End User Guidelines 
Document ID : End User Guidelines Ver_1.00
Created on : December 29, 2020
Prepared By : Arya/Shaik
Approved By : Sankar
 End User Guidelines 
Internal 2 of 8
  1. Scope
These guidelines are applicable to all the employees, contractors & third party
personnel at Dynamics.
2. Purpose
To establish guidelines for all employees and end-users of Information Dynamics, to  aid enforce them organization-wide information security.
3. Admin Guidelines
Users should display their own identification cards (Proximity Card) prominently.
Users should use their own Proximity Card to get access to facilities.
In case an forgets to bring their card, Supervisor will ask  respective Manager / Team Leader to come to the Security Gate to in the  issue register for issuing a temporary card to the employee the day. For  more details on the process of issuing temporary access card please refer to  section 3.1.1 in Administration Guidelines.
Users should follow standard operating procedures that are stipulated from time- to time.
Users should proactively handover the keys of the drawer or at the time of  shifting from one another.
Ensure that you are aware of the emergency/fire exits.
4. Computing Guidelines
Users are expected to keep their passwords secure and confidential. your  password to others is explicitly forbidden.
Users should not personally-identifiable information others on their  PC, even though it be convenient to do so.
Users should abide by all applicable Acceptable Use Guidelines.
Users log off Lock PC when leaving for the day.
not use removable media disks except where specifically authorized  by reporting Manager.
Information and data stored on Laptop or portable computers be backed up  regularly.
Only authorized equipments should be outside the Information Dynamics  premises i.e. laptop users must sign an undertaking and for other official  equipment gate pass must be issued.
Do not use any unauthorized software.
Should not unattended diskettes / tapes /papers containing information  classified as confidential.
All critical data/information should stored on shared available at  SAN/NAS boxes.
 End User Guidelines 
Internal 3 of 8
Should not attempt to gain access proper to a computing  system or network.
All users should for version update of signature, if found old  version (older than two days the current date) it should be reported IT  team.
all related issues to the helpdesk
5. Password Usage Guidelines:
Users should not use their user id as password in any form;
Users should not use their first, middle or last name as password, family or pet  names or nicknames;
Password should not be shared with anyone the time required to fulfill  business purpose.
Information easily obtained them e.g. license plate, telephone number, date  of birth, employee or number should not be used as passwords;
All digits or the entire sequence of letter should be used (example:  common character sequences like 1234567, abcdefg) as passwords; and
6. General Guidelines:
Clear Desk and Clear Screen should be maintained.
All documents of confidential should shredded when no longer required.
The document owner authorize or initiate this destruction.
Eatable/drinks should not carried to the workstation.
Music, movies & Games should not be played, on system/Laptop
People roaming the facility without ID cards should be challenged.
Cameras and audio devices should not allowed into the work area.
Server room access is Internal to authorized personnel only users should not  attempt enter such rooms they have not access.
7. IPR, Data Security, Confidentiality & Privacy
Information Dynamics users should be responsible for ensuring the confidentiality and  appropriate use of organizational customer data/information to which they are given  access, ensuring security of the equipment where such information is held or displayed,  and abiding by related privacy rights concerning the use and release of personal  information, as required by law & Information Dynamics policies, including  & Disclosure Agreement.
Copyright law should apply to all forms of information, including electronic  communications, and violations are prohibited. Infringements laws include,  but are not limited to, making unauthorized copies of any copyrighted material (including  software, text, images, audio, and video), and displaying or distributing copyrighted  materials over computer networks without the author's permission except as provided in  limited form by copyright fair use restrictions.
 End User Guidelines 
Internal 4 of 8
8. Acceptable Use
8.1. General Use
Information Dynamics’s should a reasonable  level of privacy to the users for business purposes, users should be aware that  the data they create on the corporate systems’ remains the property of  Information Dynamics.
for exercising good judgment the of  use should be that of the user of the asset. Individual should be  responsible the use of Internet/Intranet systems.
Laptop users should agree to take shared responsibility the security of their  laptop and the it contains as per the and  Operations Management Policy. They need sign a Laptop Undertaking  Form.
For security and network purposes, authorized within  Information Dynamics should monitor equipment; systems network traffic  at any time and review them.
8.1.1.  Security and Proprietary Information
The user interface for information contained on Internet/Intranet/Extranet- related systems and hardcopies should be classified as Confidential, Internal  or Public, as defined by Asset Management Policy 
Authorized users should be responsible for the security of their passwords  and accounts. System and user level passwords should be after a  fixed of time.
All PCs, and workstations should be secured with a password  protection.
Information contained on portable computers is vulnerable, special care  be by their user.
by employees from a Information Dynamics email address should  contain a disclaimer stating that the opinions expressed are strictly their own  necessarily those of Information Dynamics, unless posting is in the  course of business duties.
All hosts by the employee that are to Information  Dynamics Internet/Intranet/Extranet, whether owned by the employee or  Information Dynamics, should be continually approved virus- scanning software with a current virus database.
Employees should take caution while opening e-mail attachments received  from unknown senders, which may contain viruses, e-mail bombs, or Trojan  horse code.
In case an Asset (Laptop, Hardware Equipment, etc) is lost or stolen  appropriate authorities should intimated as the Information Security  Incident Management Policy.
 End User Guidelines 
Internal 5 of 8
Information should not be unattended at Photocopiers, Printers, Fax  machines, etc
The custodian of any of information storage media should be  responsible for the asset as per the Asset Management Policy.
8.2. Unacceptable Use
following activities are, in general, prohibited. Employees may be exempted  from these restrictions during the course of their job responsibilities  (e.g., administration staff may have a need to disable the network access  of a host that host is disrupting production services).
Under no circumstances is an employee of Information Dynamics authorized to  in any activity that is illegal under law while utilizing Information  Dynamics-owned resources.
The below are by no means exhaustive, but attempt to provide a framework  for activities, which fall into the category of unacceptable use.
8.2.1.  System and Network Activities
The following should strictly prohibited, with no exceptions:
Violations of the of any person or company protected by  copyright, trade secret, or other intellectual property, or similar  laws or regulations, including, but not limited to, the installation or  distribution of "pirated" or other software products that are not  for use Information Dynamics.
Unauthorized copying of copyrighted material should be prohibited.  Laptop users should ensure they comply data copyright  requirements.
Exporting software, technical information, encryption software or  technology,   in   violation   of   international   or   regional   export   control   laws,  is illegal and appropriate management should be consulted to  export such material in question.
Introduction of malicious programs into the network or server (e.g.,  viruses, worms, horses, e-mail bombs, etc.). Installation of  unlicensed or malicious software on the laptops.
Revealing account password and allowing use of account by  users. This family and other household  members when work being at home.
Using Information Dynamics computing asset actively engage in  procuring or transmitting material that is in violation of sexual  harassment or hostile workplace laws in the user's local jurisdiction.
 End User Guidelines 
Internal 6 of 8
Making fraudulent offers of products, items, or services originating  from any Information Dynamics account.
Making statements about warranty, or implied, unless it is a  part of normal job duties.
Effecting breaches or disruptions of network communication.  Security breaches include, but are not limited to, accessing of  which the employee is an intended recipient or logging into a  server or account that the employee is not expressly authorized to  access, unless these duties are within the scope of regular duties. For  purposes of this section, "disruption" includes, but is not limited to,  network sniffing, pinged floods, packet spoofing, of service,  and routing information for malicious purposes.
Port scanning or security scanning is expressly prohibited unless  authorized IT Head.
any form of monitoring which will intercept data  not intended for the employee's host, unless activity is a part of the  employee's normal job/duty is prohibited.
Circumventing user or security of any host, network or  account.
Interfering with or denying service to any user other than the  employee's host (for example, denial of service attack).
Using any program/script/command, or sending messages of any kind,  with the intent to interfere with, or disable, a user's terminal session,  via any means, or via the Internet/Intranet/Extranet.
Providing information about, or lists of, Information Dynamics  employees to outside Information Dynamics.
Use of such software/technique which bypass Information Dynamics’s  Group policy.
8.2.2.  Email Communications Activities
The following activities should be strictly prohibited, with no exceptions:
unsolicited messages, including the sending of junk  mail" or other material to individuals who not  specifically request such material ( spam).
Any form of harassment via email, telephone or paging, whether  through language, frequency, size of messages.
Unauthorized use, or forging, of email header information.
Solicitation of email any other email address, other than that of  the poster's account, with the intent to or to replies.
Creating or "chain letters" or other "pyramid" schemes  of type.
Use unsolicited email originating from within Information  Dynamics's networks of other Internet/Intranet/Extranet service 
  User Guidelines 
Internal 7 of 8
providers on behalf of, or to advertise, any service by  Information Dynamics or connected via Information Dynamics's  network.
the same or similar non-business-related messages to large  numbers of Usenet (newsgroup spam).
Usage of phones, fax, or other communication equipments other  operational and functional requirement of business.
Storage of unsolicited email messages in public folders.
9. Information Labeling, Handling & Exchange Guidelines
Guidelines for handling, processing, storing, and communicating consistent  with its classification are:
Handling and labeling of media indicate its classification i.e.  Internal, Confidential or Public
Spooled data awaiting output( Printing or Photocopying) should be protected  to a level consistent with its sensitivity;
The of data should keep to a minimum and be accessible to  authorized persons who require them for business needs.
Distribution list and List of authorized person should be reviewed quarterly.
System documentation should be stored securely.
Sensitive or critical should not left over printing facilities, e.g.  copiers, printers, and facsimile machines, as these may be accessed by  unauthorized personnel;
Automatic forwarding of electronic mail to external mail addresses should not  be allowed;
Messages containing sensitive information should be on mail  these may be replayed by unauthorized persons, stored on communal  systems or stored incorrectly as a result of misdialing;
Media containing sensitive critical information be protected against  unauthorized access, misuse or corruption during transportation beyond an  Information Dynamics’s physical boundaries. Only authorized persons should  carry these media to desired destinations.
Packaging should be sufficient to protect the from physical  likely to transit and in accordance with any  manufacturers’ specifications.
Information should be classified and exchanged according their criticality. 
10.  Public
General information and organizational brochure should be considered as  public.
Information pertaining to Dynamics which is available on www  domain could be accessed by anyone.
Public information should be made available through Internet/E-mails.
 End User Guidelines 
Internal 8 of 8
Hard/Softcopies with no label should be considered as “Public”.
Hard copies the “Public” documents should not be stamped.
11.  Internal
All information of proprietary nature - procedures, work routines,  plans, designs and specifications that define the way in which  Information Dynamics operates should be considered as “Internal”.
Access information labeled “Internal” should be given to authorized  persons with a business need to know and is for circulation within the  organization.
Information/Data should be made available through Intranet/ E-mails  employees and to third party personnel with a business need to know.
Hard copies of “Internal” documents .
Media containing obsolete Internal information/data be destroyed/  formatted. Information asset owner should initiate the disposal.
12.  Confidential
All information Business, financial, Trade secrets, marketing,  operational, technical and customer /client should be as  “Confidential”.
Access to information labeled “Confidential” should given to authorized  persons with a business need to know relevant level of physical and logical  access should be provided.
Confidential Information/Data should be made available through Secure  VPN/ FTP/Email/ file transmission systems.
Media containing “Confidential” information/data which is longer required  should be destroyed/ formatted. Information asset owner should initiate the  disposal.