|
Abbreviated General User Policies
Printable Version
|
1.1 |
Non compliance of IT Policies is
considered misconduct or serious misconduct. |
|
1.2 |
Computer systems including internet and
email use will be monitored by The Fake Chicken Company. |
|
1.3 |
Staff must sign
the Employee Acceptance Form. |
|
2.1 |
Users are only authorised to access
information and systems that they have been granted
privileges for. Any other access in considered
unauthorised. |
|
2.2 |
Personal Digital Assistants (PDAs),
mobile computers, laptops, handheld
devices, USB drives, CF Cards, mobile phones, modems
or any other device must not be connected to The Fake
Chicken Company’s computers
or networks unless these have been authorised by the
IT Manager. |
|
3.1 |
Computers connecting to The Fake Chicken
Company's computer
systems or networks must have anti-virus installed and be
updated regularly.
|
|
3.2 |
Do
not write, generate, compile, copy, collect,
transmit, execute, or attempt to introduce any computer code
to any system or computer without the permission of the IT
Manager. |
|
3.3 |
If you receive a file from
an external source (including email) it must be scanned by
an anti-virus program. |
|
3.4 |
If you think you have a virus, call the
Information Systems Helpdesk for help. Don’t try to get rid of it yourself. |
|
3.5 |
Do not download software,
code or scripts from the internet. This includes
smiley faces, banners, animated gifs, ads, pictures and any
other object which may have malicious code embedded within
it. This also includes movies and music. |
| 4.1 |
Users of computer systems
and networks must promptly notify management of all
conditions that could lead to a disruption of business
activities.
|
|
5.1 |
Computer systems, mobile phones and networks
must not be used to
harass, discriminate against
or victimise any other
person or for illegal or unethical purposes. |
|
5.2 |
Computer equipment, mobile phones and
portable devices must not be lent to anyone - even your
family and care must be taken to protect it from loss or
damage. |
|
5.3 |
Computer equipment, mobile phones and
portable devices must not be modified in any way.
|
|
5.4 |
Your use of computer equipment, mobile phones
and portable devices may be monitored. The Fake
Chicken Company reserves
the right to conduct equipment inspections from time to time
and without notice.
|
|
5.5 |
You are not permitted to load games, freeware
or software applications onto your computer equipment.
All software must be loaded by the Information Systems
Helpdesk and be
approved for corporate use. If you have a business
cell phone, this includes downloading ring tones. |
|
5.6 |
Computer systems, communications
equipment and networks are to be used for
business purposes in the course of normal operations. |
|
5.7 |
Devices connecting remotely to The Fake
Chicken Company's computer
systems and networks must be configured with a firewall,
secure authentication and have an anti-virus system which
updates automatically. This will be installed by the
Information Systems Helpdesk. |
|
6.1 |
Users must promptly inform
the IT Manager about suspected information
security problems and follow the correct procedure for
remedial actions as instructed. This is important in
case evidence has to be preserved. |
|
7.1 |
Do not publish The Fake Chicken Company information on any
webserver which enables it to be accessed via the internet
unless this has been approved for public dissemination. |
|
7.2 |
Transactions conducted over the internet must
comply with the provisions of the Electronic Transaction Act
2002 and meet financial audit trail requirements.
|
|
7.3 |
Online business connections must be approved
by the IT Manager. |
|
8.1 |
Email is predominantly for business use
only. Do not use the email system to SPAM others or to
transmit objectionable material.
|
|
8.2 |
Delete any mail message or attachment without
opening if it has not been received from a trusted source. |
|
9.1 |
Encryption must be used to encode data where
the risk of loss through theft or interception is high,
where there is the potential for a major security breach
should that data get into the hands of unauthorised persons
and where the loss of the data would have a major impact on
The Fake Chicken Company's business. If you think your data should be
encrypted, discuss this with the IT Manager. |
|
10.1 |
Data and information created,
manipulated, saved, transmitted or archived on the
corporate systems of The Fake Chicken Company remains the
property of The Fake Chicken Company.
The only exception is software or systems which have a
"licence to use" rather than confer ownership. |
|
10.2 |
Data and information stored on
laptops must be backed up and
copied to the corporate network regularly so
that it is not lost if the equipment is stolen or damaged. |
|
10.3 |
Users must not read, modify, delete or copy a
file belonging to another user without first obtaining the
permission of the owner of the information. |
|
10.4 |
The Fake Chicken Company information must be stored on corporate
networks where it can be backed up daily. |
|
10.5 |
Staff must take care not to divulge corporate
information which may be sensitive, confidential or not
meant for public knowledge. |
|
10.6 |
Users must be aware of the legal
implications of copyright, prior use, intellectual property
rights and privacy legislation. |
|
10.7 |
Passwords are not permitted on individual
documents or folders stored in corporate networks. |
|
10.8 |
Disclaimers must be used
on all information provided to external parties where
appropriate.
|
|
11.1 |
The internet is for
business use. The internet is not to be used for
accessing personal email accounts, for internet shopping,
gambling, playing games or for illegal or illicit purposes. |
|
11.2 |
Users of
the internet are not permitted
to visit, interact with, or download
content from websites that in any way promote
pornography, are sex orientated, debase or defile or
discriminate, are overtly militant or political or offer any
other content that may cause offence to anyone in any way. |
|
11.3 |
Users
are not permitted to download software,
freeware, games, applications, movies, music, pictures or
any other content from the internet. |
|
11.4 |
Users
are not permitted to
create their own connections to the
internet. Access to the internet is only permitted
using corporate systems which have been configured securely. |
|
11.5 |
You are not permitted to access your webmail
accounts (hotmail, xtra etc) using The Fake Chicken Company systems,
access social networking sites, chat rooms, instant
messenger etc without prior authorisation of the IT Manager. |
|
12.1 |
Always use a password that is hard to crack
by including capital letters, numbers and funny characters.
It must not be a word that can be found in the dictionary or
a name. |
|
12.2 |
Never disclose your password to anyone. |
|
12.3 |
Don't write your passwords down. |
|
12.4 |
Never use the "remember password" option on
applications such as email or the internet. |
|
13.1 |
Computer equipment left unattended for short
periods must be protected by a screen saver with password. |
|
13.2 |
If you leave your desk for more than an hour
and at the end of every day, log off.
|
|
13.3 |
Questions strangers in the
office. Visitors must be accompanied by a staff
member. Get reception to check any authorisation
letter produced by a stranger to confirm they are genuine. |
|
13.4 |
When rooms are unoccupied,
lock windows and doors and
lock away any confidential or sensitive information. |
|
14.1 |
Always keep your laptop with you and ensure
that no one can view the screen while you have files open.
This is especially important on planes and at airports and
while at conferences or other public places. Laptops
are targets for thieves. |
|
14.2 |
Treat your laptop with care. Keep
liquids well away from it. Don't touch the screen.
Don't drop it or submit it to extreme hot or cold
temperatures. |
|
14.3 |
Do not load any extra software onto
your laptop and connect it to the The Fake
Chicken Company
network regularly to ensure that the anti-virus is kept up
to date. Ensure that the laptop has a personal
firewall installed and enabled. |
|
14.4 |
Your laptop must be protected by
a username and password and may also require additional
security if the information contained within it is
especially sensitive. |
|
14.5 |
Transfer files from your laptop
to the corporate system regularly. Information should
not be saved on the laptop permanently. |
|
14.6 |
Never lend your laptop to anyone. |
© 2004 Kaon
Security Ltd |