Introduction

Marble Box Solutions LLP’s Information Security Policy provides access to information technology (IT) resources and communications networks within a culture of openness, trust, and integrity. In addition, Marble Box Solutions LLP are committed to protect itself and its employees, customers and other stake-holders from unethical, illegal, or damaging actions by individuals using these systems.

Purpose

The purpose of this policy is to outline the ethical and acceptable use of Information Systems at Marble Box Solutions LLP These rules are in place to protect employees i.e., to ensure that the Marble Box Solutions LLP employees have access to reliable, robust IT resources that are safe from unauthorized or malicious use.

Insecure practices and malicious acts expose Marble Box Solutions LLP and individual employees to risks including virus attacks, compromise of network systems and services, and loss of data or confidential information. Security breaches could result in legal action for individuals or the company. In addition, security breaches damage the company’s reputation and could result in loss of services. Other misuses, such as excessive use by an individual, can substantially diminish resources available for other users.

Scope

This policy applies to all employees as well as any other individuals or entities who use information and IT resources at/of Marble Box Solutions LLP. This policy is also applies to all IT resources owned or leased by Marble Box Solutions LLP and to any privately owned equipment connected to the Marble Box Solutions LLP network but is not limited to computer equipment, software, operating systems, storage media, the organizational network, and the internet.

Securing and protecting these significant and costly resources from misuse or malicious activity is the responsibility of those who manage systems as well as those who use them. Effective security is a team effort involving the participation and support of every member of the Marble Box Solutions LLP who accesses and uses IT resources. Therefore, every user of Marble Box Solutions LLP’s IT resources is required to know the policies and to conduct their activities within the scope of the Acceptable Use Policy (AUP), the Marble Box Solutions LLP Information Technology Security policy, and the Policies, Standards, and Guidelines for IT Security. Failure to comply with this policy may result in loss of computing privileges and /or disciplinary action.

‘IT Resources’ includes but not limited to servers, enterprise storage, firewalls, desktop devices, portable and mobile devices, networks including wireless networks, IP phone, IP cam, biometric, video conference device, internet connectivity, internal and external storage devices and peripherals like printers, display board and scanners and the software associated therewith.

Policy Statement

Unless otherwise specified in this policy or use of Marble Box Solutions LLP information technology resources is restricted to purposes related to the company’s mission. Eligible individuals are provided access in order to support their activities related to official business with the company, and other company-sanctioned activities. Individuals may not share with or transfer to others their company accounts including network IDs, passwords, or other access codes that allow them to gain access to company information technology resources.

Incidental personal use of information technology resources must adhere to all applicable company policies. Under no circumstances may incidental personal use involve violations of the law, interfere with the fulfilment of an employee’s company responsibilities, or adversely impact or conflict with activities supporting the mission of the company.