Compliance with our information security policies.

Compliance with legal, regulatory, and contractual requirements.

Any other purpose that the organisation deems appropriate.

Installation or distribution of "pirated" or other software products that are not appropriately licensed.

Unauthorised copying of copyrighted material including, but not limited to, digitisation and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which the Organisation, or the end user, does not have an active license is strictly prohibited.

Revealing account passcodes to other users or allowing use of individual accounts by others. This includes family and other household members when work is being done at home. Users are accountable for all the activities that carried out in their respective login.

Using a company computing asset to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws in the user's local jurisdiction.

Effecting security breaches or disruptions of network communication. Security breaches include, but are not limited to, accessing data of which the user is not an intended recipient or logging into a server or account that the user is not expressly authorised to access, unless these duties are within the scope of regular duties.

Providing information about, or lists of the Organisation’s users/customers to external parties.

Sending unsolicited email messages, including "junk mail" or other advertising material to individuals who did not specifically request such material.

Any form of harassment via email or telephone, whether through language, frequency, or size of messages

Unauthorised use, or forging, of email header information.

Solicitation of email for any other email address, other than that of the poster's account, with the intent to harass or to collect replies.

Creating or forwarding "chain letters" or other such schemes of any type.

Use of unsolicited email originating from WeThrive’s networks of other Internet/Intranet/Extranet service providers on behalf of, or to advertise, any service hosted by the business or connected via the organisation’s network.

Organisational e-mail facilities may not be used for sending defamatory e-mails, or using e-mail for harassment, unauthorised purchases, or for publishing views and opinions, defamatory or otherwise about the Organisation’s employees, workers, suppliers, partners or customers.

Outgoing e-mail attachments must be appropriately assessed to ensure if protection using cryptographic controls is required.

Users must not open incoming e-mail attachments that originate with unknown third parties or that, even if they appear to have been sent by a known party, were not expected. These attachments may contain malicious content. Any such e-mails must be reported to the Data Protection Officer immediately. On no account should they be forwarded or copied to anyone, whether inside or outside the network.

Viruses and hoax virus messages: users are required to report any third-party e-mail messages they receive about viruses to the Data Protection Officer immediately. On no account should it be forwarded, or copied on, to anyone, whether inside or outside the network.

Users are prohibited from using organisational e-mail facilities for forwarding chain letters or impersonating other people. Additionally, organisational e-mail addresses are not to be left on any websites other than for legitimate and necessary business purposes.

Users are required to limit the use of group e-mail addresses, to limit copying to unnecessary recipients, to restrict use of the ‘reply to all’ function, and restrict the use of the blind copying feature.

Employees are required to delete non-essential e-mail messages as soon as possible and, on a regular basis, to clear e-mail boxes of correspondence that is no longer required.

Organisational e-mails may not be used to purchase anything on behalf of the business without specific prior authorisation and then only in accordance with the Organisation’s current policies regarding purchasing and cryptographic controls.

Organisational e-mail addresses may not be used for personal purchases or any other personal transactions.

Employees are prohibited from setting up automatic forwarding of e-mails to external addresses or of copying e-mails to addresses outside the Organisation, unless there is a legitimate business purpose for doing so.

Organisational User Identifications (ID), websites and e-mail accounts may only be used for organisationally sanctioned communications.

Users must not place any of the Organisation’s material in a publicly accessible internet site without prior approval.

The business reserves the right to examine the internet access information of any user. Use of internet/e-mail/instant messaging may be subject to monitoring for reasons of security and/or network management and users may have their usage of these resources subjected to limitations.

Personal use of the internet is permitted so long as it does not adversely affect business activities.

Users must inform their line manager of any security breach that they know of or become aware of.

The Organisation is not responsible for material viewed or downloaded by users from the internet. Users are cautioned that some webpages may include offensive, sexually explicit, and inappropriate material. In general, it is difficult to avoid at least some contact with the material while using the internet. Even innocuous search requests may lead to sites with highly offensive contents. Users accessing the internet do so at their own risk. Should any illegal activities be found, such as breaches, theft or hacking, the Organisation will hand the personnel information details to the appropriate law enforcement agencies.

Users may not download software from the internet, execute or accept any software programs or other code from the internet unless it is in accordance with policies and procedures.

Users will not seek to avoid and will uphold the Organisation’s anti-malware policy and procedure.

Users will not intentionally interfere in the normal operation of the network or take any steps that substantially hinder others in their use of the network. Users will not examine, change, or use another person’s files or any other information assets for which they do not have explicit permission.

Users will not conduct any other inappropriate activity as identified from time to time by the organisation and will not waste time or resources on non-organisation business. This includes downloading bandwidth intensive content, such as streaming videos and music files and sharing digital photographs.