Information & Technology Policy

Purpose
To establish requirements that must be met by all users connected to the IMS network and to ensure
effective virus detection and prevention.

Scope
This policy applies to all IMS staff members, temporary workers or any person connecting an electronic
device (such as a PC, Laptop or other mobile device) to the IMS network.

Regulations
All staff will be responsible for ensuring that their internet use-age is within the regulations and is ethical
and lawful. The downloading of text or images, which contain material of an offensive, indecent or obscene
nature, is prohibited.

Responsibilities of the user

Do not accept or run software from non-trusted sources. Do not remove the virus protection software from
PCs. Report any virus attack to the IMS IT department immediately to prevent further outbreak.

Software Downloads
Under no circumstances will any member of staff download or install any piece of software. If a member of
staff needs a piece of software and this has been approved by their line manager they will have the piece of
software installed by a member of the IT department. If for any reason there is no member of the IT
department available then the member of staff should contact their line manager.

The downloading or usage of screensavers is prohibited as these may contain viruses, worms or Trojan
horses that can pass personal details across the internet.

CD ROMs & Floppy Drives

Installation of software or other data using removable media offer a route for viruses to infect the IMS
network. However software from reputable manufacturers should be safe. CD ROMs from magazines,
friends or home or other sources by contrast have to be considered unsafe. Only designated members of the
IT department should install any software to servers or workstations.

Passwords
Providing, either directly or indirectly, deliberately or negligently passwords or other confidential
authorisation instruments to persons or other entities inside or outside the context of legitimate business
transactions is strictly not permitted. This applies regardless of whether the information contained in these
areas is confidential or otherwise protected.

Like wise, gaining unauthorised access to internal or external systems is prohibited and will be classed as
gross misconduct under the company’s disciplinary procedures. This applies without regard to whether the
owner or users of the system in question have taken steps to prevent unauthorised access.
Anti-Spam Policy
Delete spam, chain and other junk email without forwarding.

Do NOT publish your work e-mail address on public websites

Do NOT register with e-mail directory services

Never reply to any spam you receive – DELETE IT

Use an alternative e- mail address ( a free account from sites such as Hotmail, Yahoo or FS Mail) to post to
bulletin boards or forums for any personal issues.

E-mail
NEVER open any files or macros attached to an e-mail from an unknown, suspicious or untrustworthy
source. Delete these attachments and then empty your deleted items folder. Staff members should never
download files or e-mail attachments from unknown or unauthorised sources

Employees who have access to e-mail should note that during work hours these systems should only be
used for the purposes of the company’s business.

You are not permitted to send and receive personal e-mails under any circumstances.

You should note that information sent in an e-mail could potentially be disseminated to a large number of
people. When sending confidential information by e-mail care should be taken to ensure that the e-mail is
being sent to the appropriate destination. If there appears a risk that use of e-mail may lead to a breach of
confidentiality then an alternative method of communication should be used.

All messages on the internet being sent from the company will be identified as such to all recipients and
this places a responsibility on each individual to ensure that their actions do not bring the company into
disrepute.

Any e-mail sent outside the company must include the company’s standard form of disclaimer and
confidentiality notice.

E-mails sent or received by you may be stored on the Company computer system and may be admissible
evidence in court or tribunal proceedings
Internet
The internet is primarily provided to support working activities and work research. The facility may also be
used for occasional and limited personal use, this must take place on staff breaks.

You may only access the internet for any purpose including the sending and receiving e-mails using the
approved facilities provided by the firm for doing so and not by the use of other modems or other
equipment provided for other purposes or by other parties.

The use of the Internet or any of the firms internal systems to carry out any of the following acts is
expressly prohibited:

Transmitting or storing material or viewing, displaying or downloading material which places or may place
the company at risk of prosecution, civil action, embarrassment or loss of reputation.

Or whose potentially offensive nature may create disruption or offence.

Such material includes but is not limited to images of nudity, sexual acts, material which is discriminatory
or which promotes discrimination on the basis of race, religion, national origin, sex, sexual orientation or
disability, as well as material advocating violent or criminal acts and material which is obscene or indecent.

Any message posted to a newsgroup, an e-mail mailing list or any other public discussion forum may be
assumed by others to be a statement by the company. All staff must ensure that any such activity is only for
business purposes and is authorised by a manager.

Saving Computer Files

All files should be saved into the appropriate place in the “Department Folders” on the central fileserver
and files should not be saved onto individual PC C-drives. This is to ensure that all files are routinely
backed up for security purposes. Personal files should not be saved into either the department folders or
onto individual C-drives.

Switching off Computers

At the end of the working day between Monday and Fridays desk-top computers should be shut down or
switched off.

Anti-Virus Software
Each computer has its own copy of Symantec Anti-Virus software installed on it to continually protect the
computer against virus attack. It is important that this software is not disabled at any time

Several times each day the virus software will connect to the server automatically to retrieve the latest virus
updates.

If either of the scheduled tasks (virus scanning or live updates) are missed for any reason (for example if
the computer is switched off), then the next time the computer connects to the IMS domain the virus scans
will be completed and the virus definitions will be updated.
Monitoring
The company reserves the right to monitor the use of internet access and intercept and read any e-mail \
MSN conversation sent or received by its employees or contract staff and without notice to withdraw any
such persons authority to use the Internet, E-Mail or MSN.

Offences
In addition to the above the list below are offences that are prohibited by this policy. They may be classed
as gross misconduct under the disciplinary procedure.

Deliberately or negligently spreading software viruses or other computer devices that may cause damage of
any kind to internal or external systems.

Corrupting or destroying data or software.

Commission of criminal acts of any kind the use of unauthorised, illegal, unlicensed or pirate software on
the company’s equipment.

Transmitting any confidential information or sensitive information to any party unless they have been
authorised to receive such information or the information relates directly to the recipient.

Invading the privacy of any person and wasting staff time or computer resources.

Transmitting any copyright material or any other material that is in any way protected by intellectual
property rights without the written permission of the copyright owner or owner of the intellectual property
rights in that material.

Disrupting the work of employees or contractors in the company.