Skip Maine state header navigation

Agencies | Online Services | Help

 

Maine State Seal

Maine State Government

Dept. of Administrative & Financial Services

Office of Information Technology (OIT)

Network Device Management Policy

 

I. Statement

The Office of Information Technology (OIT) will take all necessary measures to ensure the security and acceptable performance of state networks.

 

II. Purpose

This policy defines the measures that must be undertaken in order to ensure acceptable levels of performance and security for all users of state networks.

 

III. Applicability

This policy applies to any Internet Protocol (IP) device connecting to a state network.

 

IV. Responsibilities

A. Chief Technology Officer: The OIT Chief Technology Officer owns, executes, and enforces this policy.

B. OIT Security, Network Services, Customer Support, and the Agency Technology Business Consultant (TBC) will jointly investigate issues and create solutions.

 

V. Directives

A. OIT must have at least a read-only access to any IP device connecting to a state network. This access shall be sufficient to ensure Application Deployment Certification and ongoing performance and compliance scanning where needed.

B. Any vendor-managed IP device connecting to a state managed network must be separated by an OIT managed firewall that is funded by the Department.  This does not include consumer-grade computing and communication devices (laptops, smartphones, etc.), which are exempt.

 

C. Any IP device using the state network may be isolated and/or disconnected for reasons including, but not limited to: Adverse impact to the Network, Viruses and/or Malware, Excessive non-business critical bandwidth utilization, Configuration not in alignment with state standards.  Notification of any isolation/disconnection will be handled through the Agency TBC. 

 

D. No device connected to a state network is allowed to join another network simultaneously.

 

 

VI. Definitions

A. Internet Protocol (IP): The chief communications protocol used to relay data packets across a computer network.

 

B. State network: The State of Maine Wide Area Network, State of Maine Demilitarized Zone (DMZ) networks, or any other secure network managed by the State of Maine.

 

VII. References

VIII. Document Information

Initial Issue Date: October 24, 2011

Latest Revision Date: October 2, 2014 

Point of Contact: Henry Quintal, Architecture-Policy Administrator, OIT, 207-624-8836.

 

Approved By:  James R. Smith, Chief Information Officer, OIT, 207-624-7568.

 

Position Title(s) or Agency Responsible for Enforcement: Greg McNeal, Chief Technology Officer, OIT, 207-624-7568.

 

Legal Citation:  5 M.R.S.A. Chapter 163 Section 1973 paragraphs (1)B and (1)D, which read in part, “The Chief Information Officer shall:” “Set policies and standards for the implementation and use of information and telecommunications technologies…” and “Identify and implement information technology best business practices and project management.”

 

Waiver Process: See the Waiver Policy[1].