Stokers A5 Handbook Policies APR24

IT, SOCIAL MEDIA & DEVICES POLICY

INTRODUCTION Stokers’ IT and electronic communications systems are intended to promote effective communication and working practices within the organisation. This policy outlines the standards that all employees must observe when using these systems, the circumstances in which Stokers will monitor employee use of these systems, and the action that will be taken in respect of breaches of the standards set out in the policy. POLICY This policy covers all employees, officers, consultants, contractors, volunteers, interns, casual workers, agency workers and anyone else who has access to Stokers’ IT and electronic communication systems. It is a policy document and therefore does not form part of any employee’s contract of employment. Stokers may amend this policy at any time. GENERAL PRINCIPLES Misuse of Stokers’ IT and electronic communication systems can critically damage the business and its reputation. Therefore, any breach of this policy will be treated as a misconduct issue and, in the case of employees, may result in action under the Disciplinary Policy. All employees are responsible for the security of the equipment allocated to them or used by them for work purposes. Employees must not allow such equipment to be used by anyone else, other than in accordance with this policy. Employees must lock their computer terminal or log off when leaving it unattended, in order to prevent unauthorised users accessing the systems in their absence. Anyone who is not authorised to access Company systems should only be allowed to use terminals under supervision. Desktop PCs and cabling for telephones or computer equipment should not be moved or tampered with. Employees should not delete, destroy or modify existing systems, programs, information or data (except as authorised in the proper performance of their duties). Employees must not download or install software from external sources without authorisation from the IT department. Incoming files and data should always be virus-checked before they are downloaded. If in doubt, employees should seek advice from the IT department. Employees must not watch or record live TV programmes on any channel or download to watch BBC programmes on iPlayer on any device plugged into the mains due to premises licencing laws.

Employees must not attach any device or equipment to Stokers’ systems without prior authorisation. This includes any USB flash drive, MP3 or similar device, PDA or telephone, whether connected via the USB port, Bluetooth, WiFi, infra-red connection port or in any other way. Passwords All IT and electronic communications equipment used by employees for work purposes (such as computers, laptops, tablet computers, smart phones and mobile phones, etc.) should be password-protected. Employees must keep their passwords confidential and change them regularly. Any devices with bio-metric security (fingerprint technology) enabled must ensure it is utilised. Employees must not use other people’s user names and/or passwords, or make available or allow anyone else to log on using their details unless authorised by their manager. All passwords must be handed over when an employee leaves the business, and any equipment, keys or cards must be returned. This is especially important when using the HR system. Where employees have been issued with a laptop, tablet computer or any other mobile device, they must ensure that it is kept secure at all times and especially when travelling. Passwords must always be used to secure access to data kept on such equipment to ensure that Stokers’ confidential information is protected in the event of loss or theft. Automatic locks should be used if the function is available. Employees should also be aware that when using equipment away from the workplace, documents may be read by third parties, for example, passengers on public transport. Emails and quick messaging Although email and quick messaging are vital business tools, employees should always consider if it is the appropriate method for a particular communication. Correspondence with third parties should be written as professionally as a letter. Messages should be concise and directed only to relevant individuals. Stokers’ standard disclaimer should always be included. Copies of emails should be stored appropriately for future reference. Employees should access emails regularly during the working day and endeavour to stay in touch by remote access when travelling in connection with Stokers’ business. Employees must never send abusive, obscene, discriminatory, racist, harassing, derogatory, defamatory, or otherwise inappropriate emails. Any employee who feels that they have been harassed or bullied, or are offended by

74