Executive Office of Technology Services and Security Policies

With all levels of government and businesses across the country urging employees to work remotely to slow the spread of the Coronavirus, now’s a good time to review the security settings of your home network and pay close attention to business-specific guidance.

This standard establishes the security requirements needed when a third party is working with the Commonwealth's confidential information.

The Third Party Risk Management Policy establishes the minimum security requirements that must be implemented to manage third-party vendors who provide any type of information technology goods and/or services, outsources applications, cloud services, and/or network and security management to the Commonwealth.

This standard reinforces the Commonwealth’s commitment to a Third-Party information security strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.

With so many people working from home, webinars and conference calls have become the standard method for holding meetings or working collaboratively. But even though we have all become more security conscious when working online, we often overlook the security concerns of these virtual meetings. Given the current climate, it’s helpful to take a step back and think about the platform itself as well as what is to be discussed when you are hosting an online meeting.

The Vulnerability Management Policy establishes the minimum security requirements that must be implemented to protect, detect and remediate vulnerabilities in the Commonwealth’s information technology environment.

The Vulnerability Management Standard documents the requirements to protect, detect and recover from vulnerabilities in the technology environment and applies to all Executive Department offices and agencies.

This standard reinforces the Commonwealth’s commitment to a vulnerability management strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.

Massachusetts recognizes the importance of making digital government services available to the widest audience possible, and is committed to ensuring that those with visual, auditory, physical, speech, cognitive, language, learning, neurological, and other disabilities have equal access to all Mass.gov resources.

Massachusetts Web Design Guidelines support and reflect the important guidance codified in the 21st Century Integrated Digital Experience Act.