7.1 Safe Use of IT
Security and access to stored information is vital to our operations.
You must ensure all information is kept secure and not accessed, released, or used except for a proper business purpose (and in accordance with the law).
Protect your password and login information from any unauthorised disclosure.
It is important that all information is stored in the correct system and in the correct way.
We use the following information storage systems:
- Netsuite – CRM and Accounting
- Sharepoint/Box – Document Management System
- Office 365 – Emails
If you find or know of any breach (or potential breach) of any policy, you must report that to your supervisor/manager immediately so that steps can be taken to secure our systems and investigate matters as appropriate.
All passwords provided to, or created by you, are to be kept strictly confidential and secure and must not be shared with any other person.
You should change your password, if you suspect that it may have become known to another person and, on a regular basis to improve security.
Passwords should not be easy to identify.
Cell Phone and Other Devices Policy
You may be provided with a cell phone for business purposes, reasonable personal use is allowed such as texting and calling within New Zealand.
Using data for personal streaming is not allowed.
If you are required to use your personal cell phone for business use, you will be reimbursed appropriately as approved by your supervisor/manager.
Laptops are provided for business use only, unless prior approval has been sought through your supervisor/manager.
Cell Phone use (during working hours) – It is expected that you will ensure personal calls are kept to a minimum during working hours. Checking your personal emails and social media is to be done during your break times.
We expect you to look after company equipment.
Email, Intranet, Internet, and Social Media Policy
All computers must be shut down at the end of each day and the following practice must be followed:
Close all applications; Log out;
Email and internet access is provided for work purposes, but reasonable personal use is permitted, provided it does not interfere with your work.
Any inappropriate or offensive emails, which breach any policies (such as harassment or bullying) may result in disciplinary action.
You must not access inappropriate or offensive material or websites from any work computer, or internet connection. A breach of this policy may result in disciplinary action.
Emails sent externally should be written in a professional tone and manner and be signed off with the appropriate email signature.
Confidentiality and privacy is of the utmost importance. Extra care must be taken to ensure the recipient of an email is the intended recipient, and that the attachments included are intended to be included.
If you have forwarded confidential or private information inadvertently or in error, you must immediately notify the General Manager, who will advise you on the steps to take in response.
Scams & Viruses
Scammers are becoming very sophisticated in their attacks. You should not click on any links or open any attachments in emails you are not expecting, as these could expose our system to attack.
If in doubt, do not open attachments or click on links. Ask the Marketing Team Leader (Jon Coursey) for advice on checking the email.
A phone call to the sender (not using numbers contained in the email) to check it is genuine, is a good way to filter out scams.
As scammers can also alter emails and attachments to change bank account details, you must always confirm bank account details by phone or meeting with the client/other party before arranging payment or seeking payment.
Viruses can attack our system despite the antivirus software. Antivirus software only checks for known viruses. Viruses can arrive as part of software programmes, files, email attachments, etc.
The most dangerous are email attachments, as our virus checking will possibly be bypassed by these. If you get an email attachment you should not open it if you are concerned that you do not know who it is from. This will limit the potential for infection, but not totally prevent it.
Collection of Information
We will generally, and from time to time, collect information about staff activities during work and when using work vehicles etc.
This may take any form, but may include camera pictures and footage, GPS data on vehicle movements and speed, monitoring of the work systems plus any other information we collect.
You should assume that all your activities could be subject to the collection of information at any time you are at work, or engaged in work activities, or in a work vehicle. We will keep this information secure from unauthorised access.