HomeMy WebLinkAboutContract 29577 CITY SECRETARY
QONTRACT NO.
INTERLOCAL AGREEMENT FOR SHARING
OF LAW ENFORCEMENT DATA
THE STATE OF TEXAS §
COUNTY OF TARRANT § KNOW ALL BY THESE PRESENTS:
This Interlocal Agreement is made and entered into this TAay of
/ 2004 by and between the City of Fort Worth, Texas, hereinafter referred
to as "Fort Worth," acting by and through its duly authorized City Manager, and the City of
Mansfield, Texas, hereinafter referred to as "Mansfield," acting by and through its duly
authorized City Manager.
WITNESSETH:
WHEREAS, the Texas State Legislature has authorized the formulation of interlocal
cooperating agreements between and among governmental entities; and
WHEREAS, this Interlocal Contract is made under the authority granted by and pursuant to
Chapter 791 of the Texas Government Code; and
WHEREAS, Fort Worth and Mansfield desire to share Law Enforcement data between each
other, specifically automated fingerprint and related demographic information on
Fort Worth prisoners, utilizing a link and the "Livescan" system; and
WHEREAS, the governing bodies of Fort Worth and Mansfield further find that the
performance of this contract is in the common interest of both parties;
NOW THEREFORE,
FOR IN CONSIDERATION of the mutual promises and agreements contained
herein, the parties do hereby agrees as follows:
I.
PURPOSE
The purpose of this contract is to implement a data connection and the necessary working
relationship between the City of Fort Worth and Mansfield for the purpose of sharing Livescan
automated fingerprint data and related demographic information on Fort Worth prisoners.
02-24-041DO,) : 53 [CVO
Interlocal Agreement- Page 1
II.
FORT WORTH'S RESPONSIBILITY
Fort Worth will provide Mansfield with the data listed above via the link described in
Attachment "A"—Specifications and Equipment for Livescan data link.
III.
MANSFIELD'S RESPONSIBILITY
Mansfield agrees to take any action necessary to maintain the link and associated
property appropriately, so as not to compromise the integrity or the security of the information
being transmitted. Mansfield further agrees that it will comply with all security procedures listed
in Attachment "B"--Security Procedures for Outside Data Connections to City of Fort Worth
Networks.
1V.
TERMINATION
Either party to this Agreement may terminate this Agreement on sixty (60) days written
notice to the other party.
V.
IMMUNITY
It is expressly understood and agreed that in the execution of this Agreement, no party
waives nor shall be deemed hereby to waive any immunity or defense that would otherwise be
available to it against claims arising in the exercise of governmental powers and functions.
VI.
SUCCESSORS AND ASSIGNS
Neither Fort Worth nor Mansfield will assign, sublet, subcontract or transfer any interest
in this Agreement without the written consent of the other party. No assignment, delegation of
duties or subcontract under this Agreement will be effective without the written consent of the
other party.
VII.
VENUE
The parties to this Agreement agree and covenant that this Agreement will be enforceable
in Fort Worth, Texas; and that if legal action is necessary to enforce this Contract, exclusive
venue will lie in Tarrant County, Texas.
-
Interlocal Agreement— Page 2
VIII.
REMEDIES
No right or remedy granted herein or reserved to the parties is exclusive of any other right
or remedy herein by law or equity provided or permitted; but each shall be cumulative of every
other right or remedy given hereunder. No covenant or condition of this Agreement may be
waived without written consent of the parties. Forbearance or indulgence by either party shall
not constitute a waiver of any covenant or condition to be performed pursuant to this Agreement.
IX.
SEVERABILITY
If any of the terms, sections, subsections, sentences, clauses, phrases, provisions,
covenants, conditions or any other part of this Agreement are for any reason held to be invalid,
void or unenforceable, the remainder of the terms, sections, subsections, sentences, clauses,
phrases, provisions, covenants, conditions or any other part of this Agreement shall remain in
full force and effect and shall in no way be affected, impaired or invalidated.
X.
APPLICABLE LAW
This Agreement is entered into subject to the Interlocal Cooperation Act, the City
Charters and Ordinances of Mansfield and Fort Worth, as they may be amended from time to
time, and is subject to and is to be construed, governed and enforced under all applicable Texas
and Federal law. Sites of this Agreement is agreed to be Tarrant County, Texas, for all purposes
including performance and execution.
XI.
ENTIRE AGREEMENT
This Agreement embodies the complete agreement of the parties hereto superseding all
oral or written previous and contemporary agreements between the parties relating to matters
herein; and except as otherwise provided herein, cannot be modified without written agreement
of the parties.
XII.
AUTHORIZATION
The undersigned officers and/or agents are properly authorized to execute this Contract
on behalf of the parties hereto and each party hereby certifies to the other that any necessary
resolutions or actions extending such authority have been duly passed and are now in full force
and effect.
[Signature page follows.]
Interlocal Agreement—Page 3
EXECUTED on the date first written above.
THE CITY OF FORT WORTH
By: ATTEST:
Chief of Police
APPROVED:
a City Secretary
t
City#anvio C
ontract Xuthorization
APPROVED AS TO FORM AND LEGALITY
Date
City Attorney
THICIT OF MANSFIELD
By ATTEST:
Chief of Police
APPROVED: Luk
City Secretary
City Manager
APPROVED AS TO FORM AND LEGALITY
r. a..
City Attorney°
Interlocal Agreement- Page 4
Attachment "A"
Basic layout of network
interconnect at Mansfield Jail
Mansfield - CFW
Mansfield JAM CFW Lifescan
Firewall
Nokia IP30 Sofaware appliance
http://www.nokia.com/nokia/O,,43327,00.html
$600
Both PCs must adhere to the specifications listed in the Interlocal Agreement Annexes. Per the Annex as of
c. 2 2003,they must:
1. R n current and up to date anti-virus software.
2. Lo Security, System and Application events in accordance with CFW standards.
3. R uire the use of pas swords on all accounts and password expiration policies.
F�4. Be subject to at least an annual review by CFW staff to ensure that these conditions are met.
ATTACHMENT B
SECURITY STANDARDS FOR OUTSIDE DATA CONNECTIONS TO CITY OF
FORT WORTH NETWORKS.
Extranet Standard
• Overview
• The purpose of this standard is to establish the requirements under which third
party organizations may connect to the City of Fort Worth networks for the
purpose of transacting City business. The standards listed are specific activities
required by Section 2.2 of the City of Fort Worth Information Security Policy.
• Scope
• Connections between third parties that require access to non-public City of Fort
Worth resources fall under this standard, regardless of whether a
telecom InUnIcations circuit (such as frame relay or ISDN) or VPN (Virtual
Private Network) technology is used for the connection. Connectivity to third
parties such as the Internet Service Providers (ISPs) that provide Internet access
for the City of Fort Worth or to the Public Switched Telephone Network do not
fall under this standard.
• Standard
• Pre-Requisites
• Security Review. All new extranet connectivity will go through a security review
with the hnformation Security department (IT Solutions). The reviews are to
ensure that all access matches the business requirements in a best possible way,
and that the principle of least access is followed.
• Third Party Connection Agreement. All new connection requests between third
parties and the City of Fort Worth require that the third party and the City of Fort
Worth representatives agree to and sign a third party agreement. This agreement
must be signed by the Director of the sponsoring organization as well as a
representative from the third party who is legally empowered to sign on behalf of
the third party. The signed document is to be kept on file with IT Solutions. All
doClmlents pertaining to connections into the City of Fort Worth labs are to be
kept on file with IT Solutions.
• Business Case. All production extranet connections must be accompanied by a
valid business justification, in writing, that is approved by a project manager in IT
Solutions. Lab connections must be approved by IT Solutions. Typically this
function is handled as part of a third party agreement.
• Point Of Contact. The sponsoring organization must designate a person to be the
Point of Contact (POC) for the Extranet connection. The P 901iffif Of
the sponsoring organization, and is responsible for those p rtions of th�,� po�l
qif C 0
and the third party agreement that pertain to it. In the event that the POC changes,
IT Solutions must be informed promptly.
• Establishing Connectivity
• Sponsoring organizations within the City of Fort Worth that wish to establish
connectivity to a third party are to file a new site request with IT Solutions to
address security issues inherent in the project. If the proposed connection is to
terminate within a lab at the City of Fort Worth, the sponsoring organization must
engage IT Solutions. The sponsoring organization must provide full and complete
information as to the nature of the proposed access to the extranet group and IT
Solutions, as requested.
• All connectivity established must be based on the least-access principle, in
accordance with the approved business requirements and the security review. In
no case will the City of Fort Worth rely upon the third party to protect the City of
Fort Worth's network or resources.
Modifying or Changing Connectivity and Access
• All changes in access must be accompanied by a valid business justification, and
are subject to security review. Changes are to be implemented via corporate
change management process. The sponsoring organization is responsible for
notifying IT Solutions when there is a material change in their originally provided
information so that security and connectivity evolve accordingly.
Terminating Access
• When access is no longer required, the sponsoring organization within the City of
Fort Worth must notify IT Solutions, which will then terminate the access. This
may mean a modification of existing permissions up to terniinating the circuit, as
appropriate. IT Solutions must conduct an audit of their respective connections on
an annual basis to ensure that all existing connections are still needed, and that the
access provided meets the needs of the connection. Connections that are found to
be deprecated, and/or are no longer being used to conduct the City of Fort Worth
business, will be terminated immediately. Should a security incident or a finding
that a circuit has been deprecated and is no longer being used to conduct the City
of Fort Worth business necessitate a modification of existing permissions, or
termination of connectivity, IT Solutions will notify the POC or the sponsoring
organization of the change prior to taking any action.
• Definitions
• Circuit. For the purposes of this policy, circuit refers to the method of network
access, whether it's through traditional 1SDN, Frame Relay etc. or via VPN
encryption technologies.
• Sponsoring Organization. The City of Fort Worth organization that requested that
the third party have access into the City of Fort Worth.
• Third Party. A business that is not a formal or subsidiary part of the City of Fort
Worth.
Anti-Virus Standard
• Overview
• Availability, performance, and security of the network represent essential core
assets to the daily operation of the City of Fort Worth. Viruses and other forms of
malicious code (worms, Trojan horses, backdoors, VBS scripts, mass-mailers,
etc.) represent a significant threat to these assets. In order to combat this threat, a
comprehensive enterprise security policy must include antivirus standards for
detection, removal, and protection against viral infections. The standards listed
are specific activities required by Section 6.3 of the City of Fort Worth
Information Security Policy.
• Scope
• This standard applies to all City of Fort Worth employees, contractors, vendors
and agents with a City of Fort Worth-owned or personally-owned computer or
workstation used to connect to the City of Fort Worth network. This standard
applies to remote access connections used to do work on behalf of the City of Fort
Worth, including reading or sending email and viewing intranet web resources.
• Standard
• General
• All Windows computers (clients and servers) connected to the City of Fort Worth
computer network or networked resources must run the City of Fort Worth
standard, supported anti-virus software, correctly installed, configured, activated,
and updated with the latest version of virus definitions before or immediately
upon connecting to the network.
• Other operating systems or computing platforms must have comparable
protection, if available. In the event that no antivirus protection is available for a
particular operating system or platform, anyone using or accessing these
unprotected systems must apply all prudent security practices to prevent infection,
including the application of all security patches as soon as they become available.
When antivirus software becomes available for an operating system or platform
previously lacking antivirus software, it shall be installed on all applicable devices
connected to the network.
• If deemed necessary to prevent viral propagation to other networked devices or
detrimental effects to the network, computers infected with viruses or other forms
of malicious code must be disconnected from the network until the infection has
been removed.
• Any exceptions to this policy must be explicitly approved by IT Solutions.
• Prevention
• Files attached to an email must not be opened unless the email is from a trusted
source and the files are expected. If there is any doubt, contact the source to verify
that lie or she sent the email and the attached files. Ennails that contain attached
files and that come from an unknown, suspicious or untrustworthy source should
not be opened; they should be deleted immediately.
• Spam, chain letters, and other junk email should be deleted immediately and
never forwarded.
• Files from unknown or suspicious sources must not be downloaded.
• Direct disk sharing with read/write access must not be enabled unless there is
absolutely a business requirement to do so.
• Diskettes must be scanned for viruses before any files on them are used.
• Critical data and system configurations must be backed up on a regular basis and
the data stored in a safe place.
• Response To A Virus Infection
• IT Solutions personnel nnust be contacted immediately when a computer has been
infected with a virus.
• If the antivirus software is unable to remove a viral infection, a technician may
attempt to do so. This may involve a visit to the work site or resolution may take
place remotely if the technician can access the computer using screen-sharing
software. If a technician is unable to remove a viral infection, the computer's hard
drive must be reformatted and all software reinstalled using clean, licensed
copies.
• If an infected connputer is deemed capable of infecting or affecting other
computers or the network, the infected computer will be immediately
disconnected from the network until it is serviced by a technician
verify that the computer is virus-free. �1:
Do
Y
is
4
Workstation Security Standard
• Overview
• The purpose of this standard is to establisli the base configuration of internal
workstation equipment that is owned and/or operated by the City of Fort Worth.
Effective implementation of this standard will minimize unauthorized access to
City of Fort Worth proprietary information and technology. The standards listed
are specific activities required by Section 7.5 of the City of Fort Worth
Information Security Policy.
• Scope
• This policy applies to equipment owned and/or operated by the City of Fort
Worth, and to workstations registered under any City of Fort Worth-owned
internal network domains.
• This policy is specifically for equipment on the internal City of Fort Worth
network. For secure configuration of equipment external to the City of Fort Worth
on the DMZ (De-Militarized Zone), please refer to the applicable standard.
• Standard
• Ownership and Responsibilities
• All internal workstations deployed at the City of Fort Worth must be owned by an
operational group that is responsible for system administration.
• Approved workstation configuration guides must be established and maintained
by each operational group, based on business needs and approved by IT Solutions.
Operational groups should monitor configuration compliance and implement an
exception policy tailored to their environment. Each operational group must
establish a process for changing the configuration guides, which includes review
and approval by IT Solutions.
• Information in the corporate enterprise management system must be kept up-to-
date.
• Contguration changes for workstations must follow the appropriate change
management procedures.
_ 1
5
• General Configuration
• The most recent security patches must be installed on the system as soon as
practical, the only exception being when immediate application would interfere
with business requirements.
• Windows Configuration
• Windows operating system configuration must be done according to the City's
secure workstation installation and configuration standards which are based on the
SANS Windows 2000 Professional Operating System Level 2 Benchmark
Consensus Baseline Security Settings.
• The Center for Internet Security Scoring Tool must be run against a server before
it is placed into production. The output of the tool must be provided to IT
Solutions for review and approval.
• The disk partition containing the operating system must be formatted for NTFS or
another file system that supports file-level permissions and auditing. The FAT file
System must not be used.
• Services and applications that will not be used must be disabled.
• Monitoring
• All security-related events must be logged and audit trails saved. Please see the
,,luda Siandurd for more information.
• Security-related events will be reported to IT Solutions, who will review logs and
report incidents to IT management. Corrective measures will be prescribed as
needed. Security-related events include, but are not limited to:
• Port-scan attacks
• Evidence of unauthorized access to privileged accounts
• Anomalous occurrences that are not related to specific applications on the
host
• Compliance
• Audits \vill be perlormcd on a regular basis by IT Solutions and/or other
authorized organizations within the City of Fort Worth.
• Audits will be managed by IT Solutions, in accordance with the audit standards
and guidelines. IT Solutions will filter findings not related to a spe if"tc
6 � _
operational group and then present the findings to the appropriate support staff for
remediation or justification.
• Every effort will be made to prevent audits from causing operational failures or
disruptions.
• Definitions
• DMZ De-militarized Zone. A network segment external to the corporate
production network.