20181119 BS EDITED TechStream Handbook WIP

More documents

Recommendations

Info

3.3.6 Email security • Email is often the medium of hacker attacks, confidentiality breaches, viruses and other malware. These issues can compromise our reputation, legality and security of our equipment. • Employees must: o Select strong passwords with at least eight characters (capital and lower-case letters, symbols and numbers) without using personal information (e.g. birthdays.) o Remember passwords instead of writing them down and keep them secret. o Change their email password every 2 months. • Also, employees should always be vigilant to catch emails that carry malware or phishing attempts. We instruct employees to: o Avoid opening attachments and clicking on links when content is not adequately explained (e.g. “Watch this video, it’s amazing.”) o Be suspicious of clickbait titles. o Check email and names of unknown senders to ensure they are legitimate. o Look for inconsistencies or style red flags (e.g. grammar mistakes, capital letters, excessive number of exclamation marks.) • If an employee isn’t sure that an email they received is safe, they can ask our Security Specialists. • We remind our employees to keep their anti-malware programs updated. • Mimecast will be utilised to further improve and ensure our emails are safe from being hacked, phishing, spam, spoof and add security to emails coming in and going out. 3.3.7 Database Policy • Information collated by past and current employees of the Company in the course of their employment is stored on the Company's database. The database is the product of a significant investment in time, money and expertise by the Company. Confidential Information that the Employee brings to the business or acquires during his Employment will also be input into the database. The data stored on the database is proprietary and is Confidential Information belonging to the Company in which it has a legitimate business interest and which it is entitled to protect. The Company's rights in the contents of the database and the database itself are protected by copyright, contract, common law and the Copyright and Rights in Databases Regulations 1997. Further, the Company is a registered data controller under the Data Protection Laws. It therefore has an on-going obligation to ensure the security and accuracy of the information contained on the database. • The Employee agrees and acknowledges that the contents of this database may not be used for any purpose other than proper Company business. The Employee is prohibited from making a copy of the database either in hard or soft copy form or to transfer any part of the database onto any other electronic media including personal devices. No part of the database should be removed from the Company's premises either in hard or soft copy form. Any breach of these prohibitions or any other form of misuse will result in disciplinary action up to and including dismissal. If the Employee needs to remove any details from the database for use outside the Company premises save for names and a contact telephone number for a specific and legitimate business purpose, then this should be approved by a Managing Partner. If the Employee has any queries in relation to the use of the database, these should be directed to his manager. TechStream Global Limited, Annexe A, Long Kloof Studios, Darters Road, Gardens, Cape Town, South Africa, 8001 Tel: +27 (0) 21 422 0851 W: www.TechStreamglobal.com Prod 03/2017. Page | 40
o o o The Employee agrees that at the end of his employment, along with all other Confidential Information, if for any reason whatsoever he has any copies or extracts of the database in either hard copy or soft copy form, these should be returned to the Company and the Employee will not make or keep any copies. If the Employee has reason to believe that any other employee has breached this clause 36 he must report it to the Managing Director. Failure to report a suspected breach will result in disciplinary action against the Employee. The Employee will comply at all times with the relevant Company policies including but not limited to the Company’s Data Protection Policy and Data Protection Procedure and the IT Policy. 3.3.8 Email Encryption • Emails that contain sensitive data in the body of the email (bank details, National Insurance numbers) will not be able to be forwarded, copied or saved unless the user is authorised to do so • Mimecast will encrypt all outgoing mail and add extra security to emails containing special category data. This means it is converted from readable plain text into scrambled cipher text. The recipient will need a private key to encrypt this message. Users will be informed if they need to send encrypted emails – but as a default any information that contains sensitive data or financial data will need to be encrypted. Deleted: mail, and 3.3.9 Use of the Internet • When a website is visited, devices such as cookies, tags or web beacons may be employed to enable the site owner to identify and monitor visitors. If the website with inappropriate material has been accessed, downloaded, stored or forwarded from the website, such actions amount to a criminal offence if, for example, the material is pornographic in nature. • Staff should therefore not access any web page or any files (whether documents, images or other) downloaded from the internet which could, in any way, be regarded as illegal, offensive, in bad taste or immoral. As a general rule, if any person (whether intended to view the page or not) might be offended by the contents of a page, or if the fact that our software has accessed the page or file might be a source of embarrassment if made public, then viewing it will be a breach of our Electronic Information and Communications Systems Policy. • Our employees are advised to use our company’s internet connection for the following reasons: o o o To complete their job duties. To seek out information that they can use to improve their work. To access their social media accounts, while conforming to our social media policy. • We don’t want to restrict our employees’ access to websites of their choice, but we expect our employees to exercise good judgement and remain productive at work while using the internet. • Any use of our network and connection must follow our confidentiality and data protection policy. • Employees should: TechStream Global Limited, Annexe A, Long Kloof Studios, Darters Road, Gardens, Cape Town, South Africa, 8001 Tel: +27 (0) 21 422 0851 W: www.TechStreamglobal.com Prod 03/2017. Page | 41
Page 1 and 2: Company Handbook Your guide to work
Page 3 and 4: Introduction I am pleased to welcom
Page 5 and 6: The employee should not book or pay
Page 7 and 8: A trigger is the total number of da
Page 9 and 10: 1.6 Maternity Leave 1.6.1 Introduci
Page 11 and 12: 1.6.8 Contractual Benefits You will
Page 13 and 14: 1.8.3 Considering a request for fle
Page 15 and 16: 1.12 Time off for Public Duties The
Page 17 and 18: Working at or from home may affect
Page 19 and 20: Section 2 - Performance, Discipline
Page 21 and 22: The form shall be signed by the man
Page 23 and 24: 2.1.7.3 Noice to Amend a Disciplina
Page 25 and 26: 2.1.7.8 The decision to dismiss The
Page 27 and 28: 2.2.4 In general the PIP is as foll
Page 29 and 30: The chairperson of the grievance he
Page 31 and 32: 2.3.8 Time limits The following sch
Page 33 and 34: DESCRIPTION OF OFFENCE Willful loss
Page 35 and 36: DESCRIPTION OF OFFENCE Transport of
Page 37 and 38: 3.3 Electronic Information and Comm
Page 39: • Staff should not send abusive,
Page 43 and 44: • All employees are obliged to pr
Page 45 and 46: to restrict or prevent access to ce
Page 47 and 48: TechStream network; covers all empl
Page 49 and 50: any drugs or alcohol at the workpla
Page 51 and 52: Mandatory Drug Testing Where client
Page 53 and 54: 3.8 Anti-Bribery & Corruption Polic
Page 55 and 56: (d) accept a gift or hospitality fr
Page 57 and 58: Management at all levels are respon

20181119 BS EDITED TechStream Handbook WIP

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?