VIEWS: 3 PAGES: 14 POSTED ON: 9/12/2012
MARKETFARE FOODS TABLE OF CONTENTS SECTION # INFORMATION SYSTEM POLICIES IS1 COMPUTER/NETWORK USAGE IS2 ELECTRONIC MAIL IS3 COMPUTER HARDWARE & SOFTWARE ACQUISITION SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 1 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc COMPUTER/NETWORK USAGE PURPOSE This policy defines standards for associate use of the Local and Wide Area Networks, Computer Systems, E-mail Services and Internet Connections. These standards are intended to insure compatibility, standardization and high levels of security for internal networks, computing systems and data, and to set forth conditions for personal use. Users are responsible for complying fully with this policy as stated, but MarketFare Foods reserves the right to modify this policy at any time, with or without prior notification. Violations could be the basis for associate discipline or discharge. POLICY A). COMPANY COMPUTER NETWORK MarketFare Foods computer network is the gateway to our company computer folders, files, printers, email, and access to the Internet and company Intranet. Access to the network is gained through a network connection. Login ID: A Login ID is your unique name or account on the network. The Login ID is given limited permissions to access certain network folders, files, printers, etc. to perform daily business operations. Transactions on the network are traceable and may be linked back to your Login ID - i.e.: YOU. You are responsible for all transactions on the network that occur with your Login ID. There is to be no unauthorized use of a computer account, to help provide protection: Never share your Login ID or computer (while you are logged in). LOG OUT when you leave your computer at the end of the day! Lock your workstation when leaving your desk, for short periods. Press CTRL+ALT+DEL simultaneously and then select Lock Computer. Passwords: Everyone who has a Login ID has an associated Password. Passwords are to remain secret, do not share your password with anyone! Passwords are put in place to keep your Login ID secure. Password characters should always contain a combination of symbols, lower and uppercase letters, or digits to make them hard to decipher. Passwords are to be changed periodically to ensure security. The system will prompt you when a change is required. Otherwise, change your password periodically to ensure security. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 2 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc Do not write down your password. Virus Security: Computer viruses appear in the world daily. Virus Checking Software is always behind and should not be considered a 100% level of protection. Some rules to help protect the integrity of our data: Never download a file or install a program from an on-line source (i.e.: America On-line, CompuServe, MSN, or any other Internet site)! Always check floppy disks for virus whether received from inside or outside the company. Never open e-mail attachments that you are not expecting or come from an unknown source. Users will not disable or hamper the operation of Anti-Virus Software or Firewall software install on local computers, laptop computers, Servers or handheld devices. Virtual Private Network Usage and Remote Access: Users that have been authorized to access e-mail and/or systems remotely will have MarketFare Foods, Inc corporate licensed ant-virus software installed. Users accessing remote e-mail and systems will adhere to these policies in the same manner as if they were logged on within MarketFare offices. VPN Password are to remain secret and shall never be disclosed to anyone. Remote e-mail and systems access is based on Internet protocols and routing, which may at times be unreliable and are out of MarketFare Foods control. MarketFare Foods will do every thing in its power to ensure availability but cannot guarantee service levels. Remote users are responsible for backing up their computer. Backups can be made either to CD-RW, Zip Disk, Floppy Disk or other means of backup the user feels is appropriate for their needs. MarketFare Foods owned remote access equipment, including; laptops, handheld devices, remote access networking equipment or any other MarketFare Foods hardware will not be connected to any unauthorized network for purposes of sharing data, applications or files not belonging to MarketFare Foods. Software installed on MarketFare Foods remote access computers may not be uninstalled from the computer without authorization. Nor can it be copied, modified, archived, or installed to any computer not owned by MarketFare Foods, Inc. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 3 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc Users of MarketFare Foods, Inc owned remote access computers may not install software that is not owned by MarketFare Foods and has not been authorized for installation. Data Storage And Backup: Each user is provided a network folder for document storage; files should be stored here, not on your local computer. E-mailing files to your home computer is not authorized without proper authorization. Workstations are not backed up. If you store files on your local computer (c: drive) there will be no method of recovery incase of drive or system failure. Network drives are backed up each night. In case of a network drive failure your data will be restored from the most recent nightly backup. Common/shared storage areas are accessible to all users; confidential data must not be stored in these folders. The IS Manager can configure a shared folder for your department to share departmental data. Department shared folders typically have security set to restrict access to specific users. SharedAccess Storage Folder SharedAccess is a common file and document storage location accessabe to all users on the MarketFare Foods, Inc Network. There is no security specified on SharedAccess or folders and files located within SharedAccess. Documents saved in SharedAccess may be viewed, changed, deleted and printed by any user logged on the network. Guidelines to adhere to when using saving files to SharedAccess are as follows: Do not save any of the following in SharedAccess o Proprietary and/or confidential business o Confidential employee information (SS Numbers, Pay Rates, Etc..) o Product Recipes and/or Specifications o Company financial information o Department budget information o Competitive information If you think the information is confidential it probably is, ask your supervisor SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 4 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc SharedAccess Policy If the IS Department finds information it feels is proprietary or confidential it will be deleted or moved based on the following guidelines: Confidential employee information (SS Numbers, Pay Rates, etc..) will be deleted without notice and will not be recoverable. Confidential and Proprietary business information will be moved to a secured network location and will be saved for 72 hours. Confidential financial information will be moved to a secure location and will be saved for a period of 72 hours. After the 72-hour period has lapsed the information will be permanently deleted without possibility of recovery. This policy is subject to change without notice Technology Operations Purchasing : To gain the most value for our spending, all Technology purchases (computer hardware, software, peripherals, etc.) must be approved by the IS Manager. The Accounting department will deny Expense Reports or invoices submitted for reimbursement of technology purchases made by individual associates. This includes purchases made via the Internet (E-Commerce). All Purchases must be made according to MarketFare Foods Computer Hardware and Software Acquisition Policies. Formatted: Bullets and Numbering Purchases made for emergency repairs to laptops computers will be reimbursed based on corporate expense policies when authorized by the IS Manager. Restrictions: The following activities are not permitted: Connecting unauthorized and/or personal equipment to the MarketFare Foods network. (The IS Manager is to provide all authorization for equipment attached to any portion of the network). Installation of peripherals (USB devices, mice, scanners, external drives, had held PDAs, etc.) not owned by the Company. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 5 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc Unauthorized attempts to circumvent data protection schemes or uncover security loop holes. This includes creating and/or running programs that are designed to identify security loopholes and/or decrypt intentionally secure data. Associating unapproved domain names with a MarketFare Foods owned IP address. This means using a DNS name or IP address in an inappropriate manner, but isn’t limited to just this usage. Knowingly or carelessly running or installing software on any computer system or network, or giving to another user a program intended to damage or to place excessive load on a computer system or network. This includes, but is not limited to, programs known as computer viruses, Trojan Horses, and worms. Using MarketFare Foods resources for commercial and personal activity such as creating products or services for sale not related to the Company’s core business. Displaying racial, religious, obscene, lewd, sexually harassing or any items that may be offending to others. Attempting to monitor or tamper with another user's electronic communications, or reading, copying, changing, or deleting another user's files or software without the explicit agreement of the owner. Downloading from the Internet or removable media (ie: diskette, CD_ROM, ZIP or JAZZ disks) and / or the installation of any software that is not the property of and licensed to MarketFare Foods or installing software without express permission of the IS Manager. Installation of software that encrypts or hides data on computer systems. B). INTERNET ACCESS AND USAGE Internet access includes and is not limited to electronic mail transmission, web based services, web browsing, file transfer services (FTP and HTTP), terminal access services (Telnet), internet relay chat (IRC), instant messaging (IM) and Usenet newsgroups. The following applies to all users of MarketFare Foods networks: Electronic communications via the Internet and Internet-provided services shall be used principally for business. Incidental and occasional personal use by associates shall not interfere with access for business purposes, and personal use shall be treated the same as business use; i.e., subject to this policy and all other applicable company policies. Network and computing resources shall not be used to establish or maintain associate personal web sites or any other business web sites. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 6 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc Any electronic communication received or originated on MarketFare Foods equipment, access or network, including Internet services, is the exclusive property of the company. MarketFare Foods has the right to store, monitor, access, read, delete and disclose the contents of any such electronic communication. Users must conduct themselves professionally on the Internet. This conduct includes, but is not limited to, avoiding use of material with a sexual content, profane or vulgar language, racial or ethnic slurs or other similarly offensive contents. All associates are required to report promptly any suspected security breach concerning internal networks, computing systems or data to the appropriate management. Information on the company Intranet site should be considered confidential and should not be shared with persons not employed by MarketFare Foods. Restrictions : Associates may not access or attempt to access Web sites dealing with criminal activities, drugs, hate speech, sex, fantasy sports, gambling or other offensive subjects that have no business use. Sensitive or confidential data must not be transmitted unless the material is protected by company-approved encryption techniques. Users must not attempt to use illegal techniques to gain unauthorized access to Internet services, Web sites or databases inside or outside MarketFare Foods. On-line services (such as America Online, CompuServe, Prodigy, etc. or any fee-based Internet service) must not be accessed by an associate through Company equipment or network. The cost of such service must be paid for by the associate. In order to reduce Internet bandwidth usage and preserve data storage space users may not download files such as MP3’s and shareware. Users may not download files and / or applications from Internet web sites or install applications sent to them via e-mail. This includes programs and Internet Browser enhancements. No separate modem connections direct to the Internet are permitted in the workplace. C.) FILE SHARING POLICY Perhaps you have heard of file sharing applications such as Napster, Gnutella, Scour Exchange, etc. These applications allow people from around the world to share MP3 and other multimedia files between their personal computers. When a file is shared, it is transferred from one person’s computer to another's. This transfer process is designed to use as much network bandwidth as it SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 7 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc can in order to decrease the time the transfer takes from start to end. Now is a good time to review the corporate policy on Computer Network Usage. Specifically under restrictions "...Knowingly or carelessly running or installing on any computer system or network, or giving to another user a program intended to damage or to place excessive load on a computer system or network..." File sharing applications and their web-based interfaces place an excessive load on our network bandwidth, bandwidth that the company pays for and is used for Business applications. All file sharing programs, including but not limited to Napster, Gnutella, and Scour, are NOT to be used on the company network or company PCs. MarketFare Foods has taken steps to protect our corporate assets including, but not limited to, restricting access to certain software applications, websites, filtering of network ports and protocols, as well as e-mail alerts if one of these applications is detected. The IS Manager will remove any of the applications if they receive an alert or if they come across it during routine maintenance. If you do currently have one of these types of applications please take the time to uninstall it now. If you have any questions or concerns or require assistance in removing an application, please feel free to contact the IS Manager via email. D.) HANDHELD USAGE AND SUPPORT This policy intends to define standards for associate use of handheld computing devices or PDAs (Personal Digital Assistants) on the network. These standards are intended to ensure a common platform that will allow cross platform functionality as well as the ability to support these devices. MarketFare Foods does not have the resources to support every type of handheld device available or internal applications of these devices. The IS Manager will make its best effort in good faith to accommodate users of these devices. The Following Standards Will Apply To All Users Of MarketFare Foods Networks: Support will be provided to devices based on the BlackBerry OS. This shall include, but is not limited to, devices manufactured by , Handspring,BlackBerry. Devices based on other OS' such as Windows CE will not be supported. Devices with proprietary systems, including but not limited to, Zaurus, Wizard, etc. will not be supported. Installation of a synchronization cradle on the user's primary workstation will be supported as follows: Windows 2000 workstations will be connected via a serial cable or the computers USB Port and the installed operating system USB Port. Standard-issue equipment has an available serial port. MarketFare Foods will not purchase or install additional I/O cards to make ports available if a user has attached other devices to their serial ports. PDAs and Synchronization software will not be installed on Thin Client Computers (Winterms). PDAs not owned by MarketFare Foods, Inc. will not be installed. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS1 May 8, 2002 8 th POLICIES MANUAL Modified Feb, 10 , 2006 POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc Other synchronization methods will not be supported including but not limited to "IR synch", "IP synch", wireless access etc. The IS Manager will setup a conduit to synchronize a hand held device to the user's corporate email account. This is to include messages, contacts, and calendar data, using the standard BlackBerry Desktop synchronization application and Outlook conduit. The IS Manager will configure the BlackBerry PDA to send and receive the user’s e-mail via the corporate BlackBerry Enterprise Server. END USER RESPONSIBILITIES Hand held hardware will should be covered under the warranty provided by the manufacturer. There is no guaranty of replacement times incase of PDA failure or synchronization software failure. It will be the end user's responsibility to synchronize data stored on the PDA. Sshould there be any hardware malfunction or problems, PDA data recovery and backups will not be performed by the IS Manager. Education on how to use devices properly will be the responsibility of the end user. Security on a hand held devices is not comparable to that available on the corporate LAN. End users accept the knowledge that data transferred to their PDA is at a security risk should their device become lost or stolen. The respective manufacturers will support built-in applications and any third party applications loaded to the BlackBerry synchronization software. End users will not seek support of these applications from the IS Manager. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS2 May 8, 2002 1 POLICIES MANUAL POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc ELECTRONIC MAIL PURPOSE To define MarketFare Foods policy with regard to use, retention and disclosure of electronic mail messages sent or received by Company associates (or other authorized individuals) using any electronic mail system made available or accessible by the Company. The policy and its requirements are extremely important and protect vital company assets and interests. SCOPE This policy applies to all associates of MarketFare Foods and all other authorized users of the electronic mail and messaging infrastructure made available by the Company, including Internet, Intranet and on- line access provider systems. Users are responsible for complying fully with this policy as stated, but MarketFare Foods reserves the right to modify this policy at any time, with or without prior notification. Violations could be the basis for associate discipline or discharge. GENERAL POLICY Electronic mail, including Internet access, is provided to associates as a business communication tool, for appropriate internal and external business uses. The e-mail system (the "System") is owned solely by the Company and information in the System will be treated just like other company business records, files, electronic records, documents, materials and equipment. Prohibited and discouraged uses of email are detailed in this policy. Associates cannot disclaim responsibility for failure to adhere to these restrictions. Users must take particular care not to disseminate confidential Company information to unauthorized users. Use for the communication of personal, private or confidential information is not appropriate. The System should not be used as a storage facility for documents requiring an audit trail or for production files. Incidental or occasional personal use of the System is subject to the same policies and procedures set out in this Policy. Formatted: Bullets and Numbering E-mail may be automatically removed from the systems after a 45 day retention period. Users should not give out their e-mail address to receive non-business related e-mail, commercial e- mail or subscribe to non-business related e-mail lists A) Authorized Uses of Electronic Mail: SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS2 May 8, 2002 2 POLICIES MANUAL POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc All associates with a legitimate business purpose may use e-mail, maintaining a separate "mailbox" address for the sending and receipt of messages. 1. Associates must ensure messages for only Company associates are not sent to outsiders. 2. System users should secure access to their mailboxes using passwords and other security devices and should not leave the System on and available to unauthorized users. 3. Associates may not reveal the internal e-mail name and password of Company e-mail users to anyone outside the Company, including people who request such information over the telephone and seem to have a legitimate reason for asking. All such requests must be referred to the IS Manager or Business Manager for a response. 4. Extreme care must be taken in both system configuration and content of communications to not expose the company to risk of a security breach, harassment, or sabotage. B) Prohibited Uses of e-mail System Include: Sending copies of documents in violation of copyright laws or licensing agreements; Sending messages prohibited or restricted by government security laws or regulations; Sending confidential or proprietary information or data to persons not authorized to receive it, either within or outside the Company; Content that may constitute sexual harassment or be considered discriminatory, obscene, derogatory or excessively personal, whether intended to be serious or humorous; Sending chain letters Illegal activity Harassment Exchanging sensitive information related to possible or actual litigation. Personal commercial activities Promotion of political positions or actions Solicitation of any type, except for company-sanctioned activities Forging the identity of a user or machine in an electronic communication Formatted: Bullets and Numbering Sending or forwarding junk mail, ie: jokes, unsolicited commercial e-mail and spam Sending known viruses, Trojan horses or other malicious software Transferring of application software between computers Contact IS Manager or Human Resources for any clarification on any of these prohibited uses. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS2 May 8, 2002 3 POLICIES MANUAL POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc C) Discouraged Uses of Electronic Mail: The company discourages the use of electronic mail for discussion of matters involving potential or actual legal disputes. Requests for legal advice from the legal counsel should be made either by telephone or by memorandum marked "attorney client privileged" and delivered by a secure means (e.g. "confidential" sealed envelope). D) Privacy/Access to Electronic Mail: MarketFare Foods maydoes not intend to routinely monitor the contents of electronic mail messages. However, users should expect that electronic mail messages might be accessed and disclosed by authorized supervisors or the IS Manager with or without the permission of the associate. Therefore, associates should have no personal expectation that their electronic mail messages are private. Because e-mail messages deleted by the user may still be present, either in another person's mailbox, or on a file server or back-up file of a user, care must be taken to ensure the accuracy and professionalism of all e-mail communications. Electronic mail messages must be able to withstand scrutiny without causing embarrassment to the Company, its associates or customers. However, no other associates may monitor or access e-mail messages of another user. Any requests for access to the contents of e-mail in order to respond to legal process, such as subpoenas, or for purposes of representing the Company in connection with any actual or threatened litigation, investigation or claim must be brought to the immediate attention of the President. Unauthorized access of e-mail messages is a serious violation of Company policy and grounds for dismissal E) Responsibilities: All associates must ensure that they have management authorization to use the System and are responsible for their compliance with this policy. Associates should notify the IS Manager or HR Department of any violations of this Policy. 1.) Business Managers and Department Heads are responsible for: a.) ensuring that their staff understand this policy and for monitoring usage within their organization; b.) ensuring that access privileges are terminated when appropriate in cases of transfer, termination or changes of assignment; and c.) cooperating with and providing resources for investigations of system use and misuse. 2.) The IS Manager will be responsible for: a.) maintaining system service levels in accordance with business requirements, SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS2 May 8, 2002 4 POLICIES MANUAL POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc b.) operating the system infrastructure, including message and back-up tape retention and destruction, c.) compiling and maintaining a list of the associates that use e-mail, and for ensuring compliance with this policy. The IS Manager and Human Resources will be jointly responsible for communicating, updating and interpreting this policy. F). Other Company Policies: All MarketFare Foods policies -- including but not limited to policies concerning copyright, confidentiality, document retention, harassment and compliance with equal employment laws -- apply to the use of electronic mail. G) Disclaimers Please be aware of the following when using e-mail: E-mail messages can be misdirected by the sender or by an error in the message routing process. Internet and Intranet e-mail relies on public networks that are outside Company control. Service levels and confidentiality cannot be guaranteed E-mail messages and attachments may not be delivered in their original or intended state or format, and may sometimes be inaccessible to the recipient Service interruptions and system errors can delay or cause loss of e-mail messages. Once sent, e-mail messages cannot be retrieved or removed from a recipient's mailbox. SECTION DATE ISSUED Page ACCOUNTING AND FINANCIAL REPORTING IS3 May 8, 2002 1 POLICIES MANUAL POLICY COMPANY REFERENCE PROCEDURES MarketFare Foods, Inc COMPUTER HARDWARE AND SOFTWARE ACQUISITION POLICY Users are responsible for complying fully with this policy as stated, but MarketFare Foods reserves the right to modify this policy at any time, with or without prior notification. Violations could be the basis for associate discipline or discharge. All orders must follow the appropriate approval process. New computer equipment or software must be approved, ordered and installed only by the IS Manager who will ensure compatibility with existing systems, verify licensing and current ownership. Providing the software and / or hardware is compatible with existing systems and MarketFare Foods does not currently own the requested item, the order will be processed and delivered directly to the IS Manager. The IS Manager will install and test the items and deliver the items to the requestor or requesting department. In order to maintain software license agreements, software media will remain in the software library and will not be released to end-users. Documentation will remain in the software library and may be checked out by managers and above for a limited time. Software and hardware acquisition may take up to twenty-one (21) business days and should be planned accordingly. Requests should be received by the IS Manager twenty-one business days prior to actual need. Some requests may be expedited or delayed dependant on vendor availability, cost, shipping, and current IS Department backlog.
Pages to are hidden for
"IS Policies and Procedures"Please download to view full document