FireNet Rules of Behavior


As a FireNet user, I will:

  1. Complete the most current version of either DOI's or USDA (FS) Information Security Awareness/Privacy training annually. Affiliate users who do not have current DOI, fire bureau or USDA FS credentials must submit a copy of their completion certificate to FireNet administration for record keeping.
  2. Handle and retain all system outputs in accordance with information classifications and records management requirements.
  3. Ensure the security of Government information, equipment, keys and any access/authentication card or device. This includes signing out of all FireNet browser sessions at the end of the work day.
  4. Not attempt to access information or information systems for which access has not been authorized.
  5. Users will protect their passwords commensurate with the sensitivity of the FireNet system and not share passwords and/or any access/authentication card or device personal identification number (PIN).
  6. Not use Government information, equipment, keys and/or any access/authentication card of device for activities that are illegal and/or inappropriate.
  7. Consent to monitoring and have no expectation of privacy when using Government computer equipment and/or FireNet.
  8. Not attempt to install unauthorized software onto Government computers.
  9. Not attempt to connect personal devices or other unauthorized computer equipment to the DOI or USDA FS computer network without appropriate authorization.
  10. Not post Government information on external websites or services without prior appropriate authorization.
  11. Not attempt to alter and/or disable Government computer configurations and security settings without prior appropriate authorization.
  12. Immediately report suspected computer security incidents and provide full cooperation in accordance with your Department, Bureau or Office incident response procedure.
  13. Users must lock all devices accessing the FireNet environment when leaving them unattended for 15 minutes or more.
  14. Users must access the FireNet environment by web browser at least once every 45 days or the account will be blocked from sign-in. If the user fails to sign in within two weeks of receiving notification that the account is blocked from sign-in, the account will be UNLICENSED and DELETED.
  15. As prompted by the system, users must use multi-factor authentication to access the FireNet environment.
  16. Users must change their password when prompted, which occurs every 60 days.