Purpose
This usage policy covers the security and use of all Witekio Information and IT resources by people external to the company (guests and customers).
Scope
The scope of this policy covers all external users with authorized access to any of Witekio’s resources. This policy does not apply to employees.
Policies
Acceptable use
The user must be registered via his/her company mail address.
If the registration doesn’t require a mail address, the ID must explicitly include his/her full name and company name.
Note: Any incorrect registration will be removed without notice.
The user must respect the integrity of the data to which they have access.
Unacceptable use
The user must not use Witekio’s IT resources to:
-
- Use another user account.
- Other than in the course of performing their duties, knowingly access, download, or distribute illegal or inappropriate material, including material that is in any way pornographic, obscene, abusive, racist, libelous, defamatory, or threatening.
- Engage in any form of bullying or other behavior which is illegal or likely to cause harassment to others.
- Gain unauthorized access to the account, systems, or equipment of any third party – attempts at ‘hacking’ may result in criminal prosecution
- Perform any activities which contravene the laws of the State, or the destination country in the case of data being transmitted abroad.
- Infringe the copyright, patent, or other intellectual property rights of any person including, by downloading unlicensed software or other unauthorized materials.
- Infringe the data protection or other privacy rights of any person.
- Access, modify or interfere with computer material, data, displays, or storage media belonging to Witekio or another user, except with their permission.
- Knowingly introduce any virus, malware, or other destructive program or device into Witekio’s resources
- The users should take all reasonable steps to ensure that they do not inadvertently introduce such programs or devices into Witekio’s resources
- Store sensitive or confidential Witekio data on a personal and/or unsecured device
Passwords and Access
Use of password
When accessing Witekio’s tools, a user must use passwords conforming with Witekio Password Policy (see TBD).
Use of 2FA/MFA
Whenever possible, a user must enable multi-factor authentication on the tools.
Incident reporting
Since the compromise of a single password can have a catastrophic impact on security, it is the user’s responsibility to immediately report any suspicious activity involving his or her accounts/passwords to Witekio.
The standard procedure is to immediately send an email to it-support@witekio.com providing the following information:
- id: user-name or email address
- impacted applications
- observed behaviors
- any other relevant comments
Enforcement
This policy will be enforced by Witekio’s assigned Security Officer and IT team.