Skip Maine state header navigation
Maine State Government
Dept. of Administrative & Financial
Office of Information Technology (OIT)
Device Management Policy
The Office of Information Technology (OIT) will take all
necessary measures to ensure the security and acceptable performance of state
This policy defines the measures that must be undertaken in
order to ensure acceptable levels of performance and security for all users of state
This policy applies to any Internet Protocol (IP) device connecting
to a state network.
Chief Technology Officer: The OIT Chief Technology
Officer owns, executes, and enforces this policy.
OIT Security, Network Services, Customer Support, and
the Agency Technology Business Consultant (TBC) will jointly investigate issues
and create solutions.
OIT must have at least a read-only access to any IP
device connecting to a state network. This access shall be sufficient to ensure
Application Deployment Certification and ongoing performance and compliance
scanning where needed.
Any vendor-managed IP device connecting to a state
managed network must be separated by an OIT managed firewall that is funded by
the Department. This does not include
consumer-grade computing and communication devices (laptops, smartphones,
etc.), which are exempt.
Any IP device using the state network may be isolated
and/or disconnected for reasons including, but not limited to: Adverse impact
to the Network, Viruses and/or Malware, Excessive non-business critical
bandwidth utilization, Configuration not in alignment with state standards. Notification of any isolation/disconnection will
be handled through the Agency TBC.
D. No device connected to a
state network is allowed to join another network simultaneously.
Internet Protocol (IP): The chief communications
protocol used to relay data packets across a computer network.
State network: The State of Maine Wide Area Network,
State of Maine Demilitarized Zone (DMZ) networks, or any other secure network
managed by the State of Maine.
Initial Issue Date: October 24, 2011
Latest Revision Date: October 2, 2014
Point of Contact: Henry Quintal, Architecture-Policy
Administrator, OIT, 207-624-8836.
Approved By: James R. Smith, Chief Information Officer,
Position Title(s) or Agency Responsible for Enforcement:
Greg McNeal, Chief Technology Officer, OIT, 207-624-7568.
Legal Citation: 5
M.R.S.A. Chapter 163 Section 1973 paragraphs (1)B and (1)D, which read in part,
“The Chief Information Officer shall:” “Set policies and standards for the
implementation and use of information and telecommunications technologies…” and
“Identify and implement information technology best business practices and
Waiver Process: See the Waiver