IPsoft – Acceptable Use Policy Awareness Session

1

Background • IPsoft is ethically. and describes appropriate conduct. • • • • • 2 . integrity and availability of information. Users must read and understand the Policy since effective security is not a factor of security. Future audits require verifiable evidence recording InfoSec initiatives. legally and contractually required to protect Client and internal data through an Information Security (“InfoSec”) program. The cornerstone of InfoSec is an Acceptable Use Policy (“AUP”) that defines terms. InfoSec combines technology and process to safeguard the confidentially. informs Users of restrictions. rather it relies upon the awareness and the cooperation of all Users. Users must agree to follow the Policy to ensure protection of information and the continued success of IPsoft.

awareness and user agreement to of Acceptable Use of Systems. – Adherence to standards improves our creditability and value to Clients. Specific provisions require documentation. Competitive Advantage – Our AUP combined with other InfoSec initiatives differentiate IPsoft from our competitors.AUP Drivers • Compliance – Statement of Auditing Standards # 70 (“SAS70”): As a service provider. – Gramm Leach Bliley Act (“GLBA”): Title V of GLBA requires safeguards for privacy which are implemented through the AUP. • 3 . IPsoft must pass periodic audits that inspect our internal controls.

PANs. Users must protect each of the following from disclosure.Confidential Information A significant portion of the AUP addresses Confidential Information. other ID Numbers • Drivers License Numbers • Passport Numbers • Name/Full Birthdate Pairs – Financial Information – All Client information including Client name – Medical Information – Passwords 4 . – Personally Identifiable Information • Social Security Numbers.

To stress the importance of the Policy to Users 5 .Verifiable Evidence of Deployed Controls .Confirmation of User awareness of Policy .Agreement to Acceptable Use Policy The Agreement to the Acceptable Use Policy form is required to address the following requirements: .

other IPsoft Policies. Incidental personal use of Systems is permitted if such use does not detract from Users’ responsibilities or otherwise consume excessive resources. safety. By using our Systems. partner agreements.” 6 . unethical or illegal use of IPsoft Systems. rights or property are forbidden.General Policy “To prohibit the unprofessional. each User assumes responsibility for appropriate use and agrees to comply with this Policy. Actions that negatively impact privacy. regulations. provider Terms of Service and applicable laws.

sexual orientation. commercial or non-commercial activities. Providing unauthorized goods or services for free or for a fee using the IPsoft Systems is forbidden. intimidation. forwarding. citizenship or disability. fundraising. harassment or defamation are prohibited. age. records. display. obscenity. • • 7 . national origin. advertising or the selling of goods/services is not allowed. storing or serving any material that would offend a reasonable person on the basis of gender. gambling. credentials or services in any form is prohibited.Key Provisions • The unauthorized use. viewing. programs. any material. race. deletion or restoration of data. alteration. and any material that violates our Policies against sexual harassment. Transferring. religious or political beliefs. the possession or transmission of which is illegal or materials that facilitate illegal activities. extraction. Unprofessional communications including threats. Unauthorized personal. messaging.

extend wired or wireless connections or ignore security warnings is forbidden. Attempting to obtain or obtaining confidential information including credentials or using any means to circumvent controls.Key Provisions (continued) • • Exceeding your level of authorization is not allowed and misrepresentation of identity is forbidden. Infringing on intellectual property rights including plagiarism and unauthorized use or reproduction is prohibited. Unauthorized scanning of Systems for services and/or security vulnerabilities is prohibited. deactivate safeguards. intercept communications. • • 8 .

Sending unsolicited information is prohibited. Users may not use IPsoft’s Systems to distribute unauthorized commercial or noncommercial information. processing. modification or deletion of information. use Company’s Systems or the Internet are prohibited. • • • 9 . Monitoring accounts should not be used for interactive access. data or files is prohibited. Running any unauthorized service that enables the sharing.Key Provisions (continued) • Any activities that adversely affect the ability of other people or devices to do their jobs. forwarding.

• • 10 . we periodically inspect active and archived data. As part of our normal business practices. we may take disciplinary action. Users should have no expectation of privacy. and these data sources may contain information marked by Users for deletion. advise law enforcement or take other action(s).No Expectation of Privacy • IPsoft Systems and their complete contents are the property of IPsoft. If User data contains item(s) that violate the law or violate this Policy.

IPsoft reserves the right to terminate its contract without penalty and to pursue any remedies available to it. Consultants. the Company may immediately suspend the suspect connection and/or User and commence a comprehensive investigation • 11 .Compliance • Users who violate the Policy may incur disciplinary actions including termination. including civil and/or criminal action(s) against the offending party. and civil and/or criminal action(s). Should we discover prohibited actions. IPsoft monitors access to our Systems as part of our normal business practices. contractors or service providers in violation of this Policy will be considered in breach of their contractual obligation to IPsoft.

Questions 12 .

Sign up to vote on this title
UsefulNot useful