Cowichan Valley Regional District s1

P O L I C I E S and P R O C E D U R E S Title: INTERNET ACCESS AND E-MAIL USER POLICY

Classification: Information Systems and Services Section: 4

Approval Date: Oct. 27, 1999 Revision Date: Revision #:

PURPOSE:

With access to the Internet and E-mail also comes the availability of material that may not be considered to be of business value in the context of the Cowichan Valley Regional District. The CVRD believes that the valuable information and interaction available on the Internet far outweighs the possibility that staff may procure material that is not consistent with the CVRD’s goals.

POLICY:

CVRD Employee Responsibilities: - Use of the CVRD Internet/E-mail accounts are for CVRD business purposes only. - Ensure that any E-mail messages initiated do not contain profanity, obscene comments, sexually explicit material, expressions of bigotry, racism, or hate. - Use of the internet to access or process pornographic material, inappropriate test files, or files dangerous to the integrity of the CVRD computers and networks is prohibited. - Use of the CVRD computing and/or telecommunication services or facilities for commercial purposes or for personal profit is prohibited. - Use of unlicensed or unauthorized copies of computer software is prohibited. - Employees must take all reasonable precautions to minimize opportunities for other persons to obtain access to passwords and files. - Employees must not use any computing and telecommunications system or user account unless authorized to do so. - Employees must not seek, by any means, copies or information regarding passwords, date, or programs of another user unless authorized to do so by that user. - Employees must not attempt to disrupt any computing and/or telecommunications service or facility. - Employees are not to compromise the integrity of any computing and telecommunications system by attempting access or alteration of system control programs or files. Interference of this type includes, but is not limited to: distribution of unsolicited advertising; propagation of computer worms or viruses; and using the Internet to make unauthorized entry to other computational, information, or communications devices or resources. - Any electronic mail messages, with attachments or file download, have the potential to spread computer viruses. Employees are responsible to scan their hard disk drives regularly for viruses utilizing antivirus software. - Internet usage is not confidential and it is important that it be able to withstand public scrutiny. Users must avoid accessing sites that might bring the Regional District into disrepute. - Employees should also be aware of the costs & security issues associated with Internet usage.

File Number: 1330-00 APPENDIX "A" INTERNET ACCESS & E-MAIL USER OPERATING GUIDELINES

INTERNET SECURITY

Browser Downloads In the process of accessing a web site, text and graphic files are downloaded to your machine into your browser’s cache. The cache is the browser’s memory and is the reason why previously visited sites tend to load more quickly than sites you visit for the first time. If your browser does not see any changes to a site since its last time you visited, the site will be loaded from the cache into your browser and not from the Internet.

Cookies Some web sites customize their sites for your particular needs. For example, many newspaper or stock quotation sites can customize their web site for you so that certain stories or stocks will be presented when you access the site. This is often done through the use of a special procedure called magic cookies (or just cookies for short) to allow a web site to store information about you so that the next time you access the site the server will know who you are and customize the site to your needs. Cookies are a hidden code that is passed to your browser and stored on your hard-drive. The next time you access the site, the cookie code is passed to the server, identifies you to the server, and then presents the customized date you initially requested. Most cookies are harmless and serve a useful function but they can be used for malicious purposes. If you visit a site for which you have doubts about its integrity, you should not accept cookies. Cookies from reputable sites are rarely a problem.

You should set your web browser to warn you when a cookie is to be passed. This would allow you to not accept a cookie if you have doubts about its purpose. To set the cookie warning in Explorer, click View-Options and click the Advanced tab. Click the warn before accepting Cookie option. SPAM – Junk Mail The e-mail equivalent of junk mail is called SPAM. Depending on how offended you are about unsolicited e-mail messages, SPAM can become quite an annoyance and even a problem. You can “manually” filter out junk mail, by deleting (i.e. before opening) e-mail based on a suspicious description of the message in your inbox, or based on the identity of the sender. Unwanted e-mail can, of course, be minimized by using discretion in publicizing your e- mail address. Internet Access and E-Mail Operating Guidelines - 2 - ______

File Downloads From time to time you may want to download software such as new printer drivers, software updates and patches, or demos. Generally, if a site is reputable (that is a site of a major corporation for example), then downloads are safe. You should make sure that any file downloaded to your machine is scanned for viruses immediately after the download is complete (most virus checkers will do this automatically). If a file is compressed, the contents of the file should be scanned before and after it has been uncompressed. A virus can exist undetected in a compressed file and will not become active until the file has been uncompressed. Make sure your virus checker is monitoring your system at all times.

Bookmarks and Visited Sites All web browsers have the capability to place bookmarks at your favourite sites so that you do not have to re-enter an address to return to the site. In addition, browsers also automatically track where you have visited. This information is used to highlight links so that you know where you have been. A list of all the places you visit is maintained on your computer in a special file. Your browser is usually set to automatically clear this file after 30 days but you can change this option in your browser options.

Secure Site Transactions In a secure mode, the Internet can be one of the safest ways to transfer sensitive information. The rule for secure transactions on the Internet is the same for downloading files. If the site is reputable, likely there will be no problem.

When you visit a site with a secure connection, your browser will either give you a message telling you that you have requested a secure connection and/or your browser screen will change. Again, most reputable sites will warn you of this browser problem before you enter the site

Internet Access Speed There are many potential bottlenecks that may influence the speed with which information is downloaded to your machine from the Internet. The two most critical factors are modem speed (modems are the slowest form of Internet communications) and traffic on the Internet. There is not much you can do about the modem. Any modem, regardless of speed, will not be as fast as an ISDN adapter connection or direct T1 connection to the Internet. There is, however, something you can do about avoiding heavy traffic. There tends to be two major peak periods on the Internet that cause major reductions in data transfer rates and thus the speed with which pages will load in your browser. The first period occurs around 9 to 10 a.m. P.S.T. and the second between 12 to 1:00 p.m. P.S.T. Both correspond to lunchtime, first on the East Coast of North America and the second on the West Coast. If you plan to do a lot of searching or file downloads, plan to do them away from these periods. Internet Access and E-Mail Operating Guidelines - 3 - ______

E-mail Attachments One of the most useful functions of e-mail is the ability to attach any file to your message. Unfortunately, large files can be a problem sending in this manner. If the person you are sending the large file to has a dial-up connection set to auto-disconnect after a certain amount of time, the recipient could be disconnected before the file is transferred. Also, some mail readers can be set not to accept large files and will reject the attachment. It can also take a long time to download a large attachment that the recipient may or may not appreciate. You should always check with the recipient before sending a large file to make sure that they are expecting the attachment.

If you need to send large files, the preferred method is usually by ftp (file transfer protocol). If the person you need to send a file to has an ftp site, use this method for large files rather than sending attachments.

Automatic Disconnect You should set Explorer to automatically disconnect you from your dial-up connection if the browser has been inactive for a period of time. To set this option in Explorer click View- Options then click the Connection tab. If you have Explorer set to automatically dial-up then the Disconnect if idle option will be active. You can set this option to automatically disconnect you after the specified time. Note that if you are downloading a large file that takes longer than the setting for your disconnect time, you will be disconnected before the file is transferred. You will have to disable this option before downloading very large files.