EC Meeting Papers January 2019

There might be occasions where you are asked to provide ‘remote access’ to your equipment so that a Technician from a third party company can ‘fix an issue’ or change settings (through products like log-me in 123 etc.), this has the potential to compromise the organisations systems / data and requests so remote into the machine need careful consideration, best practice is that these instances are co-ordinated through Entegraty and all instances should be recorded in the ICT Issues log.

Formal agreement & acknowledgement of these policies is required via the form attached at the back of the document .

Equipment 

The GFTU allocates equipment to users which is suitable for appropriate business use, the equipment will be regularly safety checked (PAT Testing) and where needed ‘reasonable adaptions’ will be considered / made.  All ICT resources purchased by the GFTU will be recorded in the organisations Inventory in line with the Finance policy, therefore the Inventory should be amended if equipment is disposed of.  Only software authorised by line management and installed by ICT is to be installed / run from GFTU computers.  Mobile equipment (Laptops/Handheld devices) may be used off-site with line management authorisation solely for the purpose of work & only where appropriate secure network access has been granted.  Equipment (mobile or on-site) is for employee use only and must not be loaned or provided to others except where (exceptional) management permission has been granted.  Mobile telephones can be set up to receive e-mails and where a person chooses to download the software to their personal machine, then the GFTU rules relating to e-mail protocols and data will apply as if the machine were provided by the employer. Documents, files & emails created or stored within work time or on GFTU equipment belongs solely to the GFTU (or affiliates if created on their behalf) and should be treated as private and confidential. Such data may not be shared electronically or on paper with any other parties without written consent .  Normally access to data folders is allocated to individuals and/or departments in order to maintain integrity and privacy. Note that line management are entitled to and may access any folders should exceptional circumstances dictate. Physical assets should be ‘property marked’ in case of removal or theft.  Access to GFTU systems and data are protected by usernames and passwords issued individually. These may not be shared with anyone. Passwords should not be ‘lent’ to anyone.  Additional security for certain systems is applied using a supplied ‘USB dongle’ in addition to username and password. Dongles are configured for each individual.

Data 

Security 

GFTU Usage ICT Policy –Expiry December 2019

Page 2