Deleted emails may still exist on backups and archival devices, so users should not expect privacy in email communications.
• Emails and other electronic communications may be subject to disclosure under Pennsylvania's Right to Know Act, the Philadelphia Home Rule Charter, and may be accessed during litigation or by law enforcement.

Email Records Retention

• The City owns email communications, which can be retrieved even after deletion.
• Emails on City-owned equipment are public records and Fire Department property regulated with assistance from the Department of Records.
• Electronic records have the same retention and management requirements as paper records.
• Emails falling under the Department's Record Retention Schedule must be saved for the specified period and deleted afterward.
• Before deleting, users must determine if an email is a public record under the Fire Department’s Record Retention Schedule.
• When retention is required, users can use Lotus Notes Archiving to save records.

Conduct on the Email System

• All existing Fire Department and City policies apply to email use, especially those concerning intellectual property, privacy, misuse of City resources, harassment, information security, and confidentiality.
• Non-compliance may result in disciplinary action.

Guidelines for Internet Usage

• The internet is to be used by employees accessing the internet from city premises and/or through City-furnished computers, networks or telecommunications facilities
• These guidelines ensure appropriate and inappropriate use of the Internet.
• Internet access is to be used as a resource to aid in the role as employees, and should be job-related
• Any other use that is not job-related is prohibited

Internet Usage Monitoring

• The office of Management Information Services and the Network Administrator can monitor Department employee's internet usage
• The Fire Department can review and disclose internet pages without notice to the user
• This is to be used for auditing, security, and job performance reviews

Unacceptable uses of Internet Access

• Internet use if subject to all applicable laws and city policies relating to discrimination, harassment, defamation, or infringement of intellectual property rights
• The internet must not be use for communication that includes
• Information that infringes trademarks or copyrights of third parties
• Communications that contain material that is illegal
• Communications that contain fraudulent, harassing, offensive, or discriminatory content
• Communications that are personal in nature
• Communications that are related to a private business enterprise
• Communications that do not relate to one's assigned duties

Restrictions on sensitive City Information

• Sensitive city information must not be distributed over the internet
• Transmission and distribution of Fire Department information for city business purposes is subject to the individual unit policies, along with any Fire Department restrictions

Electronic Mail Policy for Internet

• Usage is subject to the current Electronic Mail Policy, including:
• Internet email message can be intercepted by third parties and shouldn't contain sensitive City information
• You must not send or receive email messages under a username or password not assigned to you by the City
• You must not use city furnished Internet access to send personal email messages

Restriction on Internet Use based on City policy

• In accordance with City policy requiring that City facilities be used solely for city business, your City furnished internet access must not be used for
• Promoting political candidates or political activities
• Participating in public debates on the Internet without a supervisor's approval
• Participating in public debates or exchanges in ways that suggest that your personal views are public views of the City

Restrictions on Internet Account Use

• You must not access the internet for personal reasons from Fire Department, city computers, networks or telecommunications facilities
• You must not use City equipment to access personal Internet accounts
• City-furnished internet access must not be used to create, host or maintain personal Internet pages
• You must not use any username or network password except your own, without the appropriate knowledge and consent of your supervisor

Acceptable use of Internet Access

• Acceptable reasons for Internet access include (with unit head approval):
• Searching the Internet for information that relates to a project for your job
• Searching for information that you can download for purposes of job-related training
• Sending and receiving email messages to non-City personnel (such as consultants) for conducting Department business

Firewall Protection

• Access to and from the Internet and the City is protected by "firewall" software and computers
• This is to help prevent unauthorized Internet users from gaining access to City computers
• Any computer linked to City Net connected to the Internet without the firewall is a security risk and strictly prohibited.

Administered Internet Access

• Access to the Internet for City Net and Fire Department computers is jointly administered by
• The Mayor's Office of Information Services (MOIS)
• Department of Public Property
• Communications Division
• As well as the Fire Department's Office of Management Information Services and Network Administrative Unit
• Access to the internet is only granted to the extent that is required by business
• A unit's account will contain internet usage and the sites that were visited
• A monthly summary is created, similar to long distance telephone use

General Information

• Computerized data is not to be released to any outside agency without approval from the Fire Commissioner
• All computers, hardware, and software will be issued by the Office of Management Information Services
• This office is responsible for all administrative aspects and logistics of equipment
• All computer equipment are subject to inspection by the Office of Management Information Services
• Conflicts stemming from a unit's deviation from these policies will be reviewed and be resolved by the Commissioner and the Deputy Commissioner for Administrative Services

Vendor Repairs

• The Office of Management Information Services is authorized to request vendor repairs on Fire Department computers
• When a computer fails, the commanding officer must immediately contact the Office of Management Information Services
• They must provide required information such as serial number and computer activity immediately preceding the malfunction