Continuum Logo


Top of page

Size: View this website with small text View this website with medium text View this website with large text View this website with high visibility

2.1 Network and PC Acceptable Use Policy

Contents

1. Executive Summary
2. Purpose 
3. Scope
4. Policy 
4.1 General Use and Ownership 
4.2 Security and Proprietary Information 
4.3 Unacceptable Use 
4.3.1 General
4.3.2 Security 
4.3.3 Obscenities/Pornography
5. Anti Virus 
5.1 Recommendations 
6. Enforcement


1. Executive Summary

The IT department’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to the Continuum Group, but to establish a culture of openness, trust and integrity. The IT Dept. is committed to protecting Continuum Group's employees, partners and the company from illegal or damaging actions by individuals, either knowingly or unknowingly.

Internet/Intranet/Extranet related systems, including but not limited to computer equipment, software, operating systems, storage media, network accounts providing electronic mail, WWW browsing, and FTP, are the property of Continuum Group. These systems are to be used for business purposes in serving the interests of the company, and of our clients and customers in the course of normal operations.

Effective security is a team effort involving the participation and support of every Continuum Group employee and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these guidelines, and to conduct their activities accordingly.  


2. Purpose

The purpose of this policy is to outline the acceptable use of computer equipment in the Continuum Group. These rules are in place to protect the employee and the Group. Inappropriate use exposes the Continuum Group to risks including virus attacks, compromise of network systems and services, and legal issues. 


3. Scope

This policy applies to employees, contractors, consultants, temporaries, and other workers of the  Continuum Group, including all personnel affiliated with third parties. This policy applies to all equipment that is owned or leased by Continuum Group.


4. Policy

4.1 General Use and Ownership

  • While Continuum Group's network administration desires to provide a reasonable level of privacy, users should be aware that the data they create on the corporate systems remains the property of the Continuum Group. Because of the need to protect Continuum Group's network, management cannot guarantee the confidentiality of information stored on any network device belonging to the Group.
  • Computer devices belonging to the continuum group are not to be used for personal reasons unless it is a requirement of their position i.e. NVQ training, development etc.
  • For security and network maintenance purposes, authorised individuals within Continuum Group may monitor equipment, systems and network traffic at any time.
  • The Continuum Group reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy.
  • All Staff will be required to sign an agreement before being allowed to use the Groups IT resources.
  • Site Managers will have administrative privileges on their respective IT resources but are not to install any software without first consulting the IT Dept. No attempt by any other user must be made to install software on any IT resource.
  • The storage of any personal/non business related data is prohibited on any Group IT resource, i.e. photos, music etc. as these will fill essential storage and backup space on the server. 

4.2 Security and Proprietary Information

  • No personal computer equipment is to be connected or attempted to be connected to the Groups networks unless authorised by the IT dept.
  • Only Site Managers or nominated Staff will have administrative access to their PCs/laptops. The IT department will have administrative access to all the groups computing devices.
  • Keep passwords secure and do not share accounts, please see the password policy. If you do need to share resources contact the IT dept. who will be able to guide you how to do this safely and securely and without compromising your account
  • All PCs, laptops and workstations should be logged off when unattended. This will allow other users to logon, otherwise the screen will lock and only the site Manager or the IT dept. will be able to unlock the PC
  • Because information contained on portable computers is especially vulnerable, special care should be exercised. Protect laptops see the mobile computer devices policy.
  • Postings by employees from a Continuum Group email address to newsgroups should contain a disclaimer stating that the opinions expressed are strictly their own and not necessarily those of Continuum Group, unless posting is in the course of business duties.
  • All hosts used by the employee that are connected to the Continuum Group Internet/Intranet/Extranet, shall be continually executing approved virus-scanning software with a current virus database. Unless overridden by departmental or group policy.
  • The use of password protecting documents is to be avoided, access to documents should be controlled by access permissions on the file but preferably the folder that the file belongs to.
  • Where possible all files should be stored on the server in order for the information to be backed up. For those PCs that do not have access or slow access to a server should be backed up to an alternative device (CD or USB pen drive taking into the account the security aspects of the data). Site Managers are responsible for their home data backup.

Contact the IT department for any queries related to the above

4.3 Unacceptable Use

The following activities are, in general, prohibited. Employees may be exempted from these restrictions during the course of their legitimate job responsibilities (e.g., systems administration Staff may have a need to disable the network access of a host if that host is disrupting production services).

Under no circumstances is an employee of Continuum Group authorised to engage in any activity that is illegal under local, national or international law whilst utilising Continuum Group-owned resources.

The following activities are strictly prohibited, with no exceptions:

4.3.1 General

  • Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, e-mail bombs, etc.).
  • Making fraudulent offers of products, items, or services originating from any Continuum Group account.
  • Interfering with or denying service to any user other than the employee's host (for example, denial of service attack).
  • Using any program/script/command, or sending messages of any kind, with the intent to interfere with, or disable, a user's terminal session, via any means, locally or via the Internet/Intranet/Extranet.
  • Providing information about, or lists of, Continuum Group employees to parties outside Continuum Group.
  • Theft, damage or destruction of computer equipment, facilities, programs or data.
  • Any form of system misuse.

4.3.2 Security

  • Revealing your account password to others or allowing use of your account by others. This includes family and other household members when work is being done at home. You will be held responsible for anyone using your account.
  • Making statements about warranty, expressly or implied, unless it is a part of normal job duties.
  • Effecting security breaches or disruptions of network communication. Security breaches include, but are not limited to, accessing data of which the employee is not an intended recipient or logging into a server or account that the employee is not expressly authorized to access, unless these duties are within the scope of regular duties. For purposes of this section, "disruption" includes, but is not limited to, network sniffing, pinged floods, packet spoofing, denial of service, and forged routing information for malicious purposes.
  • Port scanning or security scanning is expressly prohibited unless prior notification to The IT Dept. is made.
  • Executing any form of network monitoring which will intercept data not intended for the employee's host, unless this activity is a part of the employee's normal job/duty.
  • Circumventing user authentication or security of any host, network or account.
  • Copyright
  • Unauthorised copying of copyrighted material including, but not limited to, digitisation and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which the Continuum Group or the end user does not have an active license is strictly prohibited.
  • Exporting software, technical information, encryption software or technology, in violation of international or regional export control laws, is illegal. The appropriate management should be consulted prior to export of any material that is in question.
  • Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property, or similar laws or regulations, including, but not limited to, the installation or distribution of "pirated" or other software products that are not appropriately licensed for use by Continuum Group. Any software to be installed is to be authorised by the IT department who will then either carry out the install or authorised the a person to carry out the install

4.3.3 Obscenities/Pornography

Using a Continuum Group computing asset to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws in the user's local jurisdiction.


5. Anti Virus

All the Groups computers must have the standard, supported antivirus software installed with the real-time scanning feature enabled. In addition, the anti-virus software and the virus pattern files must be kept up to date. The IT dept. will install anti-virus software on all workstations. All users are responsible that their virus scanner is up to date and should report any virus warnings to the IT dept.

Any activities with the intention to create and/or distribute malicious programs into the Groups networks (e.g. viruses, worms, Trojan Horse, email bombs etc.) are prohibited.

5.1 Recommendations

  • Always run the Group standard, supported anti-virus software. The IT department will install it onto workstations. Anti-virus software updates are installed as they become available.
  • Inform the IT dept. if Anti-virus software is not installed on your work station
  • NEVER open any files or macros attached to an email from an unknown, suspicious or untrustworthy source. Do not send them to anyone. Report the incident to the IT Dept.
  • Delete spam, chain, and other junk email without forwarding in line with the Email Usage Policy. See Email Usage Policy.
  • Never download files from unknown or suspicious sources.
  • Avoid direct disk sharing with read/write access unless there is absolutely a business requirement to do so.
  • Always scan a floppy diskette or CD/DVD from an unknown source for viruses before using it.
  • Report any unsolicited virus warning emails to the Systems Administrator; do not circulate such emails to colleagues.
  • New viruses are discovered almost every day. Periodically check the Anti-Virus Policy and this Recommended Processes list for updates.


6. Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

End