Skip to main content

IT-Acceptable Use

Corey Colwell
Updated

 

ACCEPTABLE USE OF ELECTRONIC RESOURCES

 

PURPOSE:                              

To define the proper and acceptable use of Provincial Credit Union electronic resources as well as individual responsibilities for appropriate, ethical, and legal use of these resources.

SCOPE:                                 

All employees and users of Provincial Credit Union’s electronic resources (“employees”).

POLICY:                              

Electronic resources are defined as Provincial Credit Union’s computers, laptops, Apple iPhone or other smart phones, cell phones, removable storage devices and intangible property, such as electronic information, networks, servers, software, applications, email accounts, Internet connection, and Virtual Private Network (VPN).

Electronic resources are provided to authorized employees as business tools and are intended to be used for business purposes relating to employment responsibilities and Provincial Credit Union products, services, and functions.  Employees are expected to always use good judgement.

Physical Security

At all times, all electronic resources remain property of Provincial Credit Union.

  • Employees are not entitled to remove any computers or other Provincial Credit Union property from   the premises without prior authorization.
  • Employees authorized to use Provincial Credit Union electronic resources must take reasonable measures to protect them from loss or damage.
  • Employees should raise any security concerns with their managers or supervisors. If an electronic resource is lost or stolen, employees are required to notify their manager/supervisor and the IT Department immediately.

To further ensure the security of our work environment, employees are expected to control the visits of people not employed by Provincial Credit Union into areas that are staff only: let staff know prior to their arrival, know why they are there, who was expecting them, and make sure they are accompanied by a staff member if in areas such as ATM, teller, vault areas and offices that are unoccupied but may have sensitive information in unlocked desks or filing cabinets. All staff members are required to sign off or lock their devices, (computers / laptops) prior to leaving their offices.

Laptop Computers and Mobile Devices

Some employees will be assigned portable computers (“laptops”) and/or mobile devices (Apple iPhone, cell phone, tablet) to enable them to work and communicate while outside the office.  These employees are expected to:

  • Take laptops home at the end of each day.  If an employee occasionally leaves their laptop in the office they will inform their manager that they have done so.
  • Prevent anyone else from using Provincial Credit Union’s electronic resources; laptops and mobile devices are for the employee’s use.
  • Ensure laptops are not left unattended anywhere, including in vehicles. If leaving a laptop in a vehicle for a short time is unavoidable employees should lock the laptop in the trunk. Laptops should never be left overnight in a vehicle.
  • Ensure that their laptops and other Provincial Credit Union electronic resources are not placed in checked luggage when travelling. They should be placed in carry-on luggage and watched closely through security scans.

Email

The Provincial Credit Union email system is to be used primarily for business purposes.  Occasional personal use is acceptable if it is appropriate, lawful, and ethical and complies with all Provincial Credit Union policies.  Employees are expected to use good judgement and use personal email accounts for most personal email.

When using Provincial Credit Union email system employees are expected to:

  • Refrain from forwarding any chain letters, viruses, spam email, or any other email that asks the employee to forward it to numerous people.
  • Not subscribe to any personal web services or sites (e.g., Facebook, Twitter, Amazon, eBay, iTunes, etc.) using their Provincial Credit Union email address.
  • Not use their Provincial Credit Union email address for personal business or political messages.
  • Notify the IT Department of any email that looks like a virus or security threat.
  • Treat all email communications with the same professionalism, respect, courtesy, and confidentiality as all other Provincial Credit Union communications.
  • Ensure that information is sent to the appropriate, intended addressee to prevent wrongful or accidental dissemination of confidential, personal, or proprietary information.
  • Follow Provincial Credit Union’s Privacy Policy at all times. Provincial Credit Union Privacy Policy and Procedures can be found on IRIS under Risk & Compliance Department.

Software, Downloading and Personal Files

The Provincial Credit Union uses only legal licensed software.  All Provincial Credit Union software is tested, approved, provided and/or installed by the IT Department. 

Employees are expected to:

  • Refrain from installing any personal software on Provincial Credit Union computers.
  • Notify the IT Department by sending a ‘request’ through IRIS, found under the IT department, if they have a requirement to download/install trial software of any kind.
  • Refrain from downloading anything from the Internet except work-related documents or files; this includes music, games, videos, software, etc.
  • Refrain from storing personal files (e.g., photos, music, documents) on Provincial Credit Union network or servers.  Storing a reasonable number of personal files on your computer, laptop or mobile device is acceptable.  Employees understand that there is no expectation of privacy for personal files stored on Provincial Credit Union computers, and that Provincial Credit Union is not responsible for protecting these files from loss or damage.

Prohibited Use

While this list is not exhaustive, the following examples of prohibited use shall serve as guidance to employees regarding misuse of Provincial Credit Union electronic resources that will not be tolerated:

  • Using Provincial Credit Union’s electronic resources to search, browse, access, create, send, forward, receive, retrieve, download, store, print, or otherwise transmit information or other content that is illegal, hostile, offensive, malicious, sexually explicit, pornographic, discriminatory, harassing, profane, illegal, damaging (e.g., computer viruses), or otherwise inappropriate for the business environment.
  • Disclosing confidential, personal, or proprietary information unless there has been express, prior authorization by Provincial Credit Union.
  • Intentionally or negligently revealing passwords or otherwise permitting the use by others of personal accounts for access to computers and the network.
  • Intentionally damaging or destroying electronic data or information.
  • Intentionally disrupting the use of Provincial Credit Union networks or information systems.
  • Intentionally wasting human or electronic resources, including excessive personal use, and/or disturbing other employees or business functions.
  • Attempting to change, disable or circumvent the security settings or security software that is in place on your computer and on Provincial Credit Union network.
  • Using Provincial Credit Union computers, email, or electronic resources to receive excessive instant messages, updates, or notifications from personal social media or other websites.
  • Participating in unauthorized copying of software or use of unlicensed computer software.
  • Violating copyrights and trademarks. Employees will provide credit for all content, including content found on the internet, that they have authorization to reproduce.
  • Sending unsolicited advertising and email messages (“spam”) to individuals who did not specifically request such material.

Monitoring Use

The Provincial Credit Union reserves the right to physically and electronically open, inspect, monitor, and access (collectively, “monitor”) all Provincial Credit Union property. Employees in violation of this policy will be subject to corrective action, up to and including termination of employment. Any illegal activity will be promptly reported to police for further investigation.

  • Employees must exercise good judgment and common sense when using Provincial Credit Union’s electronic resources.
  • Employees should not expect privacy in any professional or personal information created, transmitted, stored, or accessed using electronic resources.
  • Any information that employees wish to keep private should not be sent, received, transmitted, stored, or accessed using Provincial Credit Union property.
  • All files, folders, emails, and browsing history on Provincial Credit Union computers and servers will be subject to monitoring.
  • Passwords, delete functions, and restricted access files or folders do not restrict or eliminate Provincial Credit Union’s right or ability to monitor any electronic activity.

Reporting Misuse or Misconduct

Misuse of electronic resources is an abuse of Provincial Credit Union property and/or time. If misuse, misconduct, or violations of this policy occur, access privileges may be suspended or eliminated and the employee in question may be subject to corrective action, up to and including termination, according to the Code of Corporate Ethics and Business Conduct. This can be found on IRIS under the Risk & Compliance Department.

Any allegations of misuse, misconduct, or violations of this policy are to be promptly reported to the offending employee’s manager/supervisor who would inform the Compliance Officer, It Department and/or Human Resource Department.

If an employee receives an unsolicited email or other form of electronic message from any source that contravenes this policy, for example containing harassing, discriminatory, or sexually explicit content, it should not be forwarded, deleted, or replied to; instead, it should be reported directly to the employee’s manager/supervisor who would inform the IT Department, Human Resource Department and/or Management.

AUTHORITY

All employees are responsible for ensuring their compliance with this policy and the Code of Corporate Ethics and Business Conduct Policy. All employees are responsible for reporting all suspected violations of this policy, security breaches, viruses, and malware immediately to the IT Department, Human Resource Department and/or Management.

Employees must cooperate with all IT Department instructions related to computer security and acceptable use of electronic resources to ensure that activities do not risk the normal functioning and security of Provincial Credit Union’s network, servers, and data.

Managers are responsible for monitoring the use of Internet, email, social media, and Provincial Credit Union electronic resources and equipment by employees in their department. Managers are also responsible for dealing with inappropriate actions, misuse, and misconduct that comes to their attention.

The IT Department or Management is responsible for providing support and resources to managers/supervisors in monitoring, investigating, and responding to suspected or reported misconduct or misuse of Provincial Credit Union’s electronic resources.

LIMITATIONS

The Provincial Credit Union must comply and ensure compliance with privacy, human rights, intellectual property, harassment, anti-spam, and other legislation; therefore, this policy will be strictly and consistently monitored and enforced.

The use of Provincial Credit Union property and electronic resources is a privilege that may be terminated at any time at Provincial Credit Union’s discretion.

  • The Provincial Credit Union may restrict access to specific websites at its sole discretion if such websites are deemed to be inappropriate, damaging, or impacting employee productivity or system performance.
  • Access privileges and use of all Provincial Credit Union property, including all Provincial Credit Union-issued laptops, email accounts, and other tangible and intangible property, will be promptly severed upon termination of the employment relationship.

Comments

0 comments

Article is closed for comments.

Powered by Zendesk