Scribd
Upload
17 views3 pages

IT Do's and Don'ts Policy

The IT Do's and Don'ts Policy outlines guidelines for the appropriate use of company IT resources to ensure security, privacy, and operational efficiency. It emphasizes the importance of using IT resources for business purposes, protecting sensitive information, following security protocols, and complying with legal requirements, while also detailing prohibited actions such as using resources for personal gain and sharing sensitive information without authorization. Non-compliance with this policy may result in disciplinary action, including termination.

Uploaded by

HR
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
17 views3 pages

IT Do's and Don'ts Policy

The IT Do's and Don'ts Policy outlines guidelines for the appropriate use of company IT resources to ensure security, privacy, and operational efficiency. It emphasizes the importance of using IT resources for business purposes, protecting sensitive information, following security protocols, and complying with legal requirements, while also detailing prohibited actions such as using resources for personal gain and sharing sensitive information without authorization. Non-compliance with this policy may result in disciplinary action, including termination.

Uploaded by

HR
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

IT Do's and Don'ts Policy

1. Purpose

This policy provides guidelines for the appropriate use of the company’s Information Technology
(IT) resources to ensure security, privacy, and operational efficiency.

IT Do's

1. Use IT Resources for Business Purposes

● Use only company-issued devices and systems for business-related activities.


● Ensure your activities on company networks are aligned with your job responsibilities
and the organization’s goals.

2. Protect Sensitive Information

● Safeguard confidential and proprietary information. Only share such data with authorized
personnel, and ensure it is stored securely.
● Use strong passwords for accessing company systems and change them regularly.
● Encrypt sensitive data when sending or storing it on external drives or cloud storage.

3. Follow Security Protocols

● Adhere to company security practices, including multi-factor authentication (MFA) where


required.
● Regularly update your software, including security patches and antivirus programs, to
safeguard against threats.
● Report any suspected security breaches or vulnerabilities immediately to the IT
department or HR.

4. Respect Privacy and Confidentiality

● Respect the privacy of others by not accessing or sharing personal data without proper
authorization.
● Ensure that email communication and document sharing respect confidentiality
agreements and legal requirements.

5. Comply with Legal and Regulatory Requirements

● Always comply with laws, including copyright, data protection, and intellectual property
rights, when using company technology resources.
● Ensure compliance with relevant industry regulations, such as GDPR, when handling
client and customer data.

6. Ensure Device Security

● Lock your computer screen when leaving it unattended, even for a short period.
● Keep your devices physically secure, especially when working remotely or travelling.
● Use company-approved software and hardware only.

7. Backup Important Data

● Regularly backup important files to company-approved cloud storage or systems to


prevent data loss.
● Follow guidelines for backup frequency and data retention set by the IT department.

IT Don'ts

1. Don't Use IT Resources for Personal Gain

● Refrain from using company IT resources for personal business, financial transactions,
or illegal activities.
● Avoid using company devices for activities unrelated to work, such as personal
shopping, gambling, or social media browsing during work hours.

2. Don't Download or Install Unauthorized Software

● Do not install unapproved software or applications on company devices or networks.


● Do not use pirated or cracked software, as it poses security risks and violates copyright
laws.

3. Don't Share Sensitive Information Without Authorization

● Never share sensitive company information or confidential documents with unauthorized


individuals, whether inside or outside the organization.
● Avoid sending sensitive information via unsecured communication channels, like
personal email accounts.

4. Don't Ignore Security Alerts

● Do not ignore or bypass security warnings, such as firewall alerts, antivirus notifications,
or system update reminders.
● Do not disable security features or firewalls unless instructed by the IT department for
troubleshooting purposes.

5. Don't Engage in Malicious Activities


● Do not attempt to bypass company security systems, access restricted systems, or
engage in activities that could harm the company’s IT infrastructure.
● Avoid any form of hacking, phishing, or other cyber-attacks that could disrupt company
operations or compromise data integrity.

6. Don't Use Weak or Shared Passwords

● Never use easily guessable passwords, such as "password123" or "companyname123."


● Avoid sharing your passwords with others or storing them in unsecured locations, such
as on sticky notes or unencrypted digital files.

7. Don't Ignore Data Management Practices

● Do not store personal or sensitive data on local devices unless explicitly authorized by
the IT department.
● Avoid leaving sensitive documents unattended in public spaces or on shared drives
without proper access controls.

8. Don't Violate Copyright or Intellectual Property Laws

● Do not download, share, or distribute pirated or unauthorized materials using company


resources.
● Always respect intellectual property rights, including software, music, videos, and written
content.

Enforcement

Failure to adhere to this IT Do's and Don'ts policy may result in disciplinary action, including
termination, as per the company’s internal procedures and relevant legal obligations.

You might also like