tva logoTennessee Valley Authority

COMMUNICATIONS - PRACTICE 7

Accessing and Using TVA Internet and Electronic Mail Resources

WHAT

TVA provides Internet, Intranet, and Electronic Mail (e-mail) resources for authorized purposes for employees and, in some cases, for the employees of TVA contractors (collectively, “employees”). This practice establishes authorization for employee use of TVA Internet, Intranet, and e-mail resources and development of Internet applications and publications.

WHO

  • TVA Employees
  • Contractors

WHY

TVA provides these resources to TVA employees to facilitate and enhance their ability to perform their work at high levels of productivity and business efficiency. In keeping with that purpose, conservation, protection, and the security of computing hardware and network resources are essential for TVA's business operations.

HOW

BUSINESS USE OF THE INTERNET, INTRANET, AND E-MAIL

TVA supplies Internet hardware, software, network interconnections, and e-mail for business use for employee communications, computer applications, and workflow automation. Internet services will be allocated to individuals as determined by their Chief Officer or direct reports to the Board of Directors. Employees must follow the TVA's Corporate Identity guidelines for posting materials and the TVA's Standards of Ethical Conduct.

TVA Internet facilities automatically collect usage information for service management purposes and may be read by the appropriate systems administrator and management. Employees should have no expectation of privacy for the content of messages or files sent, received, saved, or maintained on TVA computing resources; or to the identification of sites accessed through Internet, Intranet, e-mail, or file transfers. Use of TVA’s computing resources constitutes consent to monitoring, copying, and using any computer records.

PERSONAL USE OF THE INTERNET AND E-MAIL

Personal use of the Internet, Intranet, and e-mail is prohibited except for the incidental, acceptable use described below. Prohibited personal use may result in disciplinary actions.

USE GUIDELINES

The following guidelines are provided to help employees determine approved official use and acceptable incidental use of Internet, Intranet, and e-mail facilities.

Approved Official Use - The following are approved official uses of the Internet, Intranet, and e-mail:

  • To support TVA work activities.
  • To access information, news, practices, standards, or procedures that are related to TVA business.
  • To access and maintain personal information pertaining to TVA employment, such as human resources, training, expense reimbursement, travel, and the TVA Retirement System.
  • To perform research for classes for which TVA provides reimbursements.
  • To correspond with instructors and classmates regarding TVA-sponsored school assignments.
  • To correspond with immediate family members while in travel status.
  • For job searches, if you have been formally notified that your job is at risk.
  • To access any site or activity not mentioned above that has been officially approved by TVA Chief Officers.

Acceptable Incidental Personal Use - The following are acceptable incidental uses of the Internet, Intranet, and e-mail:

  • For personal use of the Internet limited to web site visits of reasonable duration and frequency which do not adversely affect the employee’s performance of official duties and which are not listed as an Unacceptable Use.
  • For personal use of e-mail limited to point-to-point e-mail messages or web transactions of short duration to conduct personal business (consistent with the policy for personal local telephone calls) (no broadcasts or mass mailings) which do not adversely affect the employee’s performance of official duties and which are not listed as an Unacceptable Use.
  • To access and use electronic bulletin boards or news groups that have been approved and sanctioned for personal use.

Unacceptable Use - The following unacceptable uses of the Internet, Intranet, and e-mail are prohibited:

  • To intentionally or recklessly damage or interfere with computer or network resources, computer data, the activities of others, files, programs or other information.
  • To “surf” (aimless exploration from one web site to another without a specific business purpose).
  • To gain any personal monetary/commercial profit including trading or selling, or to operate a business or solicit employment except as described above.
  • To send or access e-mail or other communications, images, files, or programs containing offensive or harassing statements, hate speech, or sexually explicit material, including comments based on race, national origin, sex, sexual orientation, age, disability, religion, or political beliefs.
  • To initiate or forward electronic chain letters.
  • To engage in illegal activities such as forgery, misrepresentation, and other security-related violations of applicable rules and regulations (e.g., e-mail forgery) or activity inconsistent with the TVA Standards of Ethical Conduct or to threaten, harass, or engage in other criminal offenses.
  • To download or upload to the Internet, or transport across the TVA network, material that is illegal, proprietary, or in violation of copyright laws or TVA guidelines.
  • To use Internet-based screen savers without approval from Chief Officers, direct reports to the Board, or designated representatives.
  • To access non-business sites that incur a charge to TVA.
  • To use Internet-based audio, video, or radio services for entertainment purposes.
  • To access or attempt to access another individual’s data or information, or to use or attempt to use another individual’s password without a “business need to know” justification.

BLOCKING INTERNET SITES

TVA may block an employee’s access to Internet sites that TVA believes are not needed for employees to perform their TVA work. Examples of sites that will be blocked are pornography sites, hate sites, and other sites that are clearly not related to TVA business. In the event an employee believes that access to a blocked site is necessary for the employee to perform his or her TVA work, and the employee’s manager at the Vice President level or higher so approves, access to the blocked site will be restored.

DEVELOPMENT OF INTERNET APPLICATIONS AND PUBLICATIONS

The TVA Internet and e-mail policy is published to address critical issues such as exposure of business sensitive information, consistency in corporate image, maintenance and timeliness of material presented on web pages, and access security. TVA business units engaged in InsideNet or Internet applications development and publishing shall conform to the provisions of the TVA Internet Development Procedure, which contains instructions on Internet development and publishing. Information Services maintains the procedure. Also, Information Services maintains and controls the technical environment for all Internet development on both the private TVA Network (referred to as the InsideNet or Intranet) and TVA's external public Internet site. This includes access control, security, software, and hardware, as well as procurement of all Internet site (domain) names, regardless of whether the site is housed on TVA premises or a commercial Web hosting facility.

For TVA public web sites, Corporate Communications is responsible for providing final approval for content and facilitating issues of business sensitivity and consistency in corporate image.

Organizational approval for posting material to the InsideNet or Internet is controlled at the Chief Officer and Board direct report level. Chief Officers direct the development of Internet procedures that are specific to their organizations and delegate responsibility for approval of Web pages as appropriate

ELECTRONIC AUDITING

There is no expectation of privacy with respect to an employee’s use of the Internet, Intranet, or e-mail.

A “Logon Warning Banner” notifies users that monitoring is in place. An automated log analysis program will also monitor incoming log entries, and events or trends indicative of potential securing problem will be reported to the affected system administrators and management.

Users should be aware that specially designated TVA system administrators are authorized to periodically audit, inspect, and/or monitor Internet, Intranet, and e-mail activity as deemed appropriate.

Monitoring of the substance of personal, medical, attorney-client, or financial information transmitted by or to an employee over TVA computer resources for TVA or TVA Retirement System purposes is prohibited, except as provided below.

A Chief Officer of TVA in the employee’s organization may authorize the monitoring of an employee’s personal, medical, attorney-client, or financial information upon stating in writing that circumstances justify monitoring in the particular instance.

Moreover, because of the unique nature of their duties, employees in the Office of the Inspector General may need to vary from these practices when their judgment is called for in the pursuit of their duties. Such variances will be authorized by the Inspector General or his/her designee on a case-by-case basis according to guidelines issued by the Inspector General.

Allegations of abuse of this practice shall be referred to the appropriate TVA Officer in the employee’s organization or the Office of the Inspector General for investigation and coordination within TVA or other governmental authorities, as appropriate.

Nothing in this policy limits the protection provided to certain records by the Privacy Act.

Electronic monitoring within all TVA networks ensures its integrity and security. In specific situations, monitoring may be used to support identification, termination, and/or prosecution of unauthorized or illegal activity. Employees and contractors are notified by this practice that electronic monitoring is used. These electronic monitoring mechanisms are capable of recording:

  • Access to the system, including successful and failed login attempts, and logouts.
  • Inbound and outbound file transfers.
  • Terminal connections (Telnet) to and from external systems.
  • Sent and received e-mail messages, files.
  • Web sites visited, including uniform resource locator (URL) of pages retrieved.
  • Date, time, and user associated with each event.

A “Logon Warning Banner” notifies users that auditing and monitoring are in place. An automated log analysis program will also monitor incoming log entries, and events or trends indicative of a potential security problem will be reported to the affected system administrators and management. Users should be aware that specially designated TVA system administrators are authorized to periodically audit, inspect, and/or monitor Internet, Intranet, and e-mail activity as deemed appropriate.

ROLES

Information Services

  • Information Services (IS) provides and/or develops procedures to assist business units with Web pages. IS evaluates emerging technology for appropriate use at TVA and provides technical training and technical support for IS supported products which adhere to industry standards. IS provides the technical expertise in operating systems and applications development to assist the business unit in the technical implementation of Internet applications.
  • With the input from the affected organizations, IS shall establish guidelines for those employees, such as system administrators, who have access to or use of information under this practice.

Corporate Communications

  • Corporate Communications provides resources (documents and/or people) to help TVA's business units address content issues such as information correctness and business sensitivity.

TVA Business Units

  • Business units ensure that published information complies with the TVA Internet Development Procedure, as well as establish guidelines for their organizations, if necessary.

 

RESOURCES

  • Information Services
  • Corporate Communications
  • Office of Inspector General
  • Office of General Counsel
  • TVA Police

 

Last Revised 04/2001

 

top of page

 

 

           
Content for id "future1" Goes Here
Content for id "future2" Goes Here
Content for id "future3" Goes Here