Executive Office of Technology Services and Security Policies

Looking for an IT product or service and don't know where to start? There are multiple options as you begin looking for an IT product or service. The EOTSS Contract Management Team is here to point you in the right direction. Includes, templates, purchasing guidelines, and the statewide contract list.

SharePoint is primarily a document management and intranet platform. You can use it as a secure place to store, organize, share, and access information from any device - all you need is a web browser.

This standard reinforces the Commonwealth’s commitment to an effective cryptographic management strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.

The purpose of this standard is to establish requirements for cryptography and encryption techniques for the Commonwealth. Cryptographic controls shall be used to protect the confidentiality (e.g., encryption), authenticity and integrity (e.g., digital signatures or message authentication codes).

Online safety tips and guidance for the general public and for state employees at work.

The Commonwealth's data sharing framework is designed to ensure that data is shared securely and deliberately between state agencies to drive better-informed decision making. Here you will find data sharing information for the Commonwealth’s Executive Branch agencies - including the Executive Branch Data Sharing Memorandum of Understanding (MOU), the online Data Use License Agreement (DULA), contacts for the Data Steward Council, and more.

The Commonwealth's data sharing framework is designed to ensure that data is shared securely and deliberately between state agencies to drive better-informed decision making. Here you will find data sharing information for the Commonwealth’s Executive Branch agencies - including the Executive Branch Data Sharing Memorandum of Understanding (MOU), the online Data Use License Agreement (DULA), contacts for the Data Steward Council, and more.

The Commonwealth will centrally leverage Microsoft Defender Advanced Threat Protection as an enterprise endpoint security platform. Defender is designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. Additionally, Microsoft Defender for Office 365 will be leveraged to safeguard the Commonwealth against malicious threats posed by email messages, links (URLs), and collaboration tools.

Microsoft BitLocker offers enhanced protection against data theft or data exposure for computers that are lost or stolen. BitLocker encrypts all data that is stored on the Windows operating system volumes and drives and configured data drives.

A collection of policies and guidelines from the Commonwealth’s Chief Digital Officer intended to “improve the public-facing web presence and related services for executive department offices and agencies,” as directed by M.G.L. Ch. 7D Section 4C.