IT Usage Policy
Updated - 29/11/2023
General Notices
This policy applies to all users of any and all IT resources provided by and administered by EnsiliTech, as well as associated persons of EnsiliTech, including staff members, contractors, directors, and anyone else carrying out business for the company. For the remainder of this policy, the term ‘User(s)’ means any of the aforementioned associated persons.
The purpose of this IT Acceptable Use Policy is to outline the acceptable use of all IT resources, including computer hardware and software, network systems, internet access, email systems, and other electronic communication systems, by Users, and third-party service providers at Ensilicated Technologies Ltd. This policy aims to protect the integrity, confidentiality, and availability of the Company's IT resources, and to promote responsible and ethical behaviour when using these resources.
Acceptable Use
Users are encouraged to use the IT facilities to further the goals and objectives of their work, or research and in accordance with the Dignity and Respect policy. Subject to all the following, the Company permits private use of the IT facilities as a privilege, not a right.
All users of the Company's IT resources must comply with all applicable laws, regulations, and policies, including but not limited to the Data Protection Act 2018, General Data Protection Regulation (GDPR), and the Company's Information Security Policy.
All users of the Company's IT resources are responsible for maintaining the security of these resources by using strong passwords, regularly updating software, and reporting any suspicious activity to the executive team.
The Company respects the privacy of its users and expects all users to respect the privacy of others. Any unauthorised access, use, or disclosure of personal information is strictly prohibited.
Users must comply with any request made to them by the Company in connection with the enforcement of these Regulations.
Users shall not use the IT facilities inappropriately. See below for the unacceptable use examples.
Unacceptable Use
Subject to exemptions defined below, the Company IT Systems may not be used directly or indirectly by a User for the download, creation, manipulation, transmission or storage of:
any offensive, obscene or indecent images, data or other material, or any data capable of being resolved into obscene or indecent images or material;
unlawful material or material that is defamatory, threatening, discriminatory, extremist or which has the potential to radicalise themselves or others;
unsolicited and unauthorised bulk email (spam) which is unrelated to the legitimate business of the Company.
material which is subsequently used to facilitate harassment, bullying and/or victimisation of a member of the Company or a third party;
material which promotes discrimination on the basis of race, gender, religion or belief, disability, age or sexual orientation;
material with the intent to defraud or which is likely to deceive a third party;
material which advocates or promotes any unlawful act;
material that infringes the intellectual property rights or privacy rights of a third party, or that is in breach of a legal duty owed to another party; or
material that brings the Company into disrepute.
The Company IT systems must not be deliberately used by a User for activities having, or likely to have, any of the following characteristics:
Accessing or attempting to access unauthorised information or resources.
Sharing passwords or other access credentials with others.
Intentionally wasting staff effort or other Company resources;
Corrupting, altering or destroying another User’s data without their consent;
Disrupting the work of other Users or the correct functioning of the Company IT Systems;
Engaging in any activity that may disrupt or interfere with the normal operation of the Company's IT resources.
Denying access to the Company IT Systems and its services to other users.
Pursuance of commercial activities (except if in support of Company business), subject to a range of exceptions.
Introduce data-interception, password-detecting or similar software or devices to the Company's Network.
Deliberate unauthorised access to the Company's IT systems;
Attempt to undermine the security of the Company's IT systems. (For the avoidance of doubt, this includes undertaking any unauthorised penetration testing or vulnerability scanning of any Company systems);
Intentionally or recklessly introduce any form of spyware, computer virus or other potentially malicious software;
Installing or using unauthorised software or hardware.
Use software which is only licensed for limited purposes for other purpose or otherwise breaching software licensing agreements;
Fail to comply with a request from an authorised person for you to change your password.
The Company's email system is intended for Company-related activities only. It is recommended to use clear and concise language when composing messages and avoid sending large attachments or forwarding chain emails.
All users of the Company's email system should not:
harass, threaten, or intimidate others.
solicit or promote personal or commercial activities.
send confidential or sensitive information without using appropriate encryption methods.
The Company recognises the value of social media as a communication and engagement tool. Use social media in a responsible and ethical manner.
All users of social media accounts representing as a member of EnsiliTech should not:
Post offensive or inappropriate content, including but not limited to sexually explicit or discriminatory material.
Harass, threaten, or intimidate others.
Promote personal or commercial activities without prior approval from the Company.
The Company reserves the right to monitor all activities on its IT resources, including but not limited to email, internet usage, and social media use. Any unauthorised use of IT resources may result in disciplinary action, up to and including termination of employment or contractual relationship.
Where the Company IT Systems are being used to access another network, any abuse of the acceptable use policy of that network will be regarded as unacceptable use of the Company IT Systems.
Exemptions from Unacceptable Use:
There are a number of legitimate research activities that may be carried out using Company information systems that could be considered unacceptable use, as defined above. In such circumstances, advice should be sought from the Executive team who will consult with legal advisors (if potentially illegal material is involved) prior to the introduction of said material onto the Company IT Systems.
This policy may have an impact on users of assistive technology or assistive software due to their disability. These individual cases will be considered on a case by case basis.
Any potential research involving obscene or indecent material must always be discussed in advance with the Executive Team. If a member of the Company community believes they may have encountered breaches of the above, they should make this known to an appropriate Company authority.
Consequences of Breach
In the event of a breach of this Acceptable Use Policy by a User, the Company may in its sole discretion:
restrict or terminate a User’s right to use the Company IT Systems;
withdraw or remove any material uploaded by that User in contravention of this Policy;
where appropriate, disclose information to law enforcement agencies and take any legal action against a User for breach of this Policy, including but not limited to claiming all costs, fees and disbursements (including but not limited to legal fees) connected therewith.
In addition, where the User is also a member of the Company, the Company may take such action, disciplinary or otherwise as it deems appropriate.