TABLE OF CONTENTS
INTERNET & E-MAIL SECURITY
DM 3525-000
Page
Chapter 5 – General Information
1 Purpose 2
2 Cancellation 3
3 References 3
4 Scope 3
5 Abbreviations 3
3525-001
Part 1 – USDA
Internet Access Security for Private Internet Service Providers
1 Background 1
2 Policy 1
3 Responsibilities 3
3525-002
Part 2 – Internet
Use & Copyright Restrictions
1 Background 1
2 Policy 2
3 Responsibilities 3
3525-003
Part 3 – Telework
and Remote Access Security
1 Background 1
2 Policy 2
3 Responsibilities 3
Table
1 Telework Security/IT Checklist Roles
and Functions
2 Telework Security Checklist
Cyber Security
References
Washington,
D.C.
|
DEPARTMENTAL MANUAL |
NUMBER: 3525-000 |
|
SUBJECT: Internet & E-mail Security |
DATE February 17, 2005
|
|
OPI: Office of the Chief Information Officer,
Cyber Security |
1 PURPOSE
This Departmental Manual chapter supplements the requirements of Departmental Regulation (DR) 3300-1, Telecommunications, Appendix I and updates DR 3140-2, Internet Security Policy. Overall, this chapter is designed to specify the conditions for use of the Internet by USDA agencies and mission areas.
Part 1, USDA Internet Access for Private Internet Service Providers establishes the requirement for Internet access to be obtained by agencies/mission areas from the USDA Internet Access Network whenever feasible. In addition, security provisions are outlined that must be met by all agencies that use private Internet Service Providers on an exception basis.
Part 2, Internet Use & Copyright Restrictions defines the several conditions for the authorized use of the Internet and protection of USDA Information Technology (IT) resources. Material in this part includes both operational requirements and expected official behavior on the part of USDA users.
Part 3, Telework and Remote Access Security provides security policy with regard to Telework Arrangements and Remote Access to USDA’s networks. Material in this part includes policy and a Telework Security Checklist for use by all agencies and staff offices in establishing these arrangements.
2 CANCELLATION
This
Departmental Manual chapter will be in effect until superseded.
3 REFERENCES
Memorandum for the Heads of Executive Departments and Agencies, Subject: Expanding Family-Friendly Work Arrangements in the Executive Branch, July 11, 1994;
Public
Law 104-52, Treasury, Postal Service and General Government Appropriations Act
of 1996;
Public
Law 106-346, Section 359, Department of Transportation Appropriations Act of
2001;
OPM
Memorandum to Executive Heads of Agencies, Subject: Establishing Telecommuting,
dated 2/9/01;
OPM
Final Report on Technology Barriers to Home-Based Telework;
NIST
Bulletin, Subject: Security Issues for Telecommuting
General
Services Administration, Federal Telework Topics
DR
3440-2, Control and Protection of “Sensitive Security Information”;
DR
4080-811-02, Teleworking Programs;
DM
3595-002, Appendix B, CS Legal and Regulatory References.
4 SCOPE
This manual applies to all USDA agencies, programs, teams, organizations, appointees, employees and other activities.
5 ABBREVIATIONS
CIO Chief Information Officer
CIP Critical
Infrastructure Protection
CO Certifying
Official
CS Cyber
Security Program
DES Data
Encryption Standard
DM Departmental
Manual
DR Departmental
Regulation
DSL Digital
Subscriber Line
IP Internet Protocol
ISP Internet
Service Provider
IT Information Technology
NIST National Institute of Standards
and Technology
OCIO Office
of the Chief Information Officer
OMB Office of Management and Budget
OSI Open Systems Interconnection
P2P Peer-to-Peer
SSL Secure Socket Layer
TSO Office of
Telecommunications Services
USDA United
States Department of Agriculture
VPN Virtual Private Network