Back to Home

Acceptable Use Policy

Last Updated: February 1, 2026

1. Purpose

This Acceptable Use Policy (AUP) defines acceptable and unacceptable use of company information technology resources, including computers, networks, applications, email, internet access, and other technology assets. The policy aims to protect company assets, ensure compliance with legal requirements, and maintain a productive and secure work environment.

2. Scope

This policy applies to all employees, contractors, consultants, vendors, and other authorized users who access company IT resources. It covers all devices and systems owned, leased, or managed by the company, as well as personal devices used to access company resources.

3. General Acceptable Use

3.1 Authorized Use

Company IT resources are provided for legitimate business purposes. Acceptable use includes:

  • Performing job-related duties and responsibilities
  • Professional communication with colleagues, customers, and business partners
  • Research and information gathering related to work
  • Professional development and training activities
  • Reasonable and limited personal use that does not interfere with work duties or company operations

3.2 Personal Use Guidelines

Limited personal use of company IT resources is permitted under the following conditions:

  • Use is brief, infrequent, and does not interfere with work performance
  • Use does not consume significant network bandwidth or system resources
  • Use complies with all other provisions of this policy
  • Use does not create any legal liability or security risk for the company

4. Prohibited Activities

The following activities are strictly prohibited:

4.1 Security Violations

  • Attempting to gain unauthorized access to systems, networks, or data
  • Circumventing or attempting to circumvent security controls
  • Sharing passwords or access credentials
  • Using another person's credentials to access systems
  • Probing, scanning, or testing system vulnerabilities without authorization
  • Installing or using hacking tools or password cracking software

4.2 Malicious Activities

  • Creating, distributing, or executing malware, viruses, or other malicious code
  • Conducting denial-of-service attacks or other disruptive activities
  • Deliberately damaging or destroying company systems or data
  • Tampering with or disabling security systems or monitoring tools

4.3 Unauthorized Software and Hardware

  • Installing software without proper approval and licensing
  • Using unauthorized cloud services or file-sharing applications
  • Connecting unauthorized devices to the company network
  • Modifying system configurations without authorization

4.4 Data Misuse

  • Unauthorized access, copying, or disclosure of confidential information
  • Storing confidential data on unauthorized systems or devices
  • Transmitting sensitive data via unencrypted channels
  • Using company data for personal gain or competitive advantage
  • Removing or copying company data without authorization

4.5 Inappropriate Content

  • Accessing, storing, or distributing pornographic or sexually explicit material
  • Accessing, storing, or distributing hate speech or discriminatory content
  • Accessing, storing, or distributing violent or threatening content
  • Creating, sending, or forwarding chain letters or spam

4.6 Illegal Activities

  • Using company resources for illegal activities
  • Pirating software, music, videos, or other copyrighted materials
  • Violating export controls or international trade regulations
  • Engaging in gambling or other prohibited activities

4.7 Harassment and Abuse

  • Using IT resources to harass, threaten, or intimidate others
  • Sending abusive, offensive, or discriminatory communications
  • Impersonating others or misrepresenting identity

5. Email and Communication

5.1 Email Usage

  • Use company email for legitimate business purposes
  • Exercise caution with email attachments from unknown sources
  • Do not send mass mailings or spam
  • Include appropriate disclaimers in external communications

5.2 Instant Messaging and Collaboration Tools

  • Use approved communication platforms only
  • Maintain professionalism in all communications
  • Do not share confidential information through unsecured channels

6. Internet and Web Usage

  • Internet access is provided primarily for business purposes
  • Avoid visiting websites that may compromise security or contain inappropriate content
  • Do not download files or software from untrusted sources
  • Be cautious when clicking on links in emails or web pages
  • Streaming audio/video should be limited to avoid excessive bandwidth consumption

7. Social Media

  • Personal social media use should be limited and not interfere with work
  • Do not post confidential company information on social media
  • Clearly identify personal opinions as your own, not the company's
  • Follow company social media guidelines for official business accounts

8. Mobile Devices and Remote Access

8.1 Company-Provided Devices

  • Use company devices primarily for business purposes
  • Keep devices physically secure at all times
  • Report lost or stolen devices immediately
  • Allow installation of company security and management software

8.2 Personal Devices (BYOD)

  • Personal devices must meet minimum security requirements to access company resources
  • Install required security software as directed by IT
  • Separate business and personal data as much as possible
  • Company reserves the right to remotely wipe company data from personal devices

8.3 Remote Access

  • Use only approved VPN or remote access solutions
  • Ensure remote access connections are secured
  • Do not allow others to use your remote access credentials

9. Monitoring and Privacy

Users should have no expectation of privacy when using company IT resources:

  • The company reserves the right to monitor all use of IT resources
  • Monitoring may include email, internet activity, system logs, and file access
  • Monitoring is conducted to ensure compliance, detect security incidents, and protect company assets
  • Company data stored on systems is subject to disclosure for legal or regulatory purposes

10. Reporting Violations

  • Report any suspected policy violations or security incidents immediately
  • Report inappropriate content or behavior observed on company systems
  • Use designated reporting channels (supervisor, IT, HR, security hotline)
  • Good faith reports will be handled confidentially and without retaliation

11. Consequences of Violations

Violations of this policy may result in:

  • Immediate suspension of system access
  • Disciplinary action up to and including termination
  • Legal action and criminal prosecution
  • Financial liability for damages or losses

12. User Responsibilities

  • Understand and comply with this policy and all related policies
  • Protect company IT resources from unauthorized access or misuse
  • Use good judgment when using company resources
  • Keep security software and systems up to date
  • Participate in required security awareness training

13. Acknowledgment

All users must acknowledge that they have read, understood, and agree to comply with this Acceptable Use Policy. Continued use of company IT resources constitutes acceptance of this policy and any future updates.

Exord Systems Inc.

8 The Green, STE R

Dover, DE 19901, USA

Questions or reporting: admin@exord.systems

Grievance Officer: joseph@exord.systems