Sample Policy
The following IPRO sample policy covers all aspects of email usage within an organization.
This policy applies to all employees and associates of IPRO and encompasses electronic messaging systems owned and supported by the company, instant messaging and Email capable mobile devices or smart phones. Combined, these elements are commonly referred to in this Policy as the Email System.
The purpose of this Policy is to ensure the proper use of our Email System and make users aware of what constitutes acceptable and unacceptable use. IPRO may amend this policy from time to time – you will be informed of any changes.
Failure to comply with this Policy may result in disciplinary action or sanctions and possibly the termination of your employment. You agree to abide by this Policy from the day you start your employment or association with IPRO.
Reply to emailpolicy@company.com, confirming that you have read and understood the contents. A copy of your email will be preserved as an official record.
Your Email account requires a username and confidential password. All users will maintain the security of their accounts by password protecting those accounts with secure passwords (minimum of 8 characters, alpha + numeric combination).
Do not share this information with anyone else at any time – you are responsible for the security of your account. IT Services will never require you to provide your Email username or password over the phone. All messages sent from your account will be deemed to have been created by you. If you believe that your Email account has been improperly accessed or tampered with, you must immediately advise IT Services (email address).
You should protect e-mail messages, files, and records from unauthorized release to third parties. Suspicious demands for messages should be reported to IT Services
Email messages sent to the outside world can be read by anyone monitoring our network or the intended recipient’s network. You should not use Email to transmit sensitive or confidential information unless it is encrypted or in a password protected file.
If you own a mobile device or smart phone with email capabilities, it must have both power-on and idle timeout passwords enabled. If you use the device to access the company network or servers, you must not install unauthorized applications or alter security settings as these represent potential security risks. You must immediately notify IT Services in the event of the loss or theft of your device.
IPRO does not allow the use of Email services such as Hotmail, Yahoo or Gmail to conduct company business. These web sites may be blocked from access.
The Email System allows delivery of messages both within the organization and to/from the Internet. This may include the use of proxy servers, forwarding rules, filters, gateways that may affect the delivery of certain messages to your account. Email message delivery to users outside the organization is not tracked and cannot be guaranteed.
We provide the Email System for the express purpose of facilitating the business of the organization.
Do NOT use it to:
- Send any content of inappropriate or discriminatory nature, even as a joke.
- Send nuisance messages such as chain letters.
- Distribute messages or files not related to company business.
Individuals using the Email System for personal use understand that the privacy and confidentiality policies outlined in this document apply to ALL messages. Any message is subject to review if stored on the company Email System.
Email messages sent to recipients outside of the company are may be intercepted and reviewed by software or services operating on the recipient’s Email Servers. This may be conducted without our knowledge or permission.
We scan the content of every email message that passes through our servers (inbound or outbound) based on predetermined criteria. If the message does not pass the criteria it will not be delivered.
Email message body and attachments are scanned for content that may contain specific words or expressions that are deemed inappropriate or represent a risk for the company. You will be notified if a message was not delivered and a copy of this message may be sent to the System Administrator for further review.
We restrict the receipt of virtually all executable files. These include but are not limited to files with extensions *.exe, *.com, *.bat, *.scr file types. All outbound excel spreadsheets will be blocked to avoid accidental transmission of sensitive financial data. All outgoing and incoming emails will be restricted to a maximum size of 50MB, to send files larger than this, you must use FTP. If your role requires that you be allowed to send or receive attachments that could be blocked, speak to your Manager or to IT Services.
All email or electronic messages stored on or created on the Email System is the property of IPRO and therefore are subject to retention. Mechanisms within the System guarantee 100% retention of all messages. These mechanisms do not allow the removal of any message or attachment from the Email System until a copy has been obtained and stored in the Archive.
The Company will retain all messages for a period of 7 years. Messages deemed transient or non-relevant, which you have stored in a designated folder will be purged from the archive after 1 year. However, messages may be retained for longer periods at the sole discretion of the company.
Contents of this archive are indexed and searchable. Like other forms of records, messages in the archive may be made public as part of internal audits, judicial or other public disclosure proceedings.
Personal archive folders are not supported and all personal archiving functions have been deactivated. All archived messages will be stored and accessed through the corporate archival system only. While backups of the Email System are conducted daily, these are considered “disaster recovery” only and not official message retention.
Automated destruction routines are run on a regular basis - archived messages will be destroyed at the term of their retention period in manner commensurate with proper disposal methodologies.
The following guidelines should be observed when composing or sending messages:
Avoid using all CAPS IN YOUR MESSAGES. This is regarded as shouting and can be considered angry or rude communication. Be aware that emotions do not translate well in written form. Avoid any Internet chat abbreviations as many people will not understand.
Write well structured emails with an intuitive subject line, good sentence structure and no spelling mistakes.
Avoid replying to ALL when you are CCed or BCCed on a message. Being carbon copied is to keep you in the loop, if you were meant to be part of the discussion you would have been a primary recipient.
Avoid sending high priority messages unless truly urgent and important. You should not use distribution lists or message broadcasts except for making appropriate announcements.
Think before you send; messages composed too hastily or in anger can trigger terse arguments or bad feelings. Be aware that every message you send outside the company represents the company and that every message you send to your coworkers represents you.