Chapter 3: Internet Access and Media Files |
True Value Company and its subsidiaries and affiliates ("Company") provide employees access to the vast information resources of the Internet with the intention of increasing productivity. While the Internet has the potential to assist employees in performing their job responsibilities faster or smarter, there is justifiable concern that it can also be misused. Such misuse can waste time and potentially violate Company policy as well as state and federal laws. This Internet Access Policy ("Policy") outlines the expectations and limitations of Internet resources.
This Policy and Standard covers all Internet services. Examples of these services include but are not limited to electronic mail (e-mail), World Wide Web (WWW) browsing, transferring files via FTP, participation in news groups, Telnet, etc. This also includes the transfer and storage of music, picture and other media files. Electronic mail via the Internet is covered primarily in Chapter 2 - Electronic Mail.
Authorized Internet users will behave in an ethical, legal and morally responsible fashion while representing the company over the Internet.
- Do not send e-mail so it appears to have come from someone else.
- Do not send unsolicited advertising via e-mail.
- Do not automatically forward Company internal e-mail to an Internet email address.
- Do not send, forward or reply to chain letters.
- Do not use personal e-mail accounts when sending or receiving business correspondence. Use Company sponsored e-mail accounts which are acceptable and secured.
If sensitive True Value information has been lost, or unauthorized use of corporate systems has taken place, users must notify the local site manager immediately. Local management must notify Information Services at World Headquarters immediately.
- Internet access may be immediately terminated corporate wide at the discretion of Information Services management until the extent of the breach can be assessed.
- Internet access privileges may be revoked for individual users at the discretion of Information Services if it is deemed network security is being compromised through that user's account or files.
- Internet access privileges for any person or computer system suspected to be involved in a security breach will be immediately suspended and investigated.
- For security breaches originating internally, Information Services, the Law Department, and Human Resources will be immediately notified for investigative and disciplinary purposes.
Distribution or transmission of negative comments or similar attacks on any person or entity, including True Value competitors, is strictly prohibited.
Authorized Internet users must never publicly disclose sensitive internal True Value information, whether via electronic mail, instant messaging or other network service, including any information that may adversely affect True Value's competitive position, member/vendor relations or public image. Such information includes, but is not limited to, business prospects, marketing plans, product release dates and other similar information.
Definition of Terms Used in this Document
Chat Room - A place on the Internet where people go to "chat" with other people in the room.
Computer virus - A computer virus is a program designed to copy itself into other programs. The virus may also be designed to cause the loss or alteration of data on a computer, or in extreme cases, to completely disable a computer. The virus is activated when the "infected" program is executed on a computer. Other forms of harmful code can act similarly to a computer virus but are not transmitted by copying and executing infected programs. These newer forms of attack are activated by simply viewing a web site that contains maliciously programmed applets or Java Script.
Download - The transfer of information from the Internet to your computer.
Internet - An interconnected system of networks that connects computers around the world via the TCP/IP protocol.
Intranet - A privately maintained computer network that can be accessed only by authorized persons, especially members or employees of the organization that owns it.
Trojan Horse - Like the Trojan horse of mythology, Trojan horse viruses pretend to be one thing when in fact they are something else. Trojan horses are packaged to look like valid programs, such as a game or even a utility like a weather alerting program. While you play the game or the utility runs, the Trojan Horse deletes files, installs malware or otherwise compromises your system.
The Company reserves the right to revise or rescind this policy at any time, for any reason in its sole discretion. This policy is not intended to create or constitute a contract between the Company and its Associates.
Users requesting Internet access must read the Policy and complete all form fields under the General Information section of the Internet Usage Policy Acknowledgment form (See Appendix for Form). The form must be signed by both the user seeking Internet authorization and a supervisor or manager. Signing this form indicates the user and the supervisor or manager have read and understood all relevant policies and standards pertaining to the use of the Internet. The signed form must be forwarded to IT Security Administration at World Headquarters for processing. The IT Security Administrator will provide the user with a logon ID and password. The completed document will then be forwarded to the Human Resources department for inclusion in the user’s personnel file.
Basic Internet access will be provided through approved Corporate Internet gateways at World Headquarters. The objective is to provide a secure computing environment by minimizing the exposure to unauthorized access to company data and systems via the Internet connections. Information Services will monitor all Internet connections for intruders, apply patches to systems within the Internet gateway within two business days of their release and manage and control all Internet connections.
All users are responsible for:
Custodians are responsible for:
Managers are responsible for:
See Chapter 2 for more standards related specifically to E-mail over the Internet.