Skip Maine state header navigation

Agencies | Online Services | Help

 State of Maine Seal

Maine State Government

Dept. of Administrative & Financial Services

Office of Information Technology

 

 

Standard for the Use of Blackberry Mobile Devices

I. Statement

State agencies will comply with this standard when acquiring and using Blackberry mobile devices.

II. Purpose

A. The purpose of this standard is to govern the use of Blackberry mobile devices.

B. The State of Maine Office of Information Technology (OIT) establishes the conditions by which the devices may be configured, upgraded, maintained and supported.

III. Guidelines and Procedures

A. For the purpose of this standard, Blackberry devices are currently the only mobile device that is supported by the Office of Information Technology for connection to the enterprise Exchange e-mail system. .

B. There will be one Blackberry device per user unless the Blackberry is configured with a generic e-mail account to be shared by two or more individuals.

C. The Blackberry device must be purchased through the State’s US Cellular contract.  No personal devices will be added to the Blackberry Enterprise Server.

D. The ability to download 3rd party software on Blackberry devices has been disabled at the enterprise level.  Understanding that there may be a business need to download certain 3rd party software (e.g. spell check); procedures have been put into place to allow certain software to become “authorized software” for use on the devices.  The procedure is outlined in the State of Maine Procedure for the Use of Non-State Owned/Approved Software or Devices for State Business.

E. The cost of any third party software will be borne by the requesting customer at the standard rate for an hour of OIT support.  Testing, if required by the plan, will be billed to the customer as well.

1. A technical implementation policy will be created on the Blackberry Enterprise Server to allow for the 3rd party software to be downloaded.  This policy will be applied to those user(s) who have an approved need for it.

2. A list of approved vendors and applications will be published by OIT and added to the Frequently Asked Questions found on the Intranet and added to OIT’s Permitted Software intranet site: http://inet.state.me.us/oit/services/index.

F. Blackberry device accessories requiring changes to the Enterprise Server (e.g. keyboard):

1. The business need or accessibility need of 3rd party software must be submitted to the requester’s AITD via the procedure outlined in the Procedure for the Use of Non-State Owned/Approved Software or Devices for State Business.

2. The accessory will be tested and analyzed by appropriate OIT technical resources to determine risks and operability.

3. The cost of the accessory will be paid by the customer’s agency.  The standard rate per hour for testing will be billed where appropriate.

4. Necessary changes to allow for the accessory will be made to the Blackberry Enterprise Server.

5. If necessary, a technical implementation policy will be created on the Blackberry Server and applied to user(s) with a need for the accessory.

6. The accessory will be made the standard for use.

G. For security purposes, a password policy will be applied to all Blackberry devices.  The password policy is as follows:

1. Passwords will be at least five characters in length.

2. After 60 minutes of inactivity, the device will become locked requiring a password for further use.

3. After ten incorrect password attempts, the device will automatically be wiped (formatted).

 

4. Passwords will remain static and will not be required to change.

 

It is recommended that passwords also be set on other mobile devices that are used such as Palm Pilots and PDAs.

H. Lost or stolen devices:

1. All lost or stolen devices should immediately be reported to the OIT Customer Support Center at 624.7700 so that the device can be wiped (formatted).

 

IV. Applicability

A. This standard is intended to manage the approval and use of Blackberry devices connected to the State of Maine wide area network by:

1. Vendors and employees of agencies within the Executive Branch and semi-autonomous State agencies.  

V. Responsibilities

A. The Chief Information Officer (CIO) is responsible for the development, implementation and monitoring of statewide standards. The CIO is responsible for approving all fee schedules associated with this procedure.

B. Agency director(s) or their designees will be responsible for approving the request for the use of mobile devices.

C. The Agency Information Technology Director (AITD) and the OIT Director of Enterprise Applications Services will be included in the information exchange regarding the request for the use of mobile devices. Should the AITD or the Director of Enterprise Applications find concern with the agency director’s decision, it is the AITD’s responsibility to intervene in the process.

D. The OIT Enterprise Information Security Director is responsible to assure the process defined to implement the standard is in accordance with ALL State and OIT policies.

 

VI. Definitions

A. Mobile Device: is a pocket-sized computing device, typically comprising a small visual display screen for user output and a miniature keyboard or touch screen for user input.

B. Blackberry: a wireless device introduced in 1999 which supports push e-mail, mobile telephone, text messaging, internet faxing, web browsing and other wireless information services. 

C. Agency director(s) –  For the purposes of this policy, the term “agency director(s)” refers to the agency policy influencing leaders identified in Maine Revised Statutes Annotated, Title 5 section 932 etc.

D. Semi-autonomous state agency: An agency created by an act of the Legislative Branch that is not a part of the Executive Branch. This term does not include the Legislative and Judicial Branches, Offices of the Attorney General, Secretary of State, State Treasurer and Audit Department.

 

VII. References

A. Policy Governing the Use of Non-State Owned/Approved Software or Devices for State Business

B. Procedure for the Use of Non-State Owned/Approved Software or Devices for State Business

VIII. Document Information

A. Document Reference Number: 31

B. Category:  Internet, Network and Transport

C. Adoption Date: 10-14-08

D. Effective Date: 10-14-08

E. Review Date: 10-14-09

F. Point of Contact: Dawnna J. Pease, Windows, Citrix, File & Print Support Section Manager, 207.624.7548.

G. Approved By: Greg McNeal, Chief Technology Officer

H. Position Title(s) or Agency Responsible for Enforcement: Greg McNeal, Chief Technology Officer, telephone 207-624-9471

I. Legal Citation: 5 M.R.S.A. Chapter 163 § 1973.   Responsibilities of the Chief Information Officer, paragraph 1B Set policies and standards for the implementation and use of information and telecommunications technologies, including privacy and security standards…”

J. Waiver Process: The CIO or his/her designee may authorize an exception on a case-by-case basis.

Apply for a waiver as follows:

Address an email to Richard B. Thompson and include as a CC: the Associate Chief Information Officer or the agency Agency Information Technology Officer. If you require assistance with determining the correct person, contact the CIO’s office at 624-8800.

Include the following in the email:

Document a compelling technical or business case that identifies the specific action and how it warrants exemption.

Include any supporting documentation you may have.

 

When a decision has been reached in granting or denying the waiver, the CIO will respond to the submitter, the AITD, and the following three designated people whose names are located on the policy/standard for which the waiver is being sought: Point of Contact, Approved By and Position Title(s) or Agency Responsible for Enforcement.