Acceptable Use Policy
1. Overview
The Information Technology Teams intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Peak Processing Solutions' established culture of openness, trust, and integrity. Peak Processing Solutions is committed to protecting its employees, partners, and the company from illegal or damaging actions by individuals, either knowingly or unknowingly.
Internet/Intranet/Extranet-related systems, including but not limited to computer equipment, mobile devices, software, operating systems, storage media, network accounts providing electronic mail, WWW browsing, and FTP, are the property of Peak Processing Solutions. These systems are to be used for business purposes in serving the interests of the company and our clients and customers during normal operations. Please review company policies for further details.
Effective security is a team effort involving the participation and support of every Peak Processing Solutions employee and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these guidelines and to conduct their activities accordingly.
2. Purpose
The purpose of this policy is to outline the acceptable use of computer equipment and other electronic devices at Peak Processing Solutions. These rules are in place to protect both employees and the company. Inappropriate use exposes Peak Processing Solutions to cyber risks, including virus attacks (e.g., ransomware), compromise of network systems and services, data breaches, and legal issues.
3. Scope
This policy applies to the use of information, electronic and computing devices, and network resources to conduct Peak Processing Solutions business or interact with internal networks and business systems, whether owned or leased by the company, the employee, or a third party.
All employees, contractors, consultants, temporary workers, and other personnel at Peak Processing Solutions and its subsidiaries are responsible for exercising good judgment regarding appropriate use of information, electronic devices, and network resources in accordance with company policies, standards, and local laws and regulations.
Exceptions to this policy are documented in section 5.2.
This policy applies to:
Employees, contractors, consultants, and temporary workers.
All personnel affiliated with third parties.
All equipment owned or leased by Peak Processing Solutions.
4. Policy
4.1 General Use and Ownership
Peak Processing Solutions' proprietary information stored on electronic and computing devices, whether owned or leased by the company, the employee, or a third party, remains the sole property of Peak Processing Solutions.
Promptly report the theft, loss, or unauthorized disclosure of proprietary information.
Access, use, or share proprietary information only as authorized and necessary to fulfill job duties.
Employees should exercise good judgment regarding personal use of Internet/Intranet/Extranet systems. Consult departmental policies or supervisors if unsure.
Authorized individuals may monitor equipment, systems, and network traffic at any time for security and network maintenance purposes.
Peak Processing Solutions IT reserves the right to audit networks and systems periodically to ensure compliance.
4.2 Security and Proprietary Information
All computing devices must have a password-protected lock screen with an automatic activation feature set to 10 minutes or less. Log off or lock your screen when unattended.
Use extreme caution when opening email attachments from unknown senders, as they may contain malware.
4.3 Unacceptable Use
The following activities are strictly prohibited:
4.3.1 System and Network Activities
Violating intellectual property rights (e.g., installing unlicensed software).
Unauthorized copying of copyrighted material (e.g., music, software, photographs).
Accessing data, servers, or accounts without proper authorization.
Exporting software, encryption software, or technical information in violation of international laws.
Introducing malicious programs into the network (e.g., viruses, worms, ransomware).
Sharing passwords or allowing unauthorized access.
Using company assets to engage in harassment or illegal activities.
Making fraudulent offers originating from a company account.
Effecting security breaches or disrupting network communication.
Unauthorized port scanning, security scanning, or network monitoring.
Circumventing security controls or authentication mechanisms.
Introducing honeypots, honeynets, or similar technologies on the company network.
Interfering with or denying service to other users.
Sending bulk emails, chain letters, or spam.
Providing employee information to external parties without authorization.
4.3.2 Email and Communication Activities
4.3.3 Blogging and Social Media
Blogging and social media use must comply with company policies and not interfere with work duties.
Employees must not share confidential or proprietary information online.
Employees must not engage in harmful, defamatory, or discriminatory behavior.
Personal statements must not misrepresent affiliation with Peak Processing Solutions.
Company trademarks and intellectual property must not be used without authorization.
5. Policy Compliance
5.1 Compliance Measurement
The IT will verify compliance through:
5.2 Exceptions
5.3 Non-Compliance
6. Related Standards, Policies, and Processes
7. Definitions and Terms
Refer to the SANS Glossary: SANS Security Resources