According to two policy letters issued over the last week, California’s Office of the State Chief Information Officer (OCIO) has amended the state’s Statewide Information Management Manual (SIMM) to include social media and teleworking standards. The letters are the latest in a string of policies being issued OCIO, including open source, green IT use and consolidation strategies.
On Friday, February 26, OCIO issued a policy letter outlining social media requirements (.pdf) for agencies and departments statewide. Four days later, OCIO issued a similar letter for telework and remote access (.pdf) arrangements for state employees. Both policies seek to encourage and guide agencies’ use of social networking, Web 2.0 technologies, and teleworking, State CIO Teri Takai said.
“The more we increase the state’s online presence to enhance communication and transparency, the better we are able to serve Californians,” she said in a statement.
Sites such as Facebook, YouTube, Twitter, MySpace, LinkedIn, Digg, and Flickr, were highlighted as the kinds of outlets agencies could use to obtain information or “perform research,” the letter says. But with this, and the teleworking policy, security best practices will be of the utmost importance.
The social media policy stresses cyber security best practices, as well as good business communications practices, due to the risk of unauthorized or inappropriate sharing of information. The teleworking policy says that agency heads are responsible for determining which workers are eligible to telework by training and certifying those teleworkers’ equipment from the OCIO-Office of Information Security. This Telework and Remote Access Security Compliance Certification must be completed no later than July 1 and annually thereafter by January 31, the policy says.
Earlier this year, OCIO issued a policy on open source software, stating how agencies should go about using and procuring the code. “We don’t want to see OSS as a side effort or one-off solution. It needs to be maintained and supported just as closely as proprietary software,” Adrian Farley, Chief Deputy Director for Policy and Program Management at OCIO, said in an interview. “We don’t want to see OSS as a side effort or one-off solution. It needs to be maintained and supported just as closely as proprietary software.”
Likewise, in February Governor Schwarzenegger signed an executive order to standardize IT governance across the state by defining timelines for IT consolidation and shard services of data centers, e-mail and security measures. The formal creation of Agency CIOs and Information Security Officers (ISOs) at cabinet and sub-cabinet levels were among the order’s chief organizational mandates.