A Different Voice Serving the Sisseton-Wahpeton Oyate

Tag archive

IT

SWO’s Computer Use Policy

Uncategorized by

I have copied Section 4.8 – Network Security for Portable Devices for your review.  I’ve read this section a million times.  I have stopped strangers on the street and read it to them and then asked, “So, would this policy apply to a flashdrive?”  Every Single Person has answered “no, it would not – because flashdrives don’t have personal firewalls or anti-virus protection”.  There are links below that will bring up the “Computer Use Policy” in its entirety and the SWO Personnel Policy Manual.

 

4.8 Network Security for Portable Devices

Introduction

Portable devices offer staff the ability to be more productive while on the move. They offer greater flexibility in where and when staff can work and access information, including information on our network. However, network-enabled portable devices also pose the risk of data theft and unauthorized access to our network. Any device that can access the network must be considered part of that network and therefore subject to policies intended to protect the network from harm. Any portable device that is proposed for network connection must be approved and certified by the IT department.

Protecting the Portable Device

In order to qualify for access to the Tribal network, the portable device must meet the following conditions:

  1. Network settings, including settings for VPN, must be reviewed and approved by IT support personnel.
  1. A personal firewall must be installed on the device and must always be active. Recommended firewall software is Zone Labs’ ZoneAlarm, Norton Internet security and Windows Firewall.
  1. Anti-virus software must be installed. Software must have active scanning and be kept up-to-date. Recommended anti-virus software is Norton Antivirus, AVG Antivirus, and, TrendMicro.

Portable Device User’s Responsibilities

  1. The user of the portable device is responsible for network security of the device whether they are onsite, at home, or on the road.

2. The user of the portable device is responsible for keeping their anti-virus scanning software up-to-date at all times. It is strongly recommended that they update their anti-virus software before going on the road.

 

SWO Computer Use Policy

 

2015 SWO Personnel Policies with Revisions

 

 

 

A Real Challenge – Policy That Makes Sense

SWO Politics by

I didn’t think the “Flash-Drive Controversy” would go this far, but word has it that the Old Agency District (or just 7 people) voted to remove the Vice-Chairman claiming he “misused a flash drive” according to SWO Policy.  Now that we’ve all gotten beyond our WTF moment, let’s review the policy.  SWO’s Computer Use Policy starts on page 77.

2015 SWO Personnel Policies with Revisions

If you can explain to me how anything within this Computer Use policy, Chapter XIII, applies to a flash drive, I will buy you lunch, hot and fresh – a $8.99 value!  Stay tuned and I will post my analysis of this Chapter as well.

An IT Breach or an IT Failure?

SWO Politics by

As I was listening to the District Chairman’s Association, I was struck by how many came in to “Investigate the Vice-Chair’s Office and/or Political Appointees for an IT Breach of confidential information.”  Let’s review what happened.

Apparently, the Vice-Chairman and/or his political appointees wanted to review their budget.  Each office has the right to do that, and furthermore, since the Vice-Chairman’s office oversees all budgets, he has the Constitutional duty to examine all budgets.  They ran into a problem however, because the Information Technology (IT) Department had not yet set them up with computers and the equipment they needed to complete their job duties.  This is an failure on the IT Department, as they had plenty of notice that new persons would be coming on board.  The election was held in November 2016, after all, so that’s two months lead time.

I’m told they spoke with IT and IT gave them a portable jumpdrive to transfer documents to.  The budget specialist then gave them the budget matrix on that drive.  Sounds like a simple solution.

I imagine the political bruhaha started about now.

FACTS:

  1. The Vice-Chairman acted within his authority.  It is the duty of the Vice-Chairman to review and administer the financial affairs of the Sisseton-Wahpeton Oyate.  See the By-laws of the Sisseton-Wahpeton Oyate, Article I – Duties of Officials, Section 3. Vice-Chairman, (f) The Vice-Chairman shall oversee all financial and business matters of the Tribe.
  2. Budgets are not confidential.  Tribal Governement spends our money and we have the right to know how our government spends it.  The budgets are held in a simple Excel spreadsheet with no security whatsoever and are freely shared.  In fact, current Chairman Dave Flute has shared the budget outside of the tribal email system in the past under the same policies in effect now, so I am not sure why anyone would fault the current Vice-Chairman for simply having the file.

I really don’t see the issue with the Vice-Chairman and his political appointees.  If there was a failure of duty, it would fall on the IT Department for not having the Vice-Chairman’s office set up with the equipment they needed to carry out their elected duties.

OTHER CONCERNS MUDDYING THE WATERS

SOCIAL SECURITY NUMBERS!!  I’ve heard that people were concerned about the Social Security Numbers within that file.  Oh?  Why would that be?  Social Security numbers should be confidential information and held only by the HR Department.  Then my question is “Why would the budget specialist have social security numbers on her computer?”  Wouldn’t that be a violation of confidentiality on her part then?  Since she was installed with the previous Vice-Chairman, was she directed to keep SSNs on file or did she keep them at her own discretion?  For what purpose?

CHAIN OF COMMAND!!  The Vice-Chairman did follow the chain of command.  As previously established, he has the right to review budgets, he directed his political appointees to begin the process, and the Budget Office reports directly to the Vice-Chairman.

If there must be a call for an “Investigation”, logically the investigation should look at these two departments:

  • Budget Office and Budget Specialists – why do they have SSNs in their files?  For what purpose?  Since this was the previous administration, it would involve looking not only at one remaining budget specialist, but the other budget specialist, the political appointees – Laura Williams (currently working as Chairman Flute’s political appointee) and Viva DuBois, and the previous Vice-Chairman Garryl Rousseau.
  • IT Department – Why didn’t they have the Vice-Chair’s office set up and ready to go when they took office? Why did it take an entire week to accomplish?  The Information Technology department currently reports to Chairman Flute, although, up until December 2016, they reported to previous Vice-Chairman Garryl Rousseau.
Go to Top