Page 97 - Employee Handbook
P. 97

Any	misuse	of	our	electronic	communications	systems	or	equipment	should	be
           reported	to	the	IT	department	and	Office	Manager.
        	  Equipment	Security	and	Passwords
        	  All	employees	and	other	workers	who	work	for	us	are	responsible	for	the
           security	of	the	equipment	allocated	to	or	used	by	them,	and	must	not	allow	it	to
           be	used	by	anyone	other	than	in	accordance	with	this	policy.
        	  If	given	access	to	the	e-mail	system	or	to	the	internet,	employees	and	any	other
           workers	are	responsible	for	the	security	of	their	equipment.	If	leaving	a	terminal
           unattended	or	on	leaving	the	office	or	any	other	work	area	they	should	ensure
           that	they	lock	their	terminal	or	log	off	to	prevent	unauthorised	users	accessing
           the	system	in	their	absence.	Any	workers	without	authorisation	should	only	be
           allowed	to	use	terminals	under	supervision.
        	  You	must	first	consult	with	the	Office	Manager	and/or	IT	department	before
           moving	or	tampering	with	desktop	PCs	and	cabling	for	telephones	or	any
           computer	equipment.
        	  Passwords	are	unique	to	each	user	and	must	be	changed	regularly	to	ensure
           confidentiality.	Passwords	must	be	kept	confidential	and	must	not	be	made
           available	to	anyone	else.	For	the	avoidance	of	doubt,	on	the	termination	of
           employment	(for	any	reason)	employees	must	provide	details	of	their	passwords
           to	their	Line	Manager	and	return	any	equipment,	key	fobs	or	cards.
        	  Any	employee	issued	with	a	laptop,	mobile	phone	must	ensure	that	it	is	kept
           secure	at	ALL	times,	particularly	during	times	of	travel.	Passwords	must	be	used
           to	secure	access	to	data	kept	on	such	equipment	to	ensure	that	confidential
           data	is	protected	in	the	event	of	loss	or	theft.	Employees	should	also	be	aware
           that	when	using	equipment	away	from	the	workplace,	documents	may	be	read
           by	third	parties,	for	example,	passengers	on	public	transport.

        	  User	Security
        	  Staff	members	are	required	to	adhere	to	the	following:
           a)	 Add	a	passcode	to	lock	their	smartphone.
           b)	Change	their	network	password	on	a	90	day	rotation.
           c)	 Change	their	email	password	on	a	90	day	rotation.
           d)	 Have	different	passwords	for	the	network	and	email.
           e)	 When	accessing	mdgroup	server	from	a	remote	location,	please	ensure	you
             use	an	encrypted	connection.
           f)	 Not	to	download	programs	or	files	from	the	internet	without	prior	approval
             from	their	Line	Manager/	I.T	department.




                                        97                    Employee Handbook
   92   93   94   95   96   97   98   99   100   101   102