Executive Office of Technology Services and Security Policies

Not sure who to call for help? For your convenience, Commonwealth Executive Branch agency IT help desk information has been provided below. 

Terms of use for the Commonwealth Secure Email System.

This standard reinforces the Commonwealth’s commitment to a secure system and software strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.

Executive Office of Technology Services and Security The Secure System and Software Lifecycle Management Standard establishes requirements for identifying controls to be incorporated in system and software planning, design, building, testing and implementation.

The EOTSS Secure WiFi Standards refer to dedicated Commonwealth wireless local area network access at various Commonwealth agency locations. The service is built in a manner to ensure that only authorized devices can access Commonwealth resources. These security measures are in place to guard against unauthorized access to secure SSIDs and the capturing of user data over the air.

EOTSS has standardized on and is implementing a VMP throughout the Commonwealth enterprise. All executive branch entities and other state agencies as determined by the Secretary/CIO of Technology Services and Security under Chapter 7D are required to comply with this program. There will be corresponding Administrative Directives published in support of this program.

The Commonwealth's IT platform for technology support and services.

Site-to-Site IKEv2 encrypted tunnel to connect into MAGNET

There are no legal prohibitions against state agencies using social media sites or having social media identities. However, there are legal considerations. This Social Media Legal Guidance Toolkit is designed for you and your legal counsel to review and apply before implementing social media for your agency or authorizing employees to participate on social media sites. It includes information about updating agency website policies (privacy, terms of use and social media) relating to your use of social media; training topics for agency social media participants; meeting relevant legal obligations; and considerations for employees' use of social media, both professional and personal.

The Software and Application Management Policy establishes the minimum security requirements that must be implemented to develop, test, install, manage, and terminate software programs, systems and applications.