Usage policy for external users


 

Purpose

This usage policy covers the security and use of all Witekio Information and IT resources by people external to the company (guests and customers).

Scope

The scope of this policy covers all external users with authorized access to any of Witekio’s resources. This policy does not apply to employees.

Policies

Acceptable use

The user must be registered via his/her company mail address.

If the registration doesn’t require a mail address, the ID must explicitly include his/her full name and company name.

Note: Any incorrect registration will be removed without notice.

The user must respect the integrity of the data to which they have access.

Unacceptable use

The user must not use Witekio’s IT resources to:

    1. Use another user account.
    2. Other than in the course of performing their duties, knowingly access, download, or distribute illegal or inappropriate material, including material that is in any way pornographic, obscene, abusive, racist, libelous, defamatory, or threatening.
    3. Engage in any form of bullying or other behavior which is illegal or likely to cause harassment to others.
    4. Gain unauthorized access to the account, systems, or equipment of any third party – attempts at ‘hacking’ may result in criminal prosecution
    5. Perform any activities which contravene the laws of the State, or the destination country in the case of data being transmitted abroad.
    6. Infringe the copyright, patent, or other intellectual property rights of any person including, by downloading unlicensed software or other unauthorized materials.
    7. Infringe the data protection or other privacy rights of any person.
    8. Access, modify or interfere with computer material, data, displays, or storage media belonging to Witekio or another user, except with their permission.
    9. Knowingly introduce any virus, malware, or other destructive program or device into Witekio’s resources
    10. The users should take all reasonable steps to ensure that they do not inadvertently introduce such programs or devices into Witekio’s resources
    11. Store sensitive or confidential Witekio data on a personal and/or unsecured device

Passwords and Access

Use of password

When accessing Witekio’s tools, a user must use passwords conforming with Witekio Password Policy (see TBD).

Use of 2FA/MFA

Whenever possible, a user must enable multi-factor authentication on the tools.

Incident reporting

Since the compromise of a single password can have a catastrophic impact on security, it is the user’s responsibility to immediately report any suspicious activity involving his or her accounts/passwords to Witekio.

The standard procedure is to immediately send an email to it-support@witekio.com providing the following information:

  • id: user-name or email address
  • impacted applications
  • observed behaviors
  • any other relevant comments

Enforcement

This policy will be enforced by Witekio’s assigned Security Officer and IT team.