Acceptable use of NICVA's Laptop / Mobile Devices

9 Apr 2008 Alex Hastings    Last updated: 6 Jul 2014

This article outlines NICVA’s policy with regards to laptop and mobile device usage for employees.

NICVA recognises the need for its remote/outreach staff to have access to Laptop/mobile computers in order to complete their work and meet member needs. This Acceptable Usage Policy (hereinafter known as the ‘AUP’) comprises the IT Security policy for portable or mobile computer systems as described below and supplied by NICVA.

For the sake of this document Portable Devices are defined as Laptop/Notebook computers/Mobile devices/PDA’s/Smartphone.

Reasons for having this policy

This policy exists for the protection and guidance of NICVA and NICVA staff by giving users ground rules for acceptable use of the equipment etc. so there are no misunderstandings. They should also provide guidelines if, for example, misuse occurs. The AUP also demonstrates to potential funder’s that NICVA is professional in its approach to managing users and/or equipment.

All NICVA’s ICT facilities and information resources remain the property of NICVA and not of particular individuals, units or departments (see Note 1 below). By following this AUP we'll help ensure ICT facilities are used:

  • legally
  • securely
  • without undermining NICVA
  • effectively
  • in a spirit of co-operation, trust and consideration for others
  • so they remain available

Precautionary and disciplinary measures

The AUP relates to all ICT facilities and services provided by NICVA. All staff, students, volunteers and executive committee members are expected to adhere to it.

Deliberate and serious breach of the AUP may lead to disciplinary measures which may include the offender being denied access to computing facilities.

How is it published

This document is available in both electronic and hard copy versions, copies will be given to new staff on induction and will be readily available for current staff.

General use

ICT equipment and facilities belong to NICVA and are naturally provided for work use. You are trusted to make reasonable personal use of them as long as this does not:

  • interfere with job performance
  • give rise to additional cost
  • interfere with the activities of other users
  • support any work other than that of NICVA
  • breach any rules relating to content (see section below on Use of the Internet).

Hardware and software purchasing

The ICT Unit will be solely responsible for sourcing, evaluating and the purchasing of all ICT hardware/software. Unit Head’s in conjunction with the Head of Information Management will have the final decision if/when equipment is required.

Installing / copying software

Get permission from ICT Unit before you install any software (including public domain software - see Note 2 below) on equipment owned and/or operated by NICVA. Copying software for use outside NICVA agreements is illegal and may result in criminal charges.

Transfer and storage on the NICVA network

Keep master copies of important data on NICVA's network and not solely on your Portable Device’s local C: drive or floppy discs. Otherwise it will not be backed up and is therefore at risk.

Ask for advice from ICT Unit if you need to store, transmit or handle large quantities of data, particularly images or audio and video.

Be considerate about storing personal (non-NICVA) files on NICVA's network. (see Note 3 below)

Don't copy files which are accessible centrally into your personal directory unless you have good reason (i.e. you intend to amend them or you need to reference them and the central copies are to be changed or deleted) since this uses up disc space unnecessarily.

Housekeeping should be conducted regularly and any files no longer required should be deleted. This is an important task and should be compared with managing paper based information systems. Therefore it is important to consider the following points when following good file management practice:

  • consider confidentiality of content of the files stored
  • consider the storage space it demands
  • consider the information's usefulness and the possible legal requirements to retain it for a minimum period. (Please contact your line manager for guidance relating to appropriate retention periods).

It is your responsibility to ensure that any information you have ownership of is controlled appropriately. Staff should take all reasonable steps to ensure the security of these assets at all times.

Fault / incident reporting

The primary purpose of reporting faults/incidents is to help prevent further problems, not to attach blame. All faults/incidents on ICT Equipment must be reported to the ICT Unit immediately upon discovering the fault. The ICT Unit will deal with in due course.

Anti Virus / firewalls

NICVA deploys anti-virus software to protect the ICT systems from virus attacks. This software is updated as soon as a new software release becomes available. NICVA have also in place various methods of scanning inbound/outbound Email correspondence for spam/virus and pornographic content.

Please follow these steps to maintain system integrity:

  • The anti-virus system’s database engine (virus definitions) must be updated on a regular basis, each day if possible, but at least once a week.
  • To update your virus definitions it is necessary to connect to NICVA’s local area network.
  • Please contact ICT unit for any assistance on either of the above points.

If a virus is discovered the following actions must undertaken:

  • Disconnect immediately from any network
  • Inform the ICT unit without delay
  • Turn the Computer off
  • Place a label over the switch and floppy drive/USB port stating that the Portable Device has a virus infection and should not be used
  • Isolate any floppy disks that have been used on that machine.

The ICT Unit has the software and technology available to eradicate any infections.

Physical / hardware security

The user of the Portable Device should always adhere to the following guidelines:

  • Treat the Portable Device as if it is your own property
  • The Portable Device must be securely locked away when not in use. If storage facilities are not available for the Portable Computer then, where possible, the Hard Drive should be removed and stored securely
  • Portable Device security is your responsibility at all times. If you have and use a security cable, keep one key with you and the other in a secure separate location
  • Do not leave unattended in a public place
  • Do not leave the in view in the inside of your car. Please lock it away in your car’s boot
  • Avoid leaving within sight of ground floor windows or within easy access of external doors.

If you leave your PC unattended without logging off/locking, you are responsible for any misuse of it while you're away.

ALWAYS check floppy disks / USB flash drives for viruses, even if you think they are clean (contact the ICT Unit to find out how). Computer viruses are capable of destroying NICVA's information resources. It is better to be safe than sorry.

Information about people: If you're recording or obtaining information about individuals make sure you are not breaking Data Protection legislation (If you require further clarification on this issue, contact NICVA’s Information Officer).

Marking equipment / assets register

All of NICVA’s ICT equipment is security marked with sequentially numbered, tamper resistant labels, The Equipment is registered against its corresponding number in an Assets Register Database. This is renewed and updated when equipment is purchased or decommissioned.

Password security

Don't disclose personal system passwords or other security details to other staff, volunteers or external agents and don't use anyone else's login.

A BIOS password (start up password) has been set on the Portable Device, access to the system is not possible without first entering this password. If you have forgotten the password, contact the ICT Unit as soon as possible.

Logging on to the Portable Device; you will be issued with a user name and password details that are required in order to gain access, please do not write these details down or store them with the Portable device, if you have forgotten them, please contact the ICT Unit as soon as possible.

Internet / email policy

The Portable Device has been provided by NICVA for its remote/outreach staff and offsite working. It should be noted that the Internet is an uncontrolled, unmanaged and largely unsupported global network. It is a source of much valuable information not least on the area of the community and voluntary sector, however it is also an unrestricted source of much legal and illicit material. Additionally it has a large recreational attraction.

Please see the NICVA’s AUP on Internet and Email usage. (See Section on Email policy & Section on Internet policy of the AUP)

Maintenance

  • Please do not drop or bump your Portable Device
  • Please do not place heavy objects on the case
  • Please do not touch the screen with any sharp objects
  • Take care of network cables as the connectors can be easily broken
  • Always turn off your Portable Device before storing it in its carry case
  • Avoid subjecting the Portable Device to extremes of temperature, i.e. leaving it in your car during hot days or cold nights
  • Please keep all liquids away from your Portable Device.

Maintenance is controlled by ICT Unit in conjunction with 3rd party support/vendors where/if required. Where 3rd party support if required, staff will be kept informed of progress and work required.

Backup

The information on NICVA’s ICT systems are backed up on a daily basis, at the end of each week a ‘weekly’ system backup is made and those Tapes (backup media) are stored in a fire proof safe. It is imperative that you do not store important work-related information on the local C: drive of the Portable Device, it will not be backed up and is therefore at risk. (see section on Transfer and storage on the NICVA network).

Losses and confidentiality / security breaches

All incidents that constitute a Loss of Hardware or Data, which could potentially lead to a breach of patient confidentiality, are to be reported directly to the ICT Unit. The Systems Administrator will instigate investigation procedures to try and establish the nature and potential threat of the incident.

Incidents could involve:

  • Loss of Hardware
  • Loss of Software/Data
  • Virus attack
  • Unauthorised access
  • Misuse of System/Privileges
  • Illegal software download

Portable Devices Details

  • Make:
  • Asset Number:
  • Model:
  • Serial Number:
  • Additional Hardware (HDD etc.):
  • Additional Serial Numbers:

Other

AUP Review

The AUP will be reviewed annually by the ICT Unit. Following review, update and consultation with Human Resources, the agreed AUP shall be submitted to the head of Human Resources and ICT for approval.

Contacts

NICVA ICT Contacts
NameJob TitleExtentionEmail
Stephen GrayHead of Information Management220[email protected]
Alex McGimpseyHuman Resources Manager215[email protected]
Ian KellySystems Administrator219[email protected]

 

 

Note 1

  • In-house software: This is software written by staff or volunteers using NICVA’s equipment. It is NICVA's property and must not be used for any external purpose. Software developers (and students/volunteers) employed at NICVA are permitted to take a small ‘portfolio’ of such in-house software source code/executables, which they may have developed, for use in subsequent work, subject to agreement with the Head of Information Management.

Note 2

  • Public domain software or Freeware/Shareware: This is software that is available free of charge, usually by downloading from the internet.

Note 3

  • Personal Data: As a guideline, keep your personal data down to 1MB. Ten emails require 0.15MB on average (depends a lot on whether they have attachments). A 10-page word processed document requires about 0.1MB. Screen saver images require much more disc space and vary greatly - some may be as large as 2MB.
We share NICVA’s policies to assist organisations in drafting their own. However, our policies are relevant to NICVA and are not samples. They should not be replicated, but may be used for reference purposes, in conjunction with other guidance available. NICVA cannot accept any claims arising from error or misinterpretation.
alex.hastings@nicva.org's picture
by Alex Hastings

Human Resources Manager

[email protected]

Page Status

Content under review

Read more on...

HR

Not a NICVA member yet?

Save time, money and energy. Join NICVA and you’ll be connecting in to a strong network of local organisations focused on voluntary and community activity.

Join Us

NICVA now welcomes all small groups for free.