Jingga/Organization-Guide
1
0
Fork 0
mirror of https://github.com/Karaka-Management/Organization-Guide.git synced 2026-01-11 04:48:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
b17bd20351
Organization-Guide/Policies & Guidelines/IT/General Employee Guideline.md

3.1 KiB
Raw Blame History

General Employee Guideline

IT is part of our daily lives and an important tools for any organization. The proper interaction and handling of IT is crucial for protecting user, company and partner data.

Goal

Employees should gain a good awareness about IT risks and proper use of IT in any form to protect themselves, the company and any thrid party.

Implementation

Authentication

Employees may receive user-ID and authentication inforamtion for hardware and software components. These information must be kept confidential and not shared with anyone, including other employees.

Shared accounts

Only in very few cases shared accounts exist. Credentials for such accounts can be used by multiple employees but must also be kept confidential within that group of employees. Examples for such situations are:

  • Accounts for shipping software
  • Accounts for some online shops
  • Accounts for IT components in meeting rooms

The responsible person for shared accounts is the respective head of department.

Hardware

Only company issued hardware must be used by employees as this hardware is tested and protected with security software such as anti-virus software, firewall software etc.

The hardware handed over to the employee belongs to the company and must be handled with care. This includes preventing damages and unauthorized access. Company hardware must not be accessible to third parties and must only be used for company tasks.

Any hardware provided by the company must be returned before leaving the company after a termination.

If additional hardware is required please make a request with the IT department.

USB devices

No third party USB devices (i.e. USB storage device) must be used as they can contain malware or hardware damaging components. Only company provided USB devices must be used. If a USB storage device is necessary please request one from the IT department.

If you receive a USB storage device from a thrid party please hand it over to the IT department who can inspect the data stored on the device and send you a copy.

Software

Only company issued software must be installed on the company hardware. The software handed over to the employee belongs to the company. Company software must not be accessible to third parties and must only be used for company tasks.

Any software including license keys provided by the company must be returned before leaving the company after a termination.

If additional software is required please make a request with the IT department.

Email

A common way to attack a company is through malicious emails. This includes phishing emails and emails containing malware.

  1. Don't open any files from unknown sources
  2. If you unexpectedly receive files from known sources verify before opening them with the sender that he actually sent these files

Support & Changes

IT support can be requested through the support portal (e..g faulty hardware) and change requests (e.g. permission changes) can be requested through the change management.

Responsible

Every employee is responsible for following this guideline.

2022-01-01 - Version 1.0