Email Policy

IT.Infra.Email-v1.0IT.POL15.V4.0

Department Technology

Division Information Technology

Sub-division Infrastructure & service operations

Related macro ETOM
Operations – Fulfillment/ Assurance
process

Policy owner
Name Abdelfattah Aly Mabrouk
Title Chief Technology & Information Officer

Signature

Version Description Author Date

IT.ITO.POL10.V1.0 New Policy Hesham Rashed 13/1/2008
IT.POL10.V1.0 Policy Update Hesham Rashed 10/4/2013
TECH.POL9.V3.0 Migrating to new template & Hesham Rashed Dec.2016
periodical review
IT.POL15.V4.0. Minor updates Essam Magdy Dec 2019
IT.Infra.Email-v1.0 Reviewed and Updated Ahmed Kamal 09-Oct-2022

Process excellence Control

Name Ahmed Kamel

Title Sr. Manager, Process Excellence

Signature

© The Egyptian Company for Mobile Services (Orange) - 2019

Transformation and Operational Efficiency Template - restricted Page 1 of 7
 Email Policy
IT.Infra.Email-v1.0IT.POL15.V4.0

1. Policy purpose and scope

 The objective is to gain the benefits of the e-mail in business communication without compromising Orange Egypt
security or brand image.
 This policy aims to reduce the likelihood of legal liability or any breach in security practices or regulations that could
jeopardize the business and commercial reputation of Orange Egypt or its Users.

2. Policy statement

 Direct managers are responsible for ensuring that this policy is applied within their own area.

 Any queries on the application or interpretation of this policy must be discussed with the Policy Owner or directly to
the Head of Infrastructure & service operations, Information Technology

 In case any user suspects a breach of the Systems Security or a breach of this policy he/she should inform their line
manager who will report the issue to Technology Service Desk “ext.: 0777” or directly to the IT Department “Head of
Infrastructure & service operations, Information Technology Open a ticket on the HP service Manager.

 According to Orange group security standards, adequate encryption tools could be implemented on the Electronic
service messaging to allow confidential data transmission (usable among entities of the Group).

 The use of e-mail introduces a number of threats to Orange Egypt:

o Legal liability:

 In most cases the employer is held responsible for all the information transmitted on or from their
systems. A Company may also be liable if one of its employees sends intentionly an e-mail containing a
virus or other damaging data.

© The Egyptian Company for Mobile Services (Orange) - 2019

Transformation and Operational Efficiency Template - restricted Page 2 of 7
 Email Policy
IT.Infra.Email-v1.0IT.POL15.V4.0

o Confidentiality breaches:

 Most confidentiality breaches occur from within the company. These breaches can be accidental, for
instance by selecting a wrong contact in the To: field. However, confidentiality breaches can also be
intentional.

o Damage to reputation:

 The contents of corporate e-mails reflect on the business. A badly written e-mail or an e-mail containing
unprofessional remarks will cause the recipient to have a bad impression of the company the sender is
representing. (Please refer to the Guidelines to Effective Business Writing).

o Lost productivity:

 Lost productivity due to inappropriate use of a company’s e-mail system.

o Network congestion and down time:

 Viruses received via e-mail, if a virus hits the company system this can cause network congestion or
even down time.

o Made for corporate exchange only:

 Use of e-mail both within and outside Orange Egypt is not intended to replace personal interaction. Users
are expected and encouraged to choose the best method of communication in any given situation.

o Disclaimer:

 All the External communication will be having a Disclaimer, as an attachment, to include a

confidentiality clause and that we are filtering all E-Mails for viruses and handle its clean-up. The
responsibility of this disclaimer will be under the direct ownership of the Corporate Communication
department.

 All references to e-mail should include both the core e-mail message and any attachment(s).

 Access & Passwords for E-mail:

o Access to internal and external Orange Egypt e-mail accounts is subject to management approval that may be
revoked at any time.

o All e-mail accounts must be protected by a password. Passwords are personal to the individual user and must
not be revealed to or used by any other user.

o Attempting to gain unauthorised access or gaining unauthorised access to user accounts is strictly prohibited.

© The Egyptian Company for Mobile Services (Orange) - 2019

Transformation and Operational Efficiency Template - restricted Page 3 of 7
 Email Policy
IT.Infra.Email-v1.0IT.POL15.V4.0

o To gain emergency access to another User’s e-mail account and/or network home (personal) drive a system
access request must be raised and authorised, in writing, on the grounds that the user is absent or has left the
company copying the HR Department. The systems access request must state who requires access to whose e-
mail account and for what business purpose. The systems access request must be directed to the IT
Operations Team responsible with the management approvals.

o Attempting to misrepresent the original e-mails is strictly prohibited.

o The automatic routing of e-mail accounts to personal or non-Orange Egypt mail accounts such as Hotmail is
prohibited for the employees leaving the company.

o Usage of E-Mail

o E-Mail is to be used for legitimate business purposes only and for sending and receiving work related
messages. Limited use for private purposes is allowed outside working hours. However, any private use must
be of a reasonable nature, i.e. the system is not to be used frivolously or in breach of this policy. Users must
be aware that all e-mails distributed via Orange Egypt’s e-mail system are company property and may be read
during emergency access and audits of computer archives, /laptops and backup tapes and may be used as
evidence in any disciplinary proceedings.

o Saving attachments from personal Internet e-mail is strictly prohibited.

o Orange Egypt encourages responsible use of the e-mail system. Users with access to internet e-mail from
their Orange Egypt account are reminded of the added responsibility, this entails:

 Think carefully about using services that have public member profiles (e.g. Web bulletin boards).

 Never respond to spam. You will be letting them know your e-mail address is active.

 Don't open e-mail from people you don't know as this might send an e-mail auto-response indicating
your e-mail address is active to a spammer.

 Never respond to 'remove' instructions. Again, you will be indicating that you have a valid e-mail
address that is in use.

 Avoid posting your real e-mail address on Usenet discussion groups.

 Never use your e-mail address in a classified advertisement.

 Don't join any 'address removal' lists - they are more likely to create spam than prevent it.

 When sending e-mail to groups or people externally, you should use the BCC field to minimise the
number of addresses that are revealed if any one of the recipients unscrupulously forwards the
message on.

© The Egyptian Company for Mobile Services (Orange) - 2019

Transformation and Operational Efficiency Template - restricted Page 4 of 7
 Email Policy
IT.Infra.Email-v1.0IT.POL15.V4.0

o E-Mail must not be used for the purpose of transmitting confidential, strategic or commercially sensitive or
financial information using external mail unless it has been encrypted or at least sent with password protected
because. The Internet is not a secure network and it is possible for unencrypted e-mail messages to be
compromised.E-Mail must not be used for the purpose of transmitting non-authorised personnel information
to third parties whether they are internal or external.

o It is prohibited to tamper with the “from” address field in e-mails.

o Users (e.g. permanent staff, temporary or consultants) should disclaim speaking for Orange Egypt unless
officially authorized to do so or being part of their approved job description.

o Care should be taken that e-mails are only sent to appropriate recipients as reading e-mails can be time
consuming and, therefore, a waste of the receiver’s time when not entirely necessary E-Mails should be
purged regularly and only retained if relevant to the Business or required by law. However, all Users should
be made aware that e-mails can be retrieved from backups even if they have apparently been deleted from the
system, e.g. E-mail archiving system.

o For alignment with the corporate regulations law, E-mail archiving backup would result in keeping all
internal & external correspondences for 5-7 years (Life-Time), even if those e-mail items have been deleted
by users.

o By applying e-mail archiving, any messages which passed more than 35 days will be moved to the archiving
location, however users will be able to see a shortcut to the archived message.

o Any Message which passed more than one year, will be purged from the e-mail server permanently, however
users will still be able to retrieve it from the archive.

o If a User is informed by the virus guard software that they have a virus infection on their PC, (s)he must not
send any further e-mails until the PC is cleared of all viruses. The User must inform their line manager
immediately who must then follow the procedures for reporting virus incidents to the IT Department. Refer to
Antivirus policy TECH.POL10.V1.0.
o Content of E-mail Messages

o All e-mail accounts content (whether relating to business purposes or not) including attachments and the
creation/storage and transfer of any form of electronic information must fully comply with this policy.

o E-Mails must not contain any words, phrases or other material which may be sexually or racially abusive or
discriminatory or threatening, in any way whatsoever, or which may have the effect of the recipient feeling or
experiencing harassment as a result of receiving the message. Consequently, improper reference should not
be made to race, creed, colour, nationality, ethnic origin, age, language, religion, political or other opinion
affiliation, gender, sexual orientation, marital status, connections with a national minority, national or social
origin, property, birth or other status, family connections, membership or non-membership of a trade union
or, disability.

o The writer of an email should be self-conscious as to the style of the language used & the effect that the
message will have on the recipient. If in doubt, the employee should refer the matter to his/her line
manager/supervisor who should check the e-mail before it is circulated.
© The Egyptian Company for Mobile Services (Orange) - 2019
Transformation and Operational Efficiency Template - restricted Page 5 of 7
 Email Policy
IT.Infra.Email-v1.0IT.POL15.V4.0

o Users should also be careful that they do not breach any copyright in pre-printed or published material that
they incorporate into their e-mails for transmission to third parties or for general publication. It is expressly
forbidden to copy, download or transmit to third party any published material authored by other people
without their consent. This will also leave Orange Egypt open to legal action by the owner of the copyright.

o Users should also be careful that the creation and transmission of e-mails is not in violation of the countries
Data Protection legislation, intellectual property rights (IPR) or confidentiality agreements.

o Users who are concerned, or believe that an e-mail they intend to circulate may contain copyrighted material
or be in violation of other IPR, Data Protection legislation or confidentiality agreements, should refer the
matter to their line manager/supervisor who should examine the e-mail before it is published or circulated.

o The creation and exchange of advertisements (other than for posting to a relevant Orange Egypt bulletin
board), solicitations, chain letters or other unsolicited e-mail or subscribing to automatic e-mail services
without proper managerial authorisation is strictly prohibited.

o The use of e-mail accounts to engage in illegal activity (for example advertising goods that require a license
including but not limited to tobacco and alcohol), or to advertise illegal copies of computer
hardware/software or advertise counterfeit products is strictly prohibited.

o Corporate e-Signature: the below format is the corporate standard signature that should be used for sending e-
mails internally or externally, in order to maintain the corporate image, details as follow:

 Standard Format:

Name

Title

Department

Office: +20 12 2320-xxxx

Mobile: +20 12 2xxxxxxx-xxxx

Fax: +20 12 320-xxxx

e-Mail: alias@Orange .com

 The logo should link to our new portal Orange.eg.

 Please note that the e-signature font is Helvetica 55 Roman.

© The Egyptian Company for Mobile Services (Orange) - 2019

Transformation and Operational Efficiency Template - restricted Page 6 of 7
 Email Policy
IT.Infra.Email-v1.0IT.POL15.V4.0

 Use black only to write your e-signature.


 E-Signature: As soon as the solution is in place, most of the above info will be attached to the outgoing
email automatically, without users' intervention, to ensure data accuracy (e.g. Titles) and the Corporate
Communications approved format.


- Policy breach may be subject to HR disciplinary action.

3. References
Name Date

Antivirus policy TECH.POL10.V1.0 December 2016

4. Reviewed and accepted by

Department Name Title

Manager, Office automation & collaboration, Information
IT Technology Essam Magdy Sabry
Technology
Head of Infrastructure & service operations, Information
IT Technology Ahmed Abdelhady El Otaify
Technology

© The Egyptian Company for Mobile Services (Orange) - 2019

Transformation and Operational Efficiency Template - restricted Page 7 of 7