Skip Maine state header navigation
Dept. of Administrative & Financial Services
Office of Information Technology
The Office of Information Technology (OIT) must have at least a read-only access to any device in the State network. Further, any vendor-managed device inside the State network must be isolated behind an internal firewall.
If not properly hardened and isolated, any network device may be compromised, thereby jeopardizing the entire shared State network. In order to guard against it, OIT must be able to scan any network device for security vulnerabilities. And, in order to scan a network device, OIT must be granted at least a read-only access to that device. Further, since OIT cannot guarantee the safety of a network device that it does not manage, any vendor-managed network device inside the State network must be isolated behind an internal firewall.
This policy applies to any Internet Protocol (IP) device in the State address space.
2. Document Reference Number:
3. Category: Internet, Network and Transport
4. Adoption Date: October 24, 2011
5. Effective Date: October 24, 2011
6. Revision Date: October 24, 2011
7. Review Date: October 24, 2013
Point of Contact: B. Victor Chakravarty,
Approved By: Greg A. McNeal, Acting Chief Information
Officer, State House Station #145,
10. Position Title(s) or Agency Responsible for Enforcement: Wayne E. Gallant, Chief Technology Officer, Office of Information Technology, State House Station #145, Augusta, ME 04333, (207) 624-9424.
9. Legal Citation: 5 M.R.S.A. Chapter 163 Section 1973 paragraphs B and D, which read in part, “The Chief Information Officer shall: “Set policies and standards for the implementation and use of information and telecommunications technologies…” and “Identify and implement information technology best business practices and project management.”