DOCUMENT DOCUMENT NAME VERSION EFFECTIVE

NUMBER No. DATE

BSL/ORG/002 ACCEPTABLE USAGE POLICY 1.2 01-Apr-2016
Engagement Policy
Dept/Role NAME SIGNATURE

Prepared By HRSS Siby Joseph

Reviewed By Geo HR John Bahadur / Deepak Dobriyal

Reviewed By Risk Mgmt. Amit Dhingra

Approved By CPO Samit Deb

MODIFICATION / CHANGE HISTORY

SL. No. Date of Change Version Approved

Release Request No. By
No.
1.0 Description
New DocumentOf Change
Release 01-Jan-2015 1.0 Subrat
Chakravarty
2.0 Updation of clauses 5.2.1 and 5.4 01-Apr-2015 1.1 Subrat
Chakravarty
3.0 Annual review of policy 01-Apr-2016 1.2 Samit Deb

Version 1.2 Page # 1

Document Classification: Birlasoft Internal
This document is the exclusive property of Birlasoft. Printing, copying, circulation or distribution of this
document without permission of the authorized Birlasoft personnel is strictly prohibited.
ACCEPTABLE USAGE POLICY

1. Objective

The objective of this policy is to lay down policy guidelines on Acceptable Use of Proprietary or Confidential
information, Company Assets or Company or other Stakeholder provided resources. Protection of such assets and
security of the same is a team effort involving the participation and support of every Birlasoft employee who deals
with information and/or information systems or resources of any kind. It is the responsibility of every employee,
to know these guidelines, and to conduct their activities accordingly.

2. Definition

“Birlasoft” or the “Company” means Birlasoft (India) Limited and its affiliates, branches, subsidiaries or holding
Company.

“Employee” or “Associate” for the purpose of this policy means all full-time employees, contractual staff or
trainees.

3. Purpose

The purpose of this policy is to outline the acceptable use of confidential and proprietary information at Birlasoft.
Inappropriate use exposes Birlasoft to risks including violation of intellectual property rights, confidentiality
obligations towards employees, clients, customers and partners, compromise of network systems and services
and legal issues.

The intent for publishing of this Policy is not to impose restrictions that are contrary to Birlasoft’s established
culture of openness, trust and integrity. Birlasoft is committed to protecting its employees, customer, clients,
partners and the Company from illegal or damaging actions by individuals, either knowingly or unknowingly.

4. Scope

This policy applies to all employees, contractors, consultants, temporary, and other workers at Birlasoft. This policy
applies to all equipment and information that is owned or leased by Birlasoft or that to which Birlasoft is made
privy.

5. Policy Details

5.1 Confidential and Proprietary Information

a) “Confidential Information” is classified as non-public information belonging to the Company, its

Customer, Vendor, Business Partner, etc. “Proprietary Information” is classified as information which is
owned by a particular party by virtue of creating or purchasing it for its exclusive use and which puts the
possessor an unique commercial advantage over its competitors.
b) Confidential Information and Proprietary Information include, but not limited to, Company’s private
information, corporate strategies, competitor sensitive, competition analysis reports, trade secrets,
specifications, customer lists, research data, procedures, documentations, know how, product plans,
designs, drawings, codes and algorithms, and information owned and / or received by Birlasoft or its
employees from its customer, clients, partners and other third parties, etc.. Employees should take all
necessary steps to prevent unauthorized access, use or dissemination of such Confidential Information
and Proprietary Information.
c) Use of third party Confidential Information or Proprietary Information, must be upon express written
consent or approval from the owner of such information with express authorization to whom, when, how
and to what extent such information may be shared.

Version 1.2 Page # 2

Document Classification: Birlasoft Internal
This document is the exclusive property of Birlasoft. Printing, copying, circulation or distribution of this
document without permission of the authorized Birlasoft personnel is strictly prohibited.
ACCEPTABLE USAGE POLICY

5.2 Unacceptable Use

Under no circumstances, an employee of Birlasoft should engage in any activity that is illegal under the applicable
local, state, federal or international law while handling any Confidential or Proprietary Information.

Following is the list of activities falling under the category of unacceptable use. The list is not exhaustive, but an
attempt to provide a framework.

5.2.1 System and Network Activities

The following activities are strictly prohibited, with no exceptions:

a) Violations of rights of any person or company protected by copyright, trade secret, patent or other
intellectual property, or similar laws or regulations, including, but not limited to, the installation or
distribution of "pirated" or other software products that are not appropriately licensed for use by
Birlasoft.
b) Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution
of photographs or videos from magazines, books or other copyrighted sources, copyrighted music, or the
installation of any copyrighted software for which Birlasoft or the end user does not have an active license
is strictly prohibited.
c) Exporting software, products, technical information, encryption software or technology, in violation of
international, national or regional export control laws, is illegal. The appropriate management should be
consulted prior to export of any material that is in question.
d) Accessing data, systems, software or an account for any purpose other than legitimate business
transactions/ operations, even if you have authorized access
e) Revealing your login credentials pertaining to Birlasoft systems, software or network (e.g. account
passwords) to others or allowing use of your account by others. This includes anyone within or outside
Birlasoft
f) Using Birlasoft computing assets to actively engage in procuring or transmitting material that is in
violation of sexual harassment or hostile workplace laws
g) Making fraudulent offers of products, items, or services originating from any Birlasoft account
h) Effecting security breaches or disruptions of network communication. Security breaches include, but
are not limited to, accessing data of which the employee is not an intended recipient or logging into a
server or account that the employee is not expressly authorized to access, unless these duties are
within the scope of regular duties. For purposes of this section, "disruption" includes, but is not limited
to, network sniffing, pinged floods, packet spoofing, denial of service, and forged routing information
for malicious purposes
i) Port scanning or security scanning is expressly prohibited unless prior notification to Head, Information
Security is made.
j) Circumventing user authentication or security of any host, network or account
k) Introducing honeypots or similar technology on the Birlasoft network.
l) Using any program/script/command, or sending messages of any kind, with the intent to interfere with,
or disable, a user's terminal session, via any means, locally or via the Internet/Intranet/Extranet
m) Providing information about, or lists of, Birlasoft employees to parties outside Birlasoft without formal
approval from the Head, HR

5.2.2 Email and Communication Activities

When using Company resources to access and use the Internet, users must realize they represent the
Company.

The following activities are strictly prohibited, with no exceptions:

Version 1.2 Page # 3

Document Classification: Birlasoft Internal
This document is the exclusive property of Birlasoft. Printing, copying, circulation or distribution of this
document without permission of the authorized Birlasoft personnel is strictly prohibited.
ACCEPTABLE USAGE POLICY

a) Unauthorized use or forging of email header information.

b) Sending or receiving business information on public email accounts/ unapproved cloud data storage
services
c) Sending unsolicited email messages, including the sending of "junk mail" or other advertising material
to individuals who did not specifically request such material (email spam).
d) Any form of harassment via email, telephone or paging, whether through language, frequency, or size
of messages.
e) Unauthorized copying or distributing or altering of Confidential Information or Proprietary Information,
in disregard of affixed copyright notices by others and designating Birlasoft as copyright owner in the
replacement notice.

In the event of an employee of Birlasoft intends to copy portions of any Confidential Information or
Proprietary Information, he/ she must obtain express prior written consent for use of such material in
question from the owner thereof and use only for the purpose and in respect of which permission to
reproduce is granted and reference appropriate owner as the source of the material. Keep intact all
copyright notices on any copies of the material.

Please be aware that copyright notices hold true legal value in that they inform third parties that the
underlying work is protected by copyright, identifies the copyright owner and creates a presumption as
to copyright ownership and hence copyright notices are not to be taken lightly. Please be aware that in
some jurisdictions, no weight is given to a defendant’s defense based on innocent infringement where
the infringed material contains a copyrighted notice/ material of others. Apart from that you may being
personally labile for such infringement, your action may also constitute a breach of confidential obligation
Birlasoft has towards its clients, customers, partners, other third parties etc. and create a liability for
Birlasoft.

5.2.3 Social Media, Blogging or related activities

i. Blogging by employees, whether using Birlasoft’ s assets and systems is also subject to the terms and
restrictions set forth in this Policy. Limited and occasional use of Birlasoft’ s systems to engage in blogging
is acceptable, provided that it is done in a professional and responsible manner, does not otherwise
violate Birlasoft’ s policy, is not detrimental to Birlasoft ’s best interests, and does not interfere with an
employee's regular work duties. Blogging from Birlasoft’s systems is also subject to monitoring.

ii. Birlasoft’s Confidential Information policy also applies to blogging, social media and related websites. As
such, Employees are prohibited from revealing any Birlasoft confidential or proprietary information,
trade secrets or any other material covered by Birlasoft’s Confidential Information policy when engaged
in blogging.

iii. Employees shall not engage in any blogging or comment on Social media and related websites that may
harm or tarnish the image, reputation and/or goodwill of Birlasoft’s and/ or any of its employees,
customers or vendors. Employees are also prohibited from making any discriminatory, disparaging,
defamatory or harassing comments when blogging or otherwise engaging in any conduct prohibited by
Birlasoft’s Secure Workplace Policy and Disciplinary Actions Policy.

iv. Employees may also not attribute personal statements, opinions or beliefs to Birlasoft when engaged in
blogging. If an employee is expressing his or her beliefs and/or opinions in blogs, the employee may not,
expressly or implicitly, represent themselves as an employee or representative of Birlasoft. Employees
assume any and all risk associated with blogging.

Version 1.2 Page # 4

Document Classification: Birlasoft Internal
This document is the exclusive property of Birlasoft. Printing, copying, circulation or distribution of this
document without permission of the authorized Birlasoft personnel is strictly prohibited.
ACCEPTABLE USAGE POLICY

v. Apart from following all laws pertaining to the handling and disclosure of copyrighted or export controlled
materials, Birlasoft ’s trademarks, logos and any other intellectual property may also not be used in
connection with any blogging activity

5.3 Reporting of Violation

It is the responsibility of every Employee to report a violation he / she has witnessed or reasonably believes to
have occurred. Upon becoming aware of such misuse or infringement of Confidential Information or Proprietary
Information by you or others, immediately cease and desist from continued misuse or infringement and/ or report
the incident/ action taken to:

i. Immediate Reporting Manager or CDG/Delivery Unit Head;

ii. Report the Incident / violation in Birlasoft’s Incident Management Portal (Intranet)
iii. If it is an ethical issue, report to whistleblower@Birlasoft.com

5.4 Related Policies and Procedures

i. Information Security Policy
ii. Secure Workplace Policy
iii. Disciplinary Action Policy
iv. Whistleblower Policy

5.5 Enforcement

Any Employee found to have violated this policy may be subject to same disciplinary action as defined under the
Code of Ethics and Conduct Policy (“COEC”) of Birlasoft and/or Disciplinary Actions Policy.

Illustration 1:

Gautam works as a Sales Executive in an IT company and is making a product presentation. Following is an
interaction between him and the prospective customer.

Gautam: Edward, our AB product is robust and we also support it with XY and XZ tools.

Edward: Gautam, please correct me if I am wrong. I believe XY and XZ tools belong to SONI Group.

Gautam: Right Edward. Soni Group is our sub-contractor and we have license for this tools till 2014.

Edward: But Gautam, neither your proposal nor your presentation is revealing this fact.

Gautam: Sorry Edward. It was not done intentionally. I only put it because we had the license.

Gautam ought not to have included references to a product whose intellectual property belongs to a third party
without proper notices confirming the third party ownership. While Gautam act was unintentional and oblivious
of the IP issues, this could have been construed as a copyright violation and misappropriation of third party’s
intellectual property. Gautam should have disclosed that the tools belong to the subcontractor and that his
company had a license for a particular period.

Illustration 2:

Version 1.2 Page # 5

Document Classification: Birlasoft Internal
This document is the exclusive property of Birlasoft. Printing, copying, circulation or distribution of this
document without permission of the authorized Birlasoft personnel is strictly prohibited.
ACCEPTABLE USAGE POLICY

Following is an interaction between Vijay and Saleem who are part of a designing team on use of an unlicensed
designing tool.

Vijay: Hi Saleem. I was just going through your samples for the new interface and was really wondering how
you managed to get the texture. It has really come well.

Saleem: Thanks Vijay. It was really tough to do it. I used the AAA software to do that.

Vijay: But Saleem, I don’t remember our Company buying that tool.

Saleem: Vijay. I downloaded it and installed it using the pirated key found on another website.

Vijay: Saleem didn’t you know that this is strictly prohibited in our company.

Saleem: No Vijay. I didn’t know. I will immediately uninstall it and rework on the samples.

Vijay is right in guiding his colleague to uninstall pirated software. Downloading or using unlicensed software
exposes both you and the company to copyright violations.

Disclaimer – The Company reserves the right to alter, append or withdraw this policy either in part or in full based
on management’s discretion.

*****

Version 1.2 Page # 6

Document Classification: Birlasoft Internal
This document is the exclusive property of Birlasoft. Printing, copying, circulation or distribution of this
document without permission of the authorized Birlasoft personnel is strictly prohibited.