Views:

Purpose

The purpose of this policy is to clearly establish NextLabs’ position and expectations regarding acceptable equipment and configuration for laptop and desktop computers, as well as virtual machines (ie, virtual machines that are created by any Virtualization Technologies), which are connected to NextLabs’ network.   All such systems which are connected to the NextLabs network by any means, including via remote users or branch office users are referred to as “Machines” for purposes of this policy. Where the term "equipment" is used in this policy, it is referring to both "capital equipment" and "noncapital equipment". When referring to "capital equipment" or "noncapital equipment" exclusively, the more specific term is used. 
 

Scope

This policy applies to employees, contractors, consultants, temporaries, and other workers at NextLabs, including all personnel affiliated with third parties (collectively referred to as “Users”). This policy applies to all equipment including Machines that is owned or leased by NextLabs.

Policy

All regular employees, part-time employees, temporary employees, interns & contractors (collectively referred to as “Users”) working on-site at a NextLabs office and/or connected to NextLabs’ network must use NextLabs-owned standard Machines or with advanced IT registration. Without advanced registration, personal Machines cannot be used for NextLabs business purposes nor connected to NextLabs’ network; however, depending on the particular situation, partners and contractors accessing NextLabs’ network remotely may use their own Machines and/or have limited access based on their particular needs and with advance IT approval. (Please do refer here on the Personal Laptop Security Policy In general, unless IT has approved otherwise, if personal Machines are found connected to NextLabs’ network, the user will be required to replace the Machine with NextLabs standard Machines, or access to the network will be removed.

All Users must adhere to the following guidelines and responsibilities for these checkout equipment until it is completed returned and signoff by IT Personnel:
  • Users may not disable, circumvent, add to or modify the standard Machine configuration unless approved in advance by IT.  Only IT personnel are authorized to install and maintain a standard configuration Machine or equipment.
  • Users may not alter or add to related computer equipment (ie expanded memory, extra circuit boards, etc) in any way without the prior approval of IT.
  • Email and other computer files provided by the company are to be used for business purposes only.
  • No employee may add unauthorized or pirated software or files to any machine owned by the business.
  • Use of computer facilities for personal reasons is strictly prohibited (or, personal use may be permitted subject to approval).
  • Employees may not use computer files or software brought from home or other sources on the business computer (to avoid viruses).
  • The company reserves the right to enter, search, and monitor the computer files or email of any employee, without advance notice, for business purposes such as investigating theft, disclosure of confidential business or proprietary information, or personal abuse of the system, or monitoring work flow or productivity.
  • Software or other business information on the computer should not be copied and taken from the business premises without permission.
  • It is the users’s full responsibility and fiscal liability for all costs associated with damage to the laptop computer or its associated peripheral equipment or its replacement costs should it be lost or stolen.

In addition, with regard to security, Users must:

·         Lock their Machine (through a password-protected screen saver or Windows command) while away from their Machine (please also refer to the Password Policy).

·         Use proper care in handling Company-owned equipment and should never leave laptops in their cars or either locations having a high risk of theft.

·         Immediately report any damage, theft or loss of a Company-owned Machine and/or data to IT.

All, Machines must:

·         Employ disk based encryption to meet Bitlocker or another industry equivalent disk encryption solution

·         Contain the most current version of the corporate standard anti-virus and desktop security software.

·         Have all IT-required patches installed.

·         Be joined to NextLabs’ corporate domain infrastructure.

·         With respect to business critical information, be periodically backed up to the appropriate NextLabs backup system (please refer to  the Backup Policy)

Auto-discovery license management software is used to remotely determine which software packages are resident on worker PC hard disks is this true.  Unapproved software may be removed without advance notice.

Audits will be performed on a regular basis by IT.  Any User found to have violated this policy may be subject to disciplinary action.

 

 

Effective Date: October 1, 2007

Last revision: April 24th, 2019
Keywords: policy