September 30, 2004
May 15, 2006
- To utilize feature-rich functionality beyond basic industry standards and achieve 100% integration and interoperability throughout the enterprise.
- To create systems of nominal complexity so that support and administrative efforts can be minimized, training can be leveraged, and job duties can be refocused to reduce redundancy.
- To allow for rapid deployment of new technology and position the enterprise to react quickly to emerging opportunities, problems, and threats.
- To simplify the end-user’s experience.
- To utilize a single directory for authentication, access control, directory lookups, and distribution lists.
- To project a consistent view of state government to the public.
- To avoid duplication of system resources and leverage enterprise licensing.
Groupware components will share a common set of configuration and usage parameters as specified in the “Groupware System Environment” document (Appendix A).
Groupware configuration and usage will be consistent across the enterprise.
This standard applies to all executive branch state agencies excluding the University Systems Office and other higher education institutions, i.e campuses and agricultural and research centers.
refers to computer-related tools that improve the effectiveness of person-to-person process. Simply put, it is software that helps people work together. Groupware systems generally include collaboration components such as:
- Email to transmit messages and files.
- Calendaring to record events and appointments in a fashion that allows groups of users to coordinate their schedules.
- Faxing to transmit documents and pictures over telephone lines.
- Instant Messaging to allow immediate, text-based conversations.
- Desktop Audio/Video Conferencing to allow dynamic, on-demand sharing of information through a virtual “face-to-face” meeting.
- Chat Services to provide a lightweight method of real-time communication between two or more people interested in a specific topic.
- Presence Detection to enable one computer user to see whether another user is currently logged on.
- White-boarding to allow multiple users to write or draw on a shared virtual tablet.
- Application Sharing to enable the user of one computer to take control of an application running on another user’s computer.
- Collaborative Applications and Team-rooms to integrate business logic with groupware technologies in order to capture, categorize, search, and share employee resources in a way that makes sense for the organization.
Enterprise Groupware System refers to the components and policies described in the Enterprise Groupware System standard (STANDARD OAT001).
- Groupware User-IDs and email addresses shall be named in accordance with the EA Security Domain Team’s Access Control standard (STANDARD ST006).
- ND Century Code 44-04-18 defines “Access to public records – Electronically stored information”. It states that “except as otherwise specifically provided by law, all records of a public entity are public records, open and accessible for inspection”.
- ITD’s “Personnel and Administrative Policies and Procedure Manual” defines ITD’s Email Request Policy. It states that the determination for deciding whether information is open to public review or whether it is exempt “must be made by the owner(s) of the data (agencies) and not by ITD”.
- ITD’s Policy S004-02 defines the Acceptable Use of Electronic Communication Devices. It requires “all who use the state’s IT infrastructure to develop a policy that ensures the appropriate use of ECDs”.
Non-compliance with this standard shall be reported to the Office of the State Auditor.
This standard supersedes standard OAT002-04.2.
Groupware System Environment
- All agencies shall exclusively use and publish a single, enterprise-wide email domain of “@nd.gov” (@state.nd.us addresses will continue to be valid, allowing agencies to reorder purchased/printed materials as needed).
- All agencies shall have a generic agency email address (an “Info” account).
- All email from the public shall pass through an enterprise email gateway. These gateways will…
- be the only email servers exposed to the public through the firewall.
- be configured to protect against “open” relaying of messages.
- reject any message over 50 Meg in size. (Notify originator.)
- reject any message from an unresolvable domain. (No notification.)
- discard any message containing a virus. (No notification.)
- remove any suspicious attachments. (Notify recipient.)
- See “Suspicious Attachment Types” document (APPENDIX B)
- quarantine for one week any message considered to be spam. (No notification.)
- log and retain message header information for one month.
- “Enterprise Groupware System” specific:
- Email storage quotas will…
- (default) - issue a warning at 40 Meg, restrict “Sending” at 50 Meg, and restrict “Receiving” at 150 Meg.
- (additional charge) - issue a warning at 90 Meg, restrict “Sending” at 100 Meg, and restrict “Receiving” at 150 Meg.
- Email will be backed up nightly for disaster recovery purposes, and 14 days of backup data will be retained.
- Microsoft Outlook/Exchange “Recover Deleted Item” retention will be set to 14 days.
- Microsoft Exchange “Recover Delete Mailbox” retention will be set to 14 days.
- “Enterprise Groupware System” (RightFax) specific:
- Outbound faxes will attempt delivery every 5 minutes for one hour. If a successful connection cannot be established, a notification will be sent to the originator.
- High-priority faxes shall only be used for distributing health and safety alerts.
Instant Messaging, Presence Detection, Desktop Audio/Video Conferencing, Chat Services, White-boarding, File Transfer, Application Sharing
Collaborative Applications and Team-rooms
Suspicious Attachment Types
File attachment types stripped at the email gateway:
ITD reserves the authority to temporarily modify this list at any time in order to respond to security related threats. In such cases, ITD shall notify agency IT Coordinators of the change. ITD shall also present its changes for review at the next regularly scheduled EA Office Automation Domain Team meeting.