An official website of the United States government.

This is not the current EPA website. To navigate to the current EPA website, please go to www.epa.gov. This website is historical material reflecting the EPA website as it existed on January 19, 2021. This website is no longer updated and links to external websites and some internal pages may not work. More information »

Confidential Business Information under TSCA

VDI Training

Rules of Behavior for Virtual Desktop Access to OPPT Materials, including TSCA CBI

  1. I require access to TSCA CBI and other materials accessible via the virtual desktop in order to perform my assigned duties.
    • My use and access of TSCA CBI and other materials via the virtual desktop will comply with all applicable policies, standards, and applicable laws as referenced in the TSCA CBI Protection Manual, and other applicable Agency rules and procedures.
    • Access to materials via the virtual desktop will occur only:
      • Within a Secure Storage Area (SSA) or
      • Outside of an SSA under the following conditions:
        • Within any private area having adequate physical or procedural controls (e.g., barriers or managed access controls) to protect TSCA CBI from unauthorized access or disclosure. Examples of private areas include, but are not limited to, a separate home office space in a private home, a hotel room, a government office outside an SSA where there is an ability to limit access to the space.
        • User shall always take precautions to ensure that persons who are not authorized to view TSCA CBI cannot view or access your computer while you are working with TSCA CBI via the virtual desktop (e.g., users working in a cubicle or other open office space outside of an SSA should use a privacy screen on their monitor).
        • Always logoff of the virtual desktop before leaving your computer unattended or use a locking screen saver.
        • Users are never authorized to access the CBI LAN via the virtual desktop drive in a public area. “Public area” means any area of a building or outdoor space that is ordinarily open to members of the public. Examples of public areas include, but are not limited to, airports, lobbies, courtyards, restaurants, coffee shops, and public transit. Accessing the CBI LAN via the virtual desktop in a public area is a violation of the TSCA CBI Protection Manual and will be grounds for the revocation of rights to the virtual desktop and denial of further use.
    • I will not screen capture, or otherwise copy materials via the virtual desktop except as authorized by the TSCA CBI Protection Manual or other applicable policies that do not conflict with the TSCA CBI Protection Manual, except according to the conditions of an approved File Transfer Addendum to this User Agreement.
    • I will not use another person’s account, identity, password/passcode/PIN, or PIV card to access the virtual desktop and I will not allow others access using my account.
    • I will not transmit materials using the virtual desktop except as authorized by the TSCA CBI Protection Manual or other applicable policies that do not conflict with the TSCA CBI Protection Manual. I recognize that materials accessed using the virtual desktop are not authorized for electronic transmission outside the CBI LAN, except according to the conditions of an approved File Transfer Addendum to this User Agreement.
    • I recognize that I have no right of privacy regarding materials accessed through the virtual desktop. I recognize that my use of the virtual desktop may be monitored and tracked.
    • I will lock workstations and remove Personal Identity Verification (PIV) cards from systems when leaving workstations unattended.
    • I will report to my supervisor and other appropriate authorities lost or stolen OPPT equipment; known or suspected security incidents; known or suspected information security policy violations or compromises; or suspicious activity within 1 business day, in accordance with TSCA CBI Protection Manual procedures, including activity by others, that relate to the virtual desktop.
    • Consistent with the requirements of the TSCA CBI Protection Manual, I will secure TSCA CBI, regardless of media or format, when left unattended.
    • I will keep TSCA CBI, including CBI on my computer monitor, out of sight when persons who are not authorized for access to the information are present.
    • I will access TSCA CBI using the virtual desktop only when necessary to perform job functions.
  2. I certify that:
    1. I have read, understand the requirements, and agree to adhere to the guidelines, policies, and provisions as set forth in the Rules of Behavior.
BackNext