This agreement is to be used in lieu of a Telework Agreement when an employee is authorized
to establish a remote access connection to IT infrastructure for work-related functions which
fall outside the realm of a traditional telework arrangement, such as use of a Smartphone or
other mobile computing device which establishes a remote access connection to state IT
infrastructure.
As with any casual or formal telework arrangement, the employee, Supervisor/Manager and
Office Chief are to acknowledge they have read, understand and agree to adhere to all
applicable state policies, standards and procedures including, but not limited to the agency's
Acceptable Use Policy, the Telework and Remote Access Security Standards (SIMM 5360-A)
and applicable provisions of the Telework Program Policy and Procedures.
Applicable provisions of the Telework and Remote Access Security Standard and Telework
Program Policy and Procedures include but are not limited to the following:
- Maintaining established security controls, such as strong passwords, two-factor
authentication, device and data encryption, antivirus and antispyware software, personal
firewalls, content filtering software and automatic updates;
- Electronic registration of device information;
- Disabling of non-essential functions and services on the device;
- Not altering, disabling or circumventing established security controls;
- Maintaining back-ups, only in accordance with authorized state entity procedures;
- Allowing IT Administrators to define, manage and validate device security controls;
- Providing IT Administrators the ability to issue remote data wipe and device kill commands
in order to protect the confidentiality of state data residing on the device, and;
- Immediately reporting the loss, theft or damage of the device.