Social Networking Policy Information
Social Networking Policy
Director Approval Date: July 13, 2009
Social network (SN) services focus on building online communities of people who share interests and/or activities, or who are interested in exploring the interests and activities of others. Most social network services are web-based and provide a variety of ways for users to interact.
The tools used to interact with social network providers vary greatly as does the format. Social network services are most commonly hosted by entities to which the ODCTE has limited or no control. As such, the contributions to social networking sites may not be protected or guaranteed in any way and may not reflect the position of the ODCTE.
To protect the position, image and information assets of the ODCTE, the use of social network services is intended for agency purposes only. The ODCTE recognizes the potential marketing benefits of a social network presence and its use is meant to promote and market the mission and goals of the ODCTE.
The State Director designates the Communications and Marketing Director as responsible for overseeing the ODCTE’s brand identity and key messages communicated on the sites. The Communications and Marketing Director will maintain a log of all social networking services used by agency employees in the course of official business.
A. The Communications and Marketing Division is responsible for oversight and management of all agency accounts with social networking providers.
B. Authorization for the engagement with agency social network accounts is a function of the Communications and Marketing division. SN requires written approval prior to compilation and publishing using these accounts.
C. Authorized individuals whom have obtained written permission by the Communications and Marketing division may use designated workstations to publish content to an approved social network provider.
D. Communications and Marketing Division will provide the agency’s Chief Technology Officer and/or Information Security Officer with documentation detailing the authorized social network service providers, and current account names and master passwords, and person(s) authorized to use the accounts.
The following statements also apply to SN usage:
A. All policies and guidelines pertaining to email also apply to SN, including, but not exclusive to, policies regarding solicitation, obscenity, harassment, pornography, sensitive information, and malware.
B. Users’ social network presence reflects ODCTE so usernames, comments, photos, videos, etc., should be appropriate for a professional environment, and selected in good taste.
C. Information published on social networking sites should comply with the Internet/Intranet Security Policy.
D. Respect copyright laws and reference sources appropriately. Identify any copyrighted or borrowed material with citations and links.
E. It is inappropriate to disclose or use ODCTE’s or respective client’s confidential or proprietary information in any form of online media.
F. When representing ODCTE in any social networking activity, user should be aware that all actions are public and employees will be held fully responsible for any and all said activities.
G. User must disclose their true identity and affiliation with ODCTE.
H. User must respect the privacy of colleagues and the opinions of others.
I. Avoid personal attacks, online fights, and hostile personalities.
J. Ensure material is accurate, truthful, and without error.
K. Do not conduct any online activity that may violate applicable local, state, or federal laws or regulations.
Social Networking has the potential for security-related issues. Most SN traffic is sent in clear text that is not encrypted. The following statements apply to SN security:
A. The agency’s information security officer must review selected social network service providers, clients, and associated plug-ins to identify potential security vulnerabilities prior to their use.
B. To maintain security of ODCTE network usernames and passwords, SN users must use a username/password combination that differs from their login ID and password for the ODCTE network.
C. Sensitive information such as usernames, passwords, Social Security numbers, and account numbers passed via SN can be read by parties other than the intended recipient(s). Transferring sensitive information over SN is prohibited.
D. Peer-to-peer file sharing is not allowed through the ODCTE network. SN clients are prohibited from use as peer-to-peer file-sharing.
E. Many SN clients provide file transfers. Policies and guidelines pertaining to email attachments also apply to file transfer via SN.
F. SN can make a user's computer vulnerable to denial of service (DoS) attacks. SN users should configure their SN clients in such a way that they do not receive messages from unauthorized users.
All SN communications are subject to the requirements of the Office of Records Management and the Child Internet Protection Act (CIPA).
SN traffic is logged and periodically reviewed. Users should have no expectation of privacy. Supervisors may request or be provided reports of Internet usage by employees from the Information Security Officer as needed to monitor use.
Any employee found to have misused or abused a social networking service or violated this policy may be subject to disciplinary action, up to and including termination of employment.
For assistance with this policy, please contact Computer Support.
State of Oklahoma Social Networking and Social Media Development Methodology -Download here
Last Update 7/25/14