Company assets and IT Resources Policy

Scope
This policy applies to all employees, consultants, trainees, and any other personnel engaged with the Company, including those on third-party payroll, who use Company-provided assets or resources or work out of Company premises (collectively referred to as “Employees” for the purposes of this policy).
Authority Concerned
For any questions or concerns related to this policy, Employees should contact the HR or IT Team.
Conflict
In the event of a conflict between this policy and an Employee's employment or engagement agreement with the Company, the terms of such agreement shall prevail.
Purpose
This policy aims to:
- Establish guidelines for the appropriate use, maintenance, and security of Company assets, including laptops, mobile phones, and other devices ("Devices").
- Define proper usage of Company technology resources provided to or accessed by Employees.
- Safeguard confidential and sensitive information from unauthorized access, loss, or theft.
- Ensure that workspaces and electronic devices adhere to security best practices, including when unattended.
General Policy and Requirements
Assignment and Use of Devices
Devices, including laptops, mobile phones, and accessories (e.g., mouse, monitor, keyboard), may be provided upon request, subject to approval by the HR or IT Team.
- Devices are strictly for work-related purposes. Personal use, unauthorized software installation, or signing in with personal accounts is prohibited.
- Employees must keep Devices secure and password-protected at all times.
- Sharing Devices or granting unauthorized access is prohibited.
- Employees must comply with all relevant laws and regulations when using Devices.
Workstation and Device Security
- Lock computer screens when stepping away from the workstation.
- Shut down Devices and log out at the end of each workday.
- Portable Devices must be secured in locked drawers/cabinets or using locking cables when unattended.
- Use passwords, PINs, or biometric authentication and do not share credentials.
- Employees must not access non-work-related websites or applications on Company Devices.
- Confidential Company information must not be shared outside the Company network.
Maintenance of Devices
- Employees must keep Devices clean and free from physical damage.
- Stickers, skins, or unauthorized modifications to Devices are not permitted.
- Any defects or issues must be reported to IT within two days of receipt or immediately upon identification.
- Lost or stolen Devices must be reported to IT immediately.
- Employees must not repair, modify, or transport Devices without Company authorization.
- Devices must be stored and transported safely, using the original packaging when required.
Document Security
- Clear desks of Devices and unnecessary documents when unattended.
- Sensitive documents must be stored in locked cabinets or drawers.
- Collect printed documents immediately to prevent unauthorized access.
- Use privacy screens when viewing confidential information in shared spaces.
Endpoint Management and Virtual Private Networks
- Employees must use secure, private Wi-Fi networks to access Company systems.
- When connected to public networks (e.g., airports, cafes), Employees must use the Company’s VPN.
Personal Device & Information Restrictions
- Confidential Company information must not be stored on personal devices without explicit authorization.
- Employees must not store personal data on Company Devices.
- Employees have no expectation of privacy when using Company-provided Devices, systems, or networks.
- The Company reserves the right to monitor, review, and access data and communications on its Devices and systems to ensure compliance with policies and security measures.
IT Resources
Definition of Technology Resources
Technology Resources include, but are not limited to:
- Computers, laptops, and mobile devices
- Email accounts and communication platforms
- Internet access and browsing activity on Company networks
- Software applications, IT systems, and AI systems
- Printers, modems, fax machines, copiers
- Voicemail and instant messaging systems
General Responsibility
Employees must use Technology Resources responsibly to enhance productivity and maintain the Company’s professional image. Failure to adhere to these policies may result in disciplinary action, up to and including termination.
Access to Technology Resources
- Access is granted at the Company's sole discretion and based on job requirements.
- Unauthorized access to data or IT systems is strictly prohibited.
Use of Software & Technology Resources
- Company Technology Resources must be used exclusively for business purposes.
- Only software approved by the Chief Executive Officer or IT Team may be installed on Company systems.
- Unauthorized copying, distribution, or modification of software, data, or intellectual property is strictly prohibited.
Return of Devices
Employees must return Devices in person immediately upon request or on their last working day.
IT will inspect returned Devices for damage and compliance.
Devices must be returned in clean, working condition. Repair costs for damage beyond normal wear and tear may be deducted from the Employee’s final settlement.
Employees must not delete or retain Company data before returning Devices.
All other Company assets, data, and Technology Resources must be returned as directed.
Compliance and Consequences of Violation
The Company may conduct audits, monitoring, and walk-throughs to verify adherence to this policy. Violations, including misuse of Devices, Technology Resources, or failure to maintain confidentiality, may result in disciplinary action, up to and including termination, and may constitute serious misconduct.
Review and Amendment
This policy may be reviewed and updated periodically to align with legal requirements and organizational needs. Employees will be notified of significant changes.