As a condition of continued employment, employees must cooperate in all situations where the Company seeks access to equipment or furniture. Furniture and equipment located in any office or work area are to be used to conduct Company business and are considered Company property. The Company reserves the right to access at any time the contents of all business systems and work areas including, but not limited to, desks, file cabinets, storage units, lockers, computers, computer-stored information and systems, electronic mail, instant messaging, voicemail, facsimile machines, and telephones. This policy applies to systems and equipment with a password, special entry code, or locking device.
Information Assets (Trade Secret, Sensitive or Confidential):
Information assets are defined as all methods of communications concerning the Company's business, including all verbal, written, visual materials, electronic messaging systems (including but not limited to email, instant messaging, voicemail, fax machine or telephones), computer reports, data storage equipment, internet, and computer-stored data. All information assets sent, received, or contained within Company equipment are considered Company records. All results of work performed, in whole or in part; by you during your employment with the Company shall be the sole and exclusive property of the Company regardless of where the work was performed. The Company retains the exclusive ownership right, to the maximum extent of the law, to all information assets and designates responsibility for control of information assets to its employees. Each employee is responsible for the protection of the Company's information assets.
Information Security:
Information security is the protection of information assets from unauthorized or accidental access, modification, destruction, or disclosure. It also includes protection of information accuracy, availability, and confidentiality. Management is responsible for maintaining information security through the administration of appropriate controls and procedures. Management must ensure that employees are aware of all aspects of the Company's information security policy and are appropriately trained in the protection of information and equipment.
Privacy Not Guaranteed:
The Company reserves the right to access an employee's voicemail, email messages and instant messages at any time. Therefore, an employee's outgoing voicemail message must not indicate to the caller that his/her incoming message will be confidential or private. The existence of a password on either system is not intended to indicate the messages will remain private, and, all employees must make passwords known to the Company. Employees should be aware that even when a message has been erased, it still might be possible to retrieve it from a backup system. Therefore, employees should not rely on the erasure of messages to assume a message has remained private.
Authorized Access:
Access to Company information assets, secured areas and equipment is restricted to authorized personnel and is based on functional need and with management's approval. You are prohibited from accessing Company information with another individual's user ID.
Management has the right to access and disclose all information assets sent, received, or contained within Company equipment or websites. If warranted, management may remove an employee's access to Company information resources without notice.
Employee Responsibility:
In order to safeguard the assets of the Company, employees who use information assets are expected to follow Company policies, procedures, standards, guidelines, and regulations concerning information security:
- You are encouraged to take an active part in improving information security. If you know of non-business or illegitimate use of information, loss of information or equipment, please report such activity to management. You should not use Company equipment for personal reasons such as personal internet correspondence, solicitation or outside commercial usage without management approval. Any written, verbal, or electronic communication of a personal nature stored within Company equipment will be treated, like all other business communication, as Company assets.
- On occasion, personal messages may be left on the voicemail, email or instant messaging system for an employee, and the Company is willing to accommodate personal messages to a limited degree. However, personal use of information systems that interferes with an employee's work performance will not be tolerated.
- You need to promptly disclose to the Company all results of your work performed for the Company during your employment and you must surrender possession of such information to the Company upon any suspension or termination of employment.
- Do not take any potentially harmful, disruptive, or offensive actions when using Company equipment or websites including but not limited to: Hacking or distributing viruses, Sharing obscene files and off-color jokes, Forwarding chain letters, Posting or emailing of Company secrets or intellectual property, Messages on the company's voicemail, email and instant messaging systems are subject to the same policies regarding harassment, discrimination, or retaliation, as are any other workplace communications. Offensive, harassing, or discriminatory content in such messages will not be tolerated and offenders will face corrective action up to and including termination of employment.
- Please refrain from discussing confidential business matters in elevators, restrooms, restaurants, etc. You should be aware of probing questions about sensitive information from outsiders as well, especially by telephone.
Disciplinary action up to and including termination of employment will be taken when any person, through willful act, omission, or negligence, violates the Company's information security or supporting departmental policies, standards and procedures.
Confidential Information:
Sensitive information should be identified as confidential when it meets any of, though not limited to, the following criteria:
- It provides the Company with a competitive edge.
- It is of such a nature that unauthorized disclosure would not be in the Company's interest.
- It is important to the technical or financial success of a product or service.
- It contains proprietary information, such as, personnel, customer, or budget information.
At a minimum, all confidential information assets must be properly secured at all times and disposed of by shredding, using the appropriate destruct techniques, or appropriately erasing and destroying information stored electronically or magnetically.
Restricting Confidential Information:
There are times when confidential information requires additional controls to limit its use by the end user or recipient. This information is on a predetermined, need-to-know basis and must not be discussed, copied, or forwarded to any other individual unless authorized by the originator of the document or information. It is important that such restricted information be labeled with an appropriate direction such as "Do not copy", "Do not route", "For your eyes only", or "Destroy after reading". Management is responsible for identifying information that is sensitive and/or critical and for restricting information on a need-to-know basis.
Computer Equipment:
Users will not modify company computer equipment in any manner including, but not limited to, attaching external disk drives, external hard drives, changing the amount of memory in the computer, and attaching/installing any peripheral device. Whenever possible all portable computing equipment (laptop computers, palm top computers, electronic organizers, etc.) will be maintained under the direct supervision of the user that they are issued to. Do not leave any of these items in a company or personal vehicle. Computer and electronic equipment are generally delicate and shall be treated accordingly. Damage to or loss of computer electronic equipment caused by negligence may result in the responsible party being charged for the repair or replacement costs.
Software Installation:
Installing software is NOT allowed by MEAI employees other than employees in the IS department. This helps to keep the systems from becoming corrupted and unusable and also ensures that all software is properly licensed. Without the prior written authorization of the IS department, users shall not:
- Install any software on company owned computer equipment.
- Install company owned software on any non-company owned computer equipment.
- Provide copies of company owned or licensed software to anyone.
No comments:
Post a Comment