This is a U.S. General Services Administration Federal Government computer system that is "FOR OFFICIAL USE ONLY." This system is subject to monitoring. Individuals found performing unauthorized activities are subject to disciplinary action including criminal prosecution.
This data is used to:
2. What is a cookie?
A cookie is a small piece of information that is sent to your browser -- along with a Web page -- when you access a Web site. Your browser will only return this cookie information to the Internet site where the cookie originated (in this case, portal.fas.gsa.gov). No other site can request it. All cookies have an expiration date and time, after which the browser stops sending the cookie. The cookies used by AASBS expire upon system logout and closure of all browser instances of the same type (Internet Explorer 8.0 or higher is recommended) as that used to access AASBS.
AAS Business Systems users must “register” in order to effectively use the application. If you provide personally identifying information when registering to use an AASBS application, then that information is only used to deliver specific content to you. The information is never shared with any third party.
We want to make it clear that we will not obtain personally identifying information about you when you visit our site, unless you choose to provide such information to us. Except for authorized law enforcement investigations, or as otherwise required by law, we do not share any information we receive with any outside parties.
For site security purposes and to ensure that this service remains available to all users, GSA web servers employ industry-standard methods to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload information or change information on GSA servers are strictly prohibited and may be punishable by law, including the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.
In the specific context of this security monitoring, there is no expectation of privacy. However, only in the case of actual law enforcement investigations, will we attempt to identify individual users or their usage habits.
If you have any questions about these policies, contact us.
The following rules of behavior are to be followed by all users of AAS Business Systems. The rules delineate responsibilities of and expectations for all individuals with AASBS user accounts. Non-compliance of these rules may result in denial of access to the system or other action commensurate with the non-compliance activity.
The AAS Business Systems Project Manager, FAS OCIO, is responsible for ensuring an adequate level of protection is afforded to AAS Business Systems, through an appropriate mix of technical, administrative, and managerial controls. The system administrator is responsible for conducting vulnerability analyses to determine if security controls are adequate.
3. Access Rules
a) Account registration:
AAS Business Systems accommodates three distinctly different user communities. The registration and approval process is unique to each type of user as follows:
Government clients and GSA employees can be Federal employees, Military members, or contractors working on behalf of an agency.
b) Logging on to AAS Business Systems.
Users that have successfully completed the registration process and have been validated by the Registration Desk will receive a unique User Identification/Account name and password. Access to AAS Business Systems is granted based on authenticating the account name and password entered by the user.
After five invalid log-on attempts, ITSS will redirect the user to an “Account Locked” page.
GSA employees can also log-on to AAS Business Systems using their GSA Active Directory user identification/account name and password.
GSA employees that have been issued a Personal Identity Verification (PIV) card will automatically be logged into AAS Business Systems when accessing the AASBS URL from a GSA-issued computer over the GSA computer network with the card inserted. This automatic log-on is referred to in this Privacy Statement as "single sign-on" (SSO).
c) Information Accessibility
AASBS restricts access to certain information based on the type of user. Read-only and read-write access is restricted to the minimum necessary to perform the job, and is given as appropriate for the type of user and document.
4. Application Rules
a) Passwords to AASBS (not GSA Active Directory credentials)
b) Account Removal
d) Session Time Out
5. Individual Accountability and Privacy