ITACS L.L.P. Policy And ProceduresGroup 1

• Objective:• To establish companywide policy with regards to personal device usage both on and off of the company network; including,

but not limited to: security, hardware/software maintenance, and communication.

•  Purpose and Scope:• This policy, in regards to ITACS L.L.P’s data, information assets, and infrastructure, provides the guidelines and capabilities

of protecting the confidentiality, integrity, and availability of company assets. The policy establishes the requirements and restrictions of accessing company resources using personal devices. The policy covers all technology resources, users, and facilities within the boundaries of the firm.

• Applies to:• All employees and contractors using personal devices to perform duties on behalf of the firm.

Policy #3737.8

Devices Allowed• Desktops• Laptops• Ultrabooks• Smartphones• Tablets• Storage Devices

Acceptance Policy• Employee Submitted Approval

Form• Form Approval• Device Registration• Company Software Installation• Network Access Permitted

POLICY: Network Usage• Devices must only be used by authorized personnel• Device must be registered prior to utilizing network

resources • Disruptions with day to day operations• Bypassing company firewall to access restricted sites• User credentials will be denied network access upon

termination

• Device must not be shared with unauthorized personnel• Device must have a secure password and auto-locking

feature• Device must utilize encryption standards of the company• Peer-to-peer • Legislation compliance

POLICY: Data Protection

• Device must remain up to date with latest anti virus signatures• Using device to download or install pirated software (NET Act)• Device must utilize encryption standards of the company• Company retains the right to perform security and compliance

assessments

POLICY: Software Protection & Updates