Skip to content
Compliance & People

Acceptable Use Policy

Version: 1.0
Effective Date: January 27, 2025
Status: Approved

1.0 OVERVIEW

Information Security’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to NEO’s established culture of openness, trust, and integrity. Information Security is committed to protecting NEO’s employees, partners, and the company from illegal or damaging actions by individuals, either knowingly or unknowingly.

Internet/Intranet/Cloud/Extranet-related systems, including but not limited to computer equipment, software, operating systems, storage media, network accounts providing electronic mail, and web browsing, are the property of NEO. These systems are to be used for business purposes in serving the interests of the company, and of our clients and customers in the course of normal operations.

Effective security is a team effort involving the participation and support of every NEO employee and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these guidelines and to conduct their activities accordingly.

2.0 PURPOSE & BACKGROUND

The purpose of this policy is to outline the acceptable use of computer equipment at NEO These rules are in place to protect the employee and NEO. Inappropriate use exposes NEO to risks including virus attacks, compromise of network systems and services, and legal issues.

3.0 ELIGIBILITY

This policy applies to employees, contractors, consultants, temporaries, and other workers at NEO, including all personnel affiliated with third parties. This policy applies to all equipment that is owned or leased by NEO.

4.0 POLICY

  1. NEO proprietary information stored on electronic and computing devices whether owned or leased by NEO, the employee or a third party, remains the sole property of NEO.
  2. You must ensure through legal or technical means that proprietary information is protected.
  3. You have a responsibility to promptly report the theft, loss or unauthorized disclosure of NEO proprietary information.
  4. You may access, use or share NEO proprietary information only to the extent it is authorized and necessary to fulfill your assigned job duties.
  5. Employees are responsible for exercising good judgment regarding the reasonableness of personal use.
  6. Individual departments are responsible for creating guidelines concerning personal use of Internet/Intranet/Cloud/Extranet systems.
  7. For security and network maintenance purposes, authorized individuals within NEO may monitor equipment, systems, and network traffic at any time.
  8. For physical media transfer (such as laptops, disks) only couriers from the following list have to be used:
    1. FedEx
    2. DHL

Social Media Usage Guidelines

Using social media platforms can be an effective way to engage with your audience, build brand awareness, and showcase your expertise. However, it’s important to exercise caution and adhere to certain guidelines to protect sensitive information and maintain the integrity of your company. Here are some guidelines to follow when using social media:

Protect Company Information

a. Avoid sharing any confidential company information, trade secrets, or proprietary data on social media platforms.
b. Refrain from posting internal documents, financial details, or any information that could potentially harm the company’s interests.

Safeguard Customer Data

a. Never disclose or share customer data, personally identifiable information (PII), or any sensitive customer details on social media.
b. Respect privacy regulations and ensure compliance with data protection laws (e.g., GDPR, CCPA) when engaging with customers on social media.

Obtain Proper Authorization

a. Seek appropriate approval before sharing any customer logos, testimonials, or endorsements on social media platforms.
b. Ensure that you have proper consent from customers before mentioning them in posts or using their information in any way.

Be Mindful of Copyrights and Intellectual Property:
a. Avoid using copyrighted material (images, videos, text) without proper permission or licensing.
b. Give credit to the original creators or sources when sharing content that is not your own.

Use Professional Language and Tone

a. Maintain a professional and respectful tone in all social media interactions.
b. Avoid engaging in arguments, using offensive language, or posting controversial content that could damage the company’s reputation.

Separate Personal and Professional Accounts

a. Clearly differentiate personal social media accounts from official company accounts.
b. Make it clear that personal opinions expressed on personal accounts do not represent the views of the company.

Educate and Train Employees

a. Provide social media guidelines and training to employees, ensuring they understand their responsibilities when representing the company online.
b. Encourage employees to report any potential breaches or issues related to social media usage.

Monitor and Respond

a. Regularly monitor social media channels for any unauthorized or inappropriate content related to the company.
b. Respond promptly to customer inquiries, comments, and feedback while adhering to the established company policies and guidelines.

Remember, social media can be a powerful tool for your business, but it’s crucial to exercise caution and promote responsible usage to protect company and customer information, maintain privacy, and uphold the company’s reputation.

5.0 ROLES & RESPONSIBILITIES

This policy applies to the use of information, electronic and computing devices, and network resources to conduct NEO business or interact with internal networks and business systems, whether owned or leased by NEO, the employee, or a third party. All employees, contractors, consultants, temporary, and other workers at NEO and its subsidiaries are responsible for exercising good judgment regarding appropriate use of information, electronic devices, and network resources in accordance with NEO policies and standards, and local laws and regulation.

Multi-Factor Authentication (MFA/2FA):

All systems containing sensitive, confidential, or personal data require MFA/2FA for access. This applies to AWS, email, and all other critical platforms.

MFA/2FA is enforced as a mandatory control in line with ISO 27001:2022.

6.0 COMPLIANCE

NEO reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy.

Let's build your proposal
Powered by NEO AI - Intelligent Matching Technology