Skip to main content

AcceptableUsagePolicy

Acceptable Usage Policy
Last updated: January 20, 2023

Introduction

  • Zora Communications ltd is committed to safeguard the information and other assets shared with us by our customers, partners, and staff. They depend on us to protect their resources. Thus, it is crucial for all Zora Communications ltd staff to understand how to responsibly use our systems such that we can protect the security, availability and confidentiality of such assets.

Principle & Purpose

  • Zora Communications ltd has a culture of trust and integrity. This policy aims to reinforce the trust we place in each other, by ensuring we can collectively depend on each other to protect the assets of our staff, company, partners and customers. Security is a Zoracom-wide effort and requires cooperation from every staff member who works with Zora Communications ltd systems. Everyone must take precautions to ensure they use systems appropriately and do not, deliberately or inadvertently, perform damaging or illegal actions.
  • This policy does not intend to curb or hinder reasonable use of Zora Communications ltd systems.

Scope

  • This policy applies to all Zora Communications ltd employees, contractors, consultants, temporary, and other workers that interact with Zora Communications ltd systems. All such individuals are responsible for exercising good judgment to appropriately use electronic devices, data, and network resources in accordance with policies and standards, and local laws and regulation. This policy applies to the use of
  • Any company-issued electronic, computing, storage, or network device
  • Any company owned systems on Internet / Intranet, including but not limited to servers, software, operating systems, storage, network accounts
  • Any company administered accounts with third party services providing email, storage, infrastructure, software, data, APIs, business systems etc, irrespective of whether such accounts are accessed via devices owned/leased by the company, the staff member or a third party

Breach of Policy

  • Zora Communications ltd staff are encouraged to separate work activities from personal activities as much as possible. Zora Communications ltd staff are not to use company-issued devices for personal use, because those devices do not belong to you. Specifically:
  • Company administrators may have access to staff data when they are trying to repair/debug/troubleshoot our systems.
  • Terminated employees' devices can be transferred to another employee, which may give them access to the terminated employees' data.
  • In a scenario where the company is defending itself in a court of law, data on all company-issued devices are potentially accessible to opposing counsel.
  • If case of a breach, outside investigators will likely inspect all use of an account and/or device.
  • To summarize, company-issued devices and accounts are not your personal property, and as a result, we strongly recommend limiting their use for personal reasons as much as possible.
  • Security and Proprietary Information
  • All classified or proprietary data stored on computing and storage devices, whether owned or leased by Zora Communication ltd, the employee or a third party, remains the sole property of Zora Communication ltd. You must ensure that all classified or proprietary data is handled and protected in accordance with the Data Classification Policy.
  • You are required to promptly report the theft, loss, or unauthorized disclosure of any classified/proprietary data.
  • You may access, use, or share classified/proprietary information only to the extent it is authorized and necessary to perform your job responsibilities.
  • Staff members are responsible for exercising good judgment when using Zora Communication ltd systems for reasonable personal use. If there is any uncertainty, staff should consult their Team-lead or manager.
  • Zora Communication ltd reserves the right to audit any system at any time to ensure compliance with this policy. Authorized individuals within Zora Communication ltd may monitor equipment, systems, and networks at any time.

Unacceptable Use

  • Staff members may not use Zora Communication ltd-managed resources for activities that are illegal or prohibited under applicable law, no matter the circumstances. Unacceptable System and Network Activities Prohibited system and network activities include, but are not limited to, the following:
  • Company administrators may have access to staff data when they are trying to repair/debug/troubleshoot our systems.
  • Terminated employees' devices can be transferred to another employees, which may give them access to the terminated employees' data.
  • In a scenario where the company is defending itself in a court of law, data on all company-issued devices are potentially accessible to opposing counsel.
  • If case of a breach, outside investigators will likely inspect all use of an account and/or device.
  • To summarize, company-issued devices and accounts are not your personal property, and as a result, we strongly recommend limiting their use for personal reasons as much as possible.
  • All classified or proprietary data stored on computing and storage devices, whether owned or leased by Zora Communication ltd, the employee or a third party, remains the sole property of Zora Communication ltd. You must ensure that all classified or proprietary data is handled and protected in accordance with the Data Classification Policy.
  • You are required to promptly report the theft, loss, or unauthorized disclosure of any classified/proprietary data.
  • You may access, use or share classified/proprietary information only to the extent it is authorized and necessary to perform your job responsibilities.
  • Staff members are responsible for exercising good judgment when using Zora Communication ltd systems for reasonable personal use. If there is any uncertainty, staff should consult their team lead or manager.
  • Zora Communication ltd reserves the right to audit any system at any time to ensure compliance with this policy. Authorized individuals within Zora Communication ltd may monitor equipment, systems, and networks at any time.
  • Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property, or similar laws or regulations. Unauthorized copying, distribution, or use of copyrighted material.
  • Exporting software, technical information, encryption software, or technology in violation of international or national export control laws.
  • Intentional introduction of malicious programs into Zora Communication ltd networks or any Zora Communication ltd-managed computing device.
  • Intentional misuse of any Zora Communications ltd-managed computing device or Zora Communication ltd networks (e.g., for cryptocurrency mining, botnet control, etc.).
  • Sharing your credentials for any Zora Communication ltd-managed computer or 3rd party service that Zora Communications ltd uses with others or allowing use of your account or a Zora Communications ltd-managed computer by others. This prohibition does not apply to single-sign-on or similar technologies, the use of which is approved.
  • Using a Zora Communications ltd computing asset to procure or transmit material that is in violation of sexual harassment policies or that creates a hostile workplace.
  • Making fraudulent offers of products, items, or services originating from any Zora Communications ltd account.
  • Intentionally accessing data or logging into a computer or account that the team member or contractor is not authorized to access, or disrupting network communication, computer processing, or access.
  • Executing any form of network monitoring that intercepts data not intended for the team member's or contractor's computer, except when troubleshooting networking issues for the benefit of Zora Communications ltd.
  • Circumventing user authentication or security of any computer host, network, or account used by Zora Communication ltd.
  • Tunnelling between network segments or security zones (e.g., gprd, gstg, ops, ci), except when troubleshooting issues for the benefit of Zora Communications ltd.

Unacceptable Email and Communication Activities

  • Forwarding of confidential business emails or documents to personal external email addresses. Note: Zora Communications ltd may retrieve messages from archives and servers without prior notice if Zora Communications ltd has sufficient reason to do so. If deemed necessary, this investigation will be conducted with the knowledge and approval of the Security, People Business Partners, and Legal Departments.

Return of Zora Communications Ltd - Owned Assets

  • All Zora Communications ltd-owned computing resources must be returned upon separation from the company.

Non - Compliance

  • Compliance with this policy will be verified through various methods, including but not limited to, automated reporting, audits, and feedback to the policy owner.
  • Any staff member found to be in violation of this policy may be subject to disciplinary action, up to and including termination of employment, or contractual agreement. The action will depend on the extent, intent, and repercussions of the specific violation(s).