|
MEMORANDUM
| SUBJECT: |
Sensitivity of Documents on the Intranet |
| FROM: |
Alvin M. Pesachowitz,
Chief Information Officer |
| TO: |
Senior Resource Officials |
I would like to take this opportunity to remind you of some security issues pertaining to the Agency's Intranet, EPA@Work.
The Agency currently requires Division Directors to approve all material posted on the Intranet. In the approval process, managers must affirm that all information posted is appropriate for internal Agency use, and that the release of this information does not compromise enforcement, regulatory or trade secret policies of the Agency. Only machines on the EPA network have access to the Intranet. This includes all on-site contractors which use networked machines, have EPA mailboxes, or have EPA IP addresses. Since the Intranet server is used as a development platform for the public access server, it is necessary, in certain situations, for these contractors to have access. Therefore, contractors can view anything you may post
In keeping with privacy act considerations, there may be occasions when prudence must be exercised in making available employee information that could be accessed for other than Agency need-to-know purposes. As the Agency's Senior Official for Privacy Policy, I'm concerned about protecting our own employees' confidentiality, and therefore, I discourage use of the Intranet for purposes that might unintentionally, or otherwise, infringe on their privacy.
Should a situation arise when you need to post confidential information, you may consider a password protected site. Such a system would allow the owner of the site to control access to the information by releasing a password only to those who need entrance. In order to explore this option, please contact Mike Weaver in the Enterprise Information Management Division at 202-260-7444 202-566-0695.
Once again, I would like to reiterate the importance of not posting confidential information on the Intranet. I appreciate your cooperation in this crucial matter. For further reference please consult the Intranet Publishing Guidelines at the following URL: http://yosemite.epa.gov/oei/webguide.nsf/design/intrapub.
cc: Mark Day
|