TECHNOLOGY POLICY

This Acceptable Use Policy (hereinafter referred to as” Policy”) of [INSERT NAME OF COMPANY] (the “Company”) is effective from [INSERT DATE ON WHICH THE AGREEMENT COMES INTO FORCE].

This policy aims to increase protection of Technology Resources to assure the usability and availability of those resources to all users of [INSERT NAME OF COMPANY] (the “Company”) is the primary intent of this Policy. The Policy also addresses privacy and usage guidelines for those who access the Company’s Technology Resources.

1. SCOPE
   1. The Company recognizes the vital role technology plays in affecting Company business as well as the importance of protecting information in all forms. As more information is being used and shared in digital format by authorized users, the need for an increased effort to protect the information and the technology resources that support it , is felt by the Company and hence this Policy. Since a limited amount of personal use of these facilities is permitted by Company to users, including computers, printers, e-mail, Software and Internet access, therefore, it is essential that these facilities are used responsibly by users, as any abuse has the potential to disrupt company business and interfere with the work and/or rights of other users. It is therefore expected of all users to exercise responsible and ethical behavior while using Company’s Technology facilities.
2. ACCESS CONTROL
   1. All Company’s computers that are either permanently or temporarily connected to the internal¬ computer networks must have a password-based access control system. Regardless of the network connections, all computers handling confidential information must also employ appropriate password-based access control systems. All in-bound connections to Company’s computers from external networks protected with an approved password or ID access control system. Modems may only be used after receiving the written approval of the IT Head and must be turned off when not in use. All access control systems must utilize user-IDs, passwords and privilege restrictions unique to each user. Users are prohibited from logging into any Company’s system anonymously. To prevent unauthorized access all vendor-supplied default passwords must be changed before the use. Access to the server room is restricted with RFID lock and only recognized IT staff or someone with due authorization from IT Head is permitted to enter the room. Users shall not make copies of system configuration files (e.g. Passwords, etc) for their own, unauthorized personal use or to provide to other users for unauthorized uses.
3. MANAGING SYSTEM PRIVILEGES
   1. Requests for new user-IDs and changes in privileges must be made to the IT Department in Mail. Users must clearly state why the changes in privileges are necessary.
   2. In response to feedback from the Human Resources Department, the IT department will revoke any privileges no longer needed by users. After receiving information from HR/ Admin department all system access privileges will be terminated within 24 hours when a user leaves the Company. The Company’s management reserves the right to revoke the system privileges of any user at any¬ time. Conduct that interferes with the normal and proper operation of the Company’s information systems, which adversely affects the ability of others to use these information systems, or which is harmful or offensive to others will not be permitted.
4. SECURITY (ACCESS CONTROL)
   1. The Users are forbidden from circumventing security measures. Users are strictly prohibited from establishing dial-up connections, using modems or other such apparatus, from within any Company’s premises. Users who have been given mobile/portable laptop / palmtop or any other device and duly authorized for such remote access, which connects to Company’s mail system on a real-time basis, can do so through the Internet.
   2. Unless the prior approval of the IT Head has been obtained, users shall not establish Internet or other external network connections that could allow non-authorized users to gain access to the Company’s systems and information. These connections include the establishment of multi-computer file systems, Internet web pages & FTP servers. Users must not test or attempt to compromise computer or communication system security measures unless specifically approved in advance and in writing by the IT Head. Incidents involving unapproved system cracking or hacking, password cracking, file decryption, software copying, computer configuration changing or similar unauthorized attempts to compromise security measures will be considered serious violations of Company’s policy. Likewise, short-cuts bypassing system security measures is absolutely prohibited.
5. CHANGES TO SYSTEM
   1. No user must physically connect or disconnect any equipment, including Company’s owned computers and printers, to or from any Company’s network. With the exception of emergency situations, all changes to Company’s technology systems and networks must be documented and approved in advance by the IT Head. Only persons who have been authorized by the IT Head can make emergency changes to any Company’s computer system or network.
6. CHANGES TO THE POLICY
   1. We reserve to right to update and make changes to this policy from time to time based on the working conditions of the Company. The Company on updating this policy will inform the Employees of the Company.
7. FURTHER INFORMATION
   1. For any queries or further Information regarding our Company or about this Policy, the concerned person can contact us through email[INSERT EMAIL ADDRESS OF THE COMPANY]
8. ACKNOWLEGEMENT
   1. We expect all employees to adhere to this policy of the Company. The Company will apply this policy consistently and fairly to ensure a harmonious and productive workplace for all.
   2. By signing below, you acknowledge that you have carefully read and understood the terms and contents of this policy.
   3. You acknowledge that you will follow the set guidelines of this policy as well as of the Company and failure to do so; the Company can take required action against such person.

COMPANY                    

[INSERT NAME OF COMPANY]

Authorized Signature

Print Name and Title

[INSERT SIGNING AUTHORITY]