Professional Documents
Culture Documents
Acceptable Use Policy V2
Acceptable Use Policy V2
© Copyright 2019 PTCL - All rights reserved. No part of this work, which is protected by copyright, may be reproduced in any form or by any means - graphic, electronic or
mechanical, including photocopying, recording, taping or storage in an information retrieval system – without the written permission of the copyright owner .
www.ptcl.com.pk
PAKISTAN TELECOMMUNICATION COMPANY LIMITED Doc. No. NIS/POL/10/00
PTCL
Approved By:
Developed By: Reviewed By:
Jawad Sarwar
(GM NIS)
Section 1
Table of Contents
1 - Table of Contents 3
2 - Amendment Sheet 4
1 Purpose 5
2 Scope 5
3 Responsibilities 5
4 Policy Description 5
4.2 Email 6
5 Supporting Documents 11
6 Related Records 11
Section 2
DOCUMENT AMENDMENT SHEET
1. Purpose
To determine an acceptable use policy for the use of information, communication and technology
materials and facilities provided by PTCL to its employees, consultants and contractors.
2. Scope
This ICT Acceptable Usage Policy applies to all ICT Users at PTCL.
3. Responsibilities
4. Policy Description
PTCL seeks to protect the availability, integrity and confidentiality (CIA) of its information keeping
in view the sensitivity of the information. PTCL takes steps to ensure that its employees and
consultants are in a position to carry out their tasks as efficiently as possible by making ICTs
available to them. E-mail and Internet are valuable and efficient tools necessary for achieving the
company's aims. As with other property belonging to PTCL, these forms of electronic management
must be used in a responsible and moral way (code of conduct) and only in the interests of the
company.
With the intention of using these technologies in the best possible way, maintaining a professional
working environment and protecting PTCL’s information as well as that of its clients and business
partners, all employees are advised to familiarize themselves with this Acceptable Usage Policy
regarding the use of Computer workstation within PTCL. This document sets out the rules of use
that all Users are obliged to respect. The Policy Is specifically designed to promote honest and
ethical conduct and deter wrongdoing.
Computer, internet and email (together the "Computer Facilities") made available to the users are
assets of the company and available for authorized business use only. Access to and use of e-mail
and the Internet is a privilege, not a right.
Accordingly, where evidence of a potential breach of this Policy exists, usage of the Computer
Facilities may be monitored and communications intercepted, recorded, copied, audited, inspected,
and disclosed to the appropriate Internal departments NIS,HR, Legal etc..
Since information contained on portable computers is vulnerable; Due Care needs to be taken by
all the employees and following must be adhered:
1) All PCs, laptops and workstations should be secured with a password-protected screensaver
with the automatic activation feature or by logging-off / locking, when the host is unattended.
Refer to Endpoint protection policy for the time after which the Endpoints should be locked /
logged-off.
2) Complying with all applicable policies and procedures and approved software’s installations /
updates.
Keep passwords secure and do not share accounts. Authorized users are responsible for the
security of their passwords and accounts
3) Users shall not utilize the “user id” and password of another User to gain access to data or
systems.
5) End users are responsible for the security of laptops by locking them in drawers or cabinets
when left in office
6) Company provided intranet facilities (wired/wireless) must be availed and given preference over
entitled/approved broadband services wherever applicable.
7) Third party can be granted access to PTCL network only on need basis. Refer to Access Control
and Remote Access Policy.
8) Following activities are undesired and strictly prohibited (exception can be granted):
b. User shall not disjoin the machine from the Active Directory and uninstall the anti-
malware solution.
c. Users shall not use the PTCL network to gain unauthorized access to any computer
system belonging to an third party.
d. Users shall not disseminate confidential and internal information relating to PTCL
unless required to do so in the course of performing their work duties.(code of conduct)
Note: Admins rights may be granted on proper approval from concerned GM with justification and
SM IT Helpdesk. End user shall fill in the form given in Section 4.9.
4.2 Email
1) Employees are responsible to open the email from only trustworthy sources and use extreme
caution while opening e-mail unknown senders which may contain viruses, worms etc.
a. Sending unsolicited email messages, including the sending of "junk mail" or other
advertising material to individuals who did not specifically request such material (email
spam etc.).
b. Use of official email ID for the postings by employees on public forums news-groups,
blogs, forums etc.
c. Send e-mails, which could damage the reputation of the company, its users, clients or
third parties.
1) Users shall be particularly careful not to install any unapproved software including but not
limited to sniffers, viruses, password cracking and hacking tools unless usage of such
software’s is required as part of the employee's normal job/duty. For approved software
installations, request to Helpdesk department.
2) All hosts connected to the PTCL Intranet, whether owned by the employee or PTCL, may be
monitored at system and network level due to any security requirements by relevant
departments (IT/NIS).
3) PTCL reserves the right to block access at any time to web sites that it deems to contain illegal,
offensive or inappropriate material.
4) Use of third party cloud storage such as google drive, drop box etc are not allowed for sharing
of business or official data. To share large amount of data, company provided online storage
should be used.
5) All the users, employees and contractors are advised to make proper use of the Internet
facilities and not to open websites that belongs to following areas:
e. Anti-state websites
f. Proxy websites
a. Port scanning or security scanning is expressly prohibited, unless this activity is a part
of the employee's normal job/duty.
b. Executing any form of network monitoring which will intercept data not intended for the
employee's host, unless this activity is a part of the employee's normal job/duty.
d. Introduction of malicious programs into the network or server (e.g., viruses, worms).
e. Making fraudulent offers of products, items, or services originating from any PTCL
network/account.
2) User shall only access files or data if it belongs to the user or publicly available, or the owner
of the data has given permission to access it
3) Software(s) and computer data, which are purchased and/or developed by PTCL from a third
party, must not be copied and/or disclosed.
4) Employees, contractors, and third party users using or having access to the organization’s
assets must follow acceptable use of information and assets associated with information
processing facilities e.g. rules of e-mail and internet usage etc.
5) Personal assets including laptops, cameras, and mobile phones with camera, flash drives
(USB), and wireless data exchange devices such as blue-tooth, infrared enabled devices shall
not be used in restricted area unless authorized.
1) Violations of the rights of any person or PTCL protected by copyright, trade secret, patent or
other intellectual property, or similar laws or regulations, including, but not limited to, the
installation or distribution of "pirated" or other software products that are not appropriately
licensed for use by PTCL.
2) Unauthorized copying of copyrighted material including, but not limited to, digitization and
distribution of photographs from magazines, books or other copyrighted sources, and the
installation of any copyrighted software for which PTCL or the end user does not have an active
license.
3) System-level and user-level passwords are not set in accordance with the Password Policy.
4) Using a PTCL computing asset to actively engage in transmitting material that is in violation of
PTCL Code of Conduct.
All the software that are allowed to be used with in PTCL are part of Approved Software list. Below
attached is a comprehensive list of software’s. Any software that is not part of the list, can be added
after approval from Respective GM and GM NIS.
Signature: ______________________
Date: _______________________
Name: ______________________________________________________________________
Emp No._____________________________________________________________________
Designation: _________________________________________________________________
Department:__________________________________________________________________
Address:_____________________________________________________________________
Email ID:_____________________________________________________________________
Services Required:
▪
▪
▪
▪
Disclaimer:
After granted admin rights to the end user as his/her genuine requirements, if IT support team may
found any unauthorized & unlicensed software on user machine strict disciplinary action will be taken
against him/her. Before going to install any new software or release please contact to IT support team
to ensure its reliability/authenticity.
I am fully responsible and accept the all formalities which mentioned above.
_____________________________________________________________________________
Comments/Action: _____________________________________________________________
Exception
Network information Security Department shall approve exception after proper business justification
5. Support Documents:
6. Related Records: