1. Introduction
This document contains key information and Standard Operating Procedures (SOPs) necessary to deploy, maintain and monitor the official Email services for government employees.
The Government of Khyber Pakhtunkhwa encourages all the employees of government departments/directorates/ autonomous bodies to use Email as a preferred means of electronic communications for government day-to-day operations, for sharing of information resources and services across Government, businesses, partners and with the general public. Government Email services will be used for the exchange of draft documents, exchange of general information, scheduling of internal office meetings, comments/draft minutes of meetings, circulation of office messages, other drafts, engagement activities, etc. within Government departments.
This policy outlines the roles and responsibilities of stakeholders and SOPs which are desired to be followed for the true implementation and adoption of Government Email services.
2. Policy
2.1 Eligibility
All Regular KP Government employees of grade 17 or above, along with application endorsed by the head of the department.
2.2 Account Policy
2.2.1 Nomenclature
· Standard nomenclature will be at designation.department@kp.gov.pk.
o Example: secretary.labor@kp.gov.pk
· Departments with their independent domains other than kp.gov.pk, i.e: TLD gov.pk may provide Email IDs on specialized domains as designation@department.kp.gov.pk.
o Example: secretary@labor.kp.gov.pk
2.2.2 Password Policy
a) All passwords should be reasonably complex and difficult to guess.
b) Passwords should be at least eight characters long and contain a combination of upper- and lower-case letters, numbers, and punctuation marks and other special characters.
c) Default passwords: system generated passwords for new employees when a new account is created, should be changed immediately.
2.3 Mail Box Quota
a) E-Mail capability of 500 MB will be provided to each employee. In case of excessive usage:
b) The employee will submit a request for extra space after approval from the departmental head. Clearly, state the reason for extra space.
c) After verification DEC will coordinate with Data Center for allocation of required quota.
2.4 Spamming Policy
2.4.1 Incoming
a) Anti-spamming technologies will scan all incoming email messages and filter out messages that appear to be spam.
b) The employee may also report incoming email as spam. This can result in IP addresses and domain names being blacklisted at a server hosted at Data Center.
2.4.2 Outgoing
a) Accounts used for sending spam messages to other will be warned and trained, a repeated offense may result in the permanent closure of the account.
b) Sometimes the outgoing message may also be filtered as spam at the receiver’s end. Following are some guidelines to avoid that risk.
o Send the message in plain text (instead of, or in addition to, HTML)
o Avoid the terminology and text styling typically used by spammers.
o Use only approved files extensions are desired as attachments.
o Ensure that your files are scanned for malware before dispatch.
2.5 Retention Policy: (see backup and archiving sections below)
3. Process:
3.1 Account Creation:
a) The employee will request the DEC for Email ID on prescribed request form duly signed by the employee and approving authority / departmental head.
b) The employee will have an option of editing his personal detail on Email client software.
c) After basic verification, and coordination with Data Center, DEC will create the account against the approved nomenclature.
d) On successful completion, DEC will share the Email credentials with the employee.
e) Exchange of email credential may be signed on prescribed form by both the employee and DEC.
3.1.1 Temporary accounts:
a) Temporary accounts will be created for employees those are deputed in the department, have additional charge or transferred on a temporary basis.
b) In case the designation and title of an employee are not clear, a temporary account will be created against the nomenclature assigned by the approving authority.
c) The validity of temporary accounts will not be more than two months.
d) Data in a temporary account will be merged with the permanent account if required.
3.2 Sign-In:
a) The employee will be required to sign-in to Email account within 48 hours after creation of an account, otherwise, the password will be reset automatically.
b) The employee must change a password after the first login.
3.3 Password Reset Procedures:
a) The employee will request the DEC for a password reset on the prescribed request form.
b) DEC will reset the password to default and communicate to the employee.
c) If the corresponding account has not been accessed within 48 hours of a password reset, the password must be changed again or the account will be disabled.
3.4 Accounts Backup:
a) All Emails will be backed up periodically after 7 days.
b) Backup and restore will be performed by the Data Center.
3.5 Archiving Accounts:
a) For archiving an account, the employee must put a request through email to DEC.
b) Archiving means cleaning up mailbox without deleting them.
c) Spam and Junk emails will not be archived.
d) Archived Emails will be available for an employee on request.
3.6 Termination of Account:
3.6.1 Disabling Accounts:
Accounts will be disabled if:
a) The employee no longer requires access.
b) The employee may request the desired.
c) The account is not in used for 30 days.
d) Violates the usage policy.
e) Suspicions activity is identified on the account.
3.6.2 Closure of Accounts:
a) Accounts will be closed if the employee is:
1. Promoted or Transferred
2. The employee will request for a new account with the new designation.
3. Previous account Junk and Spam / Social folder will be reset and assigned to the new employee on that designation.
4. DEC may help in migrating official/personal Emails from the previous account if desired.
5. All archiving of the previous account will be available for three months, if not conflicting with the backup policy.
b) Retired / Fired
1. The account will be disabled as instructed by the competent authority.
2. Account Junk and Spam / Social folder will be reset and assigned to the new employee on that designation.
c) On Leave (for more than 30 Days)
1. The account will be disabled and archived.
2. Access to the account may be provided to an assigned employee if desired by the competent authority.
4. Guidelines
4.1 Guidelines for Email Usage:
a) Employees are encouraged to use Email, when appropriate, as an alternative to other forms of written communications.
b) Unless explicitly allowed in the collective agreement, use of official Email is not permitted for personal use/business.
c) Employees are not allowed to use public Email addresses (Gmail, Yahoo, Hotmail, etc.) for official correspondence.
d) Employees must choose unique passwords for their Email accounts, and may not use a password that they are already using for a personal account.
e) Email account passwords must be changed regularly.
f) The department Email list should only be used for official departmental correspondence.
g) Some Email messages may qualify as official records. These are messages that contain information that serves as adequate and proper documentation of the department.
h) Email messages will have a subject that identifies the content of the message.
i) Email should be checked at least once each workday.
j) Employees are encouraged to check their Email more often, such as upon arrival at work, after lunch, and before the close of the workday to ensure timely response to suspensions and other time-sensitive issues.
k) To serve as legal documents, all Emails must be maintained on the mail server for legal/audit/documentary purposes.
l) Email signatures must be attached to Email sent for all official correspondences. This practice identifies the source and serves as a record keeping.
m) The Email automatic reply feature should be used when an employee expects to be out of the office for an extended period of time. A suggested message would include the date of return and alternate point of contact.
n) When responding to an Email message with multiple addresses, reply only to addresses that require a response.
o) Employees should compress large size files before attaching with the email. This will help to optimize the bandwidth.
p) It is possible to receive a virus as an Email attachment. If not confident about the attachments or suspicious about the sender or the contents, do not download or open the attachment, but instead inform the DEC immediately.
4.2 Prohibited and Unacceptable Uses:
a) Employees are advised NOT to store their personal information/passwords in the official Email account, which may be visible to the next employee using that account.
b) As these accounts are provided on a temporary basis, an employee should not use these to create social media accounts.
c) Misrepresenting, obscuring, suppressing, or replacing a user’s identity on the Email is not allowed. This includes the use of false or misleading subject headers and presentation of information in the distribution of Email.
d) Employees are not permitted to use the Email account of another employee without receiving written authorization or delegated permission to do so.
e) Employees are not permitted to forge Email headers to make it appear as though an Email came from someone else.
f) Unsolicited commercial Email sending or forwarding unsolicited commercial Email (spam) including jokes/memes.
g) Should avoid soliciting for religious or political causes, advocating religious or political opinions and endorsing political candidates.
h) Making fraudulent offers of products, items, or services originating from any Government account.
i) Using official resources to distribute personal information that establishes an unwarranted invasion of personal privacy.
j) Any other Non-Government service-related activities that will cause congestion, disruption of networks or systems including, but not limited to, Internet games, online gaming, and Email attachments.
k) Should not use the official email account for a subscription for any marketing, social networks or referral programs.