Acceptable Use Assets
Purpose
The purpose of this policy is to establish how BM Glass Coatings’ information security facilities, resources and assets must be used. It creates a standard for handling personal data within BM Glass Coatings.
Scope
The scope of this policy extends to all departments, employees, contractors, vendors and partner agencies who use/access BM Glass Coatings’ information security facilities.
Policy Statement
Information Handling
All BM Glass Coatings information assets must be classified and handled in accordance with our information classification procedure. More information on BM Glass Coatings’ information classification can be retrieved by contacting the BM Glass Coatings office.
Computer Use
All users of company owned computers must ensure at all times that:
- Authorisation has been provided to use the information security facilities with a secure username and password provided by the IT Manager.
- User and System account logon passwords are kept confidential and not shared, displayed or communicated to anyone internally or externally who does not have a legitimate right to that information
- Data and Information saved to portable devices via a PC is only copied to a Company approved portable device which is encrypted.
- Screens/computers are locked by users when away from the computer. More information on this can be found in the Clear Desk Clear Screen Policy.
- Company computer equipment, such as desktops, (with the exception of laptop and other portable devices authorised for mobile use) must not be removed from their location without top management approval.
- Unauthorised, non-standard equipment must not be connected to a corporate computer in any way.
- BM Glass Coatings owned information security equipment must not be used to store any personal data such as wedding photos, CVs, music files etc.
- Authorisation is provided by the IT Manager for removal of assets including Software or source code and permission must be documented over an email.
- Computers are not mishandled, wilfully damaged or tampered with in any way – this includes taking off the PC/laptop case cover, or removing of any screws or fixings unless done by the helpdesk.
- Any suspicious or unknown equipment near, around or plugged into corporate PCs and/or laptops are reported to the IT Manager.
- Computers are logged off and shut down when not in use for extended periods (i.e. overnight) and monitors are powered off.
- Personal cloud based IT facilities are not used to store work related information.
- Transfer of information to a USB is only permitted under explicit consent by Bryn Maine.
- Changes to software packages is forbidden and unless approved by Senior Management, vendor supplied software must not be modified by any BM Glass Coatings employee.
Internet and Email Use
-
Internet
- Personal use of the Internet is allowed but at a reasonable amount. You can use the Internet for personal use before you start work, during your lunchtime, or after work.
- You must not use the Company’s Internet or email systems for trading or personal business purposes.
- The Company has in place a process to block categories of internet sites and individual sites if it is deemed appropriate.
- If you use the Internet to buy goods or services, the Company will not accept liability for default of payment or for security of any personal information you provide.
- Downloading of video, music files, games, software files and other computer programs – for non-work related purposes – is strictly prohibited. These types of files consume large quantities of storage space on the system (and can slow it down considerably) and may violate copyright laws.
Many Internet sites that contain unacceptable content are blocked automatically by the company’s systems. However, it is not possible to block all “unacceptable” sites electronically. You must not therefore deliberately view, copy or circulate any material that:
- Is sexually explicit or obscene.
- Is racist, sexist, homophobic, harassing or in any other way discriminatory or offensive.
- Contains material the possession of which would constitute a criminal offence.
- Promotes any form of criminal activity.
- Contains images, cartoons or jokes that will cause offence.
- Perpertrating any form of fraud, and/or software, firm or music privacy.
- May be defamatory to the company, its products/services, colleagues and/or customers.
- May introduce malicious software into the company network and/or put the security of the organisation’s electronic communication systems at risk.
- May portray personal views as representing those of the organisation.
BM Glass Coatings records the details of all Internet traffic. This is done in order to protect the company, and its employees, customers and information from security breaches, including hacking and to ensure that ‘unacceptable’ sites are not being visited.
-
Email
Personal use of BM Glass Coatings email is permitted at a reasonable amount.
It is inappropriate to use BM Glass Coatings email address for personal use as it may give the impression that any business is on behalf of the company.
You must not use the email system in any way that is insulting or offensive. You must not deliberately view, copy or circulate any material that:
- Is a sexually explicit or obscene.
- Is racist, sexist, homophobic, harassing or in any other way discriminatory or offensive.
- Contains material the possession of which would constitute a criminal offence
- Promotes any form of criminal activity.
- Contains unwelcome propositions.
- Involves gambling, multi-player games or soliciting for personal gain or profit.
- Contains images, cartoons or jokes that will cause offence.
- Appears to be a chain letter.
- Brings the Company in to disrepute or exposes it to legal action
-
Social Media
Personal social media is allowed during working hours but at a reasonable amount. You can use the social media for personal use before you start work, during your lunchtime, or after work.
All employees should be aware that the organisation regularly monitors the internet and social media in reference to its work and to keep abreast of general internet commentary, brand presence and industry/customer perceptions.. The organisation reserves the right to utilise for disciplinary purposes any information that could have a negative effect on the organisation or its employees, which management comes across in regular internet monitoring, or is brought to the organisation’s attention by employees, customers, members of the public, etc.
All employees are prohibited from using or publishing information on any social media sites, where such use has the potential to negatively affect the organisation or its staff. Examples of such behaviour include, but are not limited to:
- Publishing material that may be deemed as defamatory, abusive or offensive in relation to any employee, client, supplier or partner of BM Glass Coatings.
- Publishing any confidential or business-sensitive information about the organisation, our customers or our suppliers.
- Publishing material that might reasonably be expected to have the effect of damaging the reputation or professional standing of the organisation.
All employees of BM Glass Coatings must adhere to the following when engaging in social media:
- Be aware of your association with the organisation when using social media.
- You must always write in the first person and state clearly that the views expressed are your own and not those of the organisation
- Wherever practical, you must use a disclaimer saying that while you work for the organisation, anything you publish is your personal opinion, and not necessarily the opinions of the organisation.
- You are personally responsible for what you post or publish on social media sites. Where it is found that any information breaches any policy, such as breaching confidentiality or bringing the organisation into disrepute, you may face disciplinary action up to and including dismissal.
- Be aware of data protection rules – you must not post colleagues’ details or pictures without their individual permission. Photographs of company events should not be posted online. Employees must not provide or use their company password in response to any internet request for a password.
- Material in which the organisation has a proprietary interest – such as software, products, documentation or other internal information – must not be transmitted, sold or otherwise divulged, unless the organisation has already released the information into the public domain. Any departure from this policy requires the prior written authorisation of your senior manager.
- If you make a mistake, be the first to point it out and correct it quickly. You may factually point out misrepresentations, but do not create an argument.
- It is very important that employees immediately report any inappropriate activity or behaviour regarding the organisation, its employees or third parties. Inform your supervisor or a member of management. All allegations made in good faith will be fully and confidentially investigated. You are required to cooperate with all investigations of alleged policy violations.
- This policy extends to future developments in internet capability and social media usage.
-
Mobile Phone
Guidelines relating to mobile device usage can be found in the Mobile Device Acceptable Use Policy.
Security
BM Glass Coatings computer systems are under continuous threat from hackers, virus/malware infections, data and equipment theft. The company must remain vigilant at all times in order to safeguard information and data and to protect the security and integrity of all information security systems.
Users of all BM Glass Coatings computers and devices must ensure that:
- Computers/devices are not given to any unauthorised persons for safe keeping.
- Computers/devices are not left discarded or unattended in public places.
- All portable mobile computing devices and other IT equipment should not be left unattended in any vehicle at any time.
- Computers/devices must be adequately protected from physical damage.
- Computers/devices are not hired, lent or given out without authorisation from the Senior Management.
- All Computers/devices which are no longer required or which have reached the end of useful life must be returned to IT to be disposed of through the Company’s information security disposal procedure.
Antivirus
Any warnings visible on screen from the Company’s Antivirus/Antimalware software about identified/detected threats from viruses/malware should be reported to Senior Management immediately.
Personal Devices
Personal devices which are not the property of BM Glass Coatings including mobile phones must not be used to record or capture information relating to the Company and its services.
Breaches of Policy
Breaches of this policy and/or security incidents can be defined as events which could have, or have resulted in, loss or damage to BM Glass Coatings assets, or an event which is in breach of the Company’s security procedures and policies.
All BM Glass Coatings employees, elected members, partner agencies, contractors and vendors have a responsibility to report security incidents and breaches of this policy as quickly as possible through to BM Glass Coatings top management/IT. This obligation also extends to any external organisation contracted to support or access the Information Systems of BM Glass Coatings.
BM Glass Coatings will take appropriate measures to remedy any breach of the policy and its associated procedures and guidelines through the relevant frameworks in place. In the case of an individual then the matter may be dealt with under the disciplinary process which is outlined in the Disciplinary Policy.
All users of the BM Glass Coatings information security facilities must comply with this policy and be aware of the Company’s Information Security Policy.
This document forms part of the BM Glass Coatings Information Security Management System and as such, must be fully complied with.