1. Purpose and Scope
[Company Legal Name] ("Company") provides systems and accounts to enable productive work. This Acceptable Use Policy ("AUP") defines required and prohibited conduct on all Company systems, accounts, devices, networks, and data. It applies to all employees, contractors, interns, and third parties with access.
2. Account and Credential Responsibility
- You are responsible for activity performed under your account
- Do not share passwords, MFA codes, or session tokens — including with IT, support, or colleagues
- Lock or log out of your device when unattended
- Report any suspected account compromise to security immediately
3. Acceptable Use Principles
- Use Company systems for legitimate business purposes; limited personal use is permitted if it does not interfere with work or violate this AUP
- Treat customer data with the same care as your own personal financial data
- Apply least-privilege — request only the access you actually need
- Respect intellectual property and licensing terms
4. Prohibited Activities
The following are strictly prohibited:
- Any unlawful activity, harassment, or discrimination
- Accessing data outside the scope of your role or downloading data to personal storage
- Bypassing or attempting to bypass security controls (MFA, VPN, EDR, DLP, SSO, web filter)
- Installing unauthorised software, hardware, or browser extensions on Company devices
- Connecting unauthorised devices to Company networks
- Pirating software, music, video, or other copyrighted material
- Sending Company confidential data to personal accounts or unapproved third parties
- Cryptocurrency mining or running unauthorised workloads on Company infrastructure
- Sharing customer data on public forums, social media, or with friends and family
5. Email and Messaging
- Use Company email for business correspondence
- Treat external messages as potentially hostile — verify before clicking links or opening attachments
- Report phishing to security@[domain] using the Report Phish button in your mail client
- Do not auto-forward Company email to personal accounts
6. Confidential Information
Customer data, source code, financial records, employee data, security configurations, and unannounced product plans are Confidential Information. Handle per the Data Classification Policy. Confidentiality obligations survive termination.
7. BYOD and Personal Devices
Personal devices may access Company email, chat, and document collaboration only when enrolled in Company MDM with the configured security profile (encryption, screen lock, remote wipe). Personal devices may not access production systems or customer data.
8. AI and GenAI Tool Use
- Only Company-approved AI tools (listed at [AI Tools Register URL]) may be used for work tasks
- Do not paste customer data, source code, secrets, or other Confidential Information into consumer-grade or non-approved AI tools
- Treat all AI-generated content as draft requiring human review for accuracy, IP, and bias
- Disclose AI-generated content where required by customer contract, regulator, or platform terms
9. Monitoring and Privacy
Company may monitor and audit use of its systems, accounts, networks, and data for security, compliance, and operational purposes, consistent with applicable law. You should have no expectation of privacy in business communications conducted on Company systems.
10. Reporting and Enforcement
Report suspected violations, security incidents, or ethical concerns to your manager, People Operations, Security, or via the anonymous reporting channel at [Reporting Channel URL]. Violations may result in disciplinary action up to and including termination, plus civil or criminal liability where applicable.
11. Acknowledgement
I have read, understood, and agree to comply with the Acceptable Use Policy.
Name: _______________________ Signature: _______________________ Date: _______________________
Disclaimer: This template is provided for general informational purposes only and does not constitute legal advice. Customise to your specific facts and have counsel review before execution.