This Equipment and IT Usage Policy covers the security and use of TDCX Information and IT equipment. For avoidance of doubt, the term (“Equipment”) refers to, but is not limited to, the computers, software, network, Internet, telephones, headsets, e-mails, fax machines, printers, photocopiers and any other electronic device that has been provided to you for your work.
This Policy applies to all employees and other persons who have access to the Equipment, Internet and any of its related services. Internet related services include, but are not limited to, services provided with the TCP/IP protocol, including but not limited to e-mail, File Transfer Protocol (FTP) and World Wide Web (WWW) access.
The Equipment represents investments made by TDCX to conduct its business and to provide employees with all the necessary tools to do their jobs.
Access to any of the Equipment including the Internet through the TDCX network is a privilege. Employees granted this privilege must adhere to strict guidelines concerning the appropriate use of the Equipment and the Internet as an information resource. Any employee who violates the provisions outlined in this document may be subject to disciplinary action up to and including termination. TDCX may also take civil action and/or report the matter to the relevant authorities. If there is a conviction for a criminal or administrative offence, TDCX may terminate the employment contract of the employee.
1.0 ACCEPTABLE USE
1.1 Access to and use of the Equipment is strictly limited to activities in direct support of official TDCX business.
1.2 In addition to access in support of specific work-related duties, the Equipment may be used for educational and research purposes in support of its business.
1.3 he employee may consult their supervisor for additional guidance on what constitutes acceptable use. Management or supervisory personnel may consult the Information Technology Department (IT) for any clarification on these guidelines.
1.4
Access to the network or connecting of personal devices to the Equipment will only be permitted with explicit approval from your head of department and from IT.
2.0
2.1
The Equipment may not be used for any illegal or unlawful purpose. Examples of this are the use of the Internet or e-mail for transmission of personal data, violent, threatening, defrauding, pornographic, obscene or otherwise illegal, unlawful or scandalous materials.
2.2
Use of the Equipment will be for the conducting of TDCX business. These services shall not be used to harass, intimidate or otherwise annoy any individual or entity.
2.3
The Equipment will not be used for private, recreational or other non-TDCX related activity.
2.4
The Equipment will not be used for commercial or political purposes.
2.5
The Equipment will not be used for personal gain such as selling access of a user login.
2.6
Employees will not attempt to circumvent or subvert security measures on the Equipment, or any other system connected to or accessible through the Internet.
2.7
The network or the Internet will not be used for interception of network traffic for any purpose unless engaged in authorized network administration.
2.8
Employees will not make or use illegal copies of copyrighted material, store such copies on the Equipment, or transmit these copies over the TDCX network.
3.0
3.1
Employees will communicate through TDCX e-mail and messaging services in a professional manner. The use of vulgar, obscene, derogatory, abusive or scandalous language is prohibited.
3.2
Employees will not reveal private or personal information without explicit approval from TDCX management.
3.3
Employees may send e-mail messages only to parties with a specific need to know. The sending of e-mails to more than 20 addressees per broadcast or messages with file attachments exceeding 5 megabytes per message should be avoided unless necessary.
3.4
Messages transmitted through the TDCX e-mail system or network infrastructure are the property of TDCX and are therefore subject to inspection by TDCX.
3.5
Employees will not use the infrastructure provided to obtain, send or forward information that is confidential or restricted.
3.6
Employees will not unlawfully forward or copy messages without permission as this may constitute breach of trust and/or breach of the employees’ confidentiality obligations to TDCX and/or to TDCX’s clients.
3.7
Employees will ensure that attachment sent via e-mail or via the Internet is clean of malware or viruses.
3.8
Employees will not use their e-mail accounts to send unsolicited e-mails whether repeatedly or not.
3.9
No forms of media files will be sent/ received unless specifically approved.
3.10
E-mail signatures in the following format is mandatory for all outgoing e-mails to external parties. Please use the E-mail Signature Generator. This link is only accessible from the office networks.
4.0
4.1
Removable media is a well-known source of malware infection and has been directly tied to the loss of sensitive information in many organizations.
4.2
Removable media refers to any type of storage device that can be removed from a computer while it is running. Examples include CDs, DVDs, USB drives, floppy disks, memory cards, external hard disks.
4.3
Use of removable media is only granted to managerial level staff and team leaders who have been allocated laptops for work. Other employees will not use removable media unless where prior approval is obtained.
4.4
Use of removable media is STRICTLY PROHIBITED on Equipment allocated for operations on call floors.
4.5
To prevent abuse, USB ports on employees’ computers have been disabled unless permission to use such devices have been granted.
4.6
Any other exceptions required may be granted in writing on a case-by-case basis by the Head of Department and the IT Manager upon written application.
5.0
5.1
Employees who identify or perceive an actual or suspected security problem will immediately contact the IT department.
5.2
Employees will not reveal account passwords or allow another person to use their account. Similarly, employees will not use the account of another employee.
5.3
TDCX may revoke access to the Equipment for any employee who is identified as a security risk by TDCX at its sole discretion or who has a demonstrated history of security problems.
5.4
All company information is confidential, which is restricted to the internal use only by TDCX employees. As such, any inappropriate use of the unauthorized access to computer data, applications, networks or devices (i.e. any exploit attacks to systems vulnerability, malware attacks, data leakage, using viruses/ransomware or spoofing websites) is defined as a cybercriminal.
6.0
6.1
An employee violating these policies is subject to the loss of any or all privileges of access to TDCX Equipment and any other disciplinary action deemed appropriate by TDCX.