The purpose of this policy is to establish the minimum security requirements that must be implemented to protect the Commonwealth’s information and technology assets and ensure the continuous effective and secure management of the Commonwealth’s information technology environment.
This standard reinforces the Commonwealth's commitment to an effective acceptable use of information technology strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks posed by improper management of information.
This document describes access management standards for the use of information, information systems, electronic and computing devices, applications, and network resources used to conduct business on behalf of the Commonwealth.
This standard reinforces the Commonwealth's commitment to an effective access management strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks posed by improper management of access.
Executive Office of Technology Services and Security
The EOTSS standard is Microsoft Defender, which will be leveraged as an anti-malware/antivirus component integrated with Windows 10. This product is replacing all other antivirus software.
This standard reinforces the Commonwealth’s commitment to an effective asset management strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks posed by improper management of assets.
This standard reinforces the Commonwealth’s commitment to an effective business continuity and disaster recover strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.
The Change and Configuration Management Policy establishes the minimum security requirements and key information security considerations that Commonwealth Agencies and Offices must implement.
The Communication and Network Security Standard details requirements for network security management, remote access security management, third-party network access and secure file transfer by the Commonwealth of Massachusetts.
