AGENDA CAPTION:
Title
Consider approval of Resolution 2025-175R, approving an updated Council Technology Acquisition Policy, Council Member Electronic Use Policy, and a Council Policy Acknowledgment form that provide guidelines, expectations and responsibilities for the procurement and use of technology used by the City Council, and align hardware standards for devices used by the City Council with the city’s current standards; and declaring an effective date.
Body
Meeting date: September 16, 2025
Department: IT, City Council
Amount & Source of Funding
Funds Required: Click or tap here to enter text.
Account Number: Click or tap here to enter text.
Funds Available: Click or tap here to enter text.
Account Name: Click or tap here to enter text.
Fiscal Note:
Prior Council Action: Approved Resolution #2021-051R
City Council Strategic Initiative: [Please select from the dropdown menu below]
Public Safety, Core Services & Fiscal Excellence
Choose an item.
Choose an item.
Comprehensive Plan Element (s): [Please select the Plan element(s) and Goal # from dropdown menu below]
☐ Economic Development - Choose an item.
☐ Environment & Resource Protection - Choose an item.
☐ Land Use - Choose an item.
☐ Neighborhoods & Housing - Choose an item.
☐ Parks, Public Spaces & Facilities - Choose an item.
☐ Transportation - Choose an item.
☐ Core Services
☒ Not Applicable
Master Plan: [Please select the corresponding Master Plan from the dropdown menu below (if applicable)]
Choose an item.
Background Information:
In 2021 the council approved Resolution 2021-051, that approved the Council Member Electronic Use Policy, Council Technology Acquisition Policy, and the Council Policy Acknowledgement Form.
We are seeking approval for the changes to the council’s Electronic Use and Technology Acquisition policies.
Several city policies have been revised to incorporate the recent updates and standards related to password requirements and security standards. The revision to the Council Member Electronic Use Policy aligns with standards set by the National Institute of Standards and Technology (NIST) Digital Identity Guidelines, outlining new password security protocols that can be implemented once Multifactor Authentication is adopted within the organization. The current council policies concerning these areas need to be reviewed and updated to align with the new password policies and standards.
Changes to policies:
Council Member Electronic Use Policy
- Document renamed to – “CO.POL.01 Council Member Electronic Use Policy”
- Policy format changed
- Minimum length of password changed from 8 to 12 characters
- Passwords no longer expire
- Password must not match any words in the Banned Password Dictionary (BPD)
- Multifactor Authentication (MFA) requirement
- Users will reset their own password using the MFA application on their phone
- Changes to State of Texas Government Code 2054.5191 requiring all elected officials to complete annual Cybersecurity Awareness Training
- Policy review schedule
Council Technology Acquisition Policy
- Document renamed: “CO.POL.02 Council Technology Acquisition Policy”
- Policy format changed
These changes will ensure that all users with access to city network resources are aligned and adhering to best practices to mitigate organizational risk.
Council Committee, Board/Commission Action:
Click or tap here to enter text.
Alternatives:
Click or tap here to enter text.
Recommendation:
Staff recommends the approval of the changes to the Council Member Electronic Use and Council Technology Acquisition policies.