LENET'S ACCEPTABLE USE POLICY(AUP)

Purpose and Scope

This Acceptable Use Policy (AUP) establishes guidelines for using Lenet systems, services, and networks. The purpose of this policy is to protect the security, integrity, and confidentiality of client data and ensure compliance with applicable laws and industry standards. This policy applies to all Lenet members, contractors, consultants, vendors, and other parties who access or use Lenet systems, services, networks, or data.

Policy Statement

Acceptable Use

- Use Lenet systems and resources only for legitimate business purposes.
- Protect client and company data from unauthorized access, disclosure, or misuse.
- Follow all relevant policies, standards, and procedures outlined by Lenet.
- Report security incidents or violations immediately to the appropriate contact (e.g., the SOC team or IT security).

Prohibited Use

- Using the company systems for unlawful, fraudulent, or malicious activities.
- Accessing, sharing, or distributing materials that are offensive, abusive, or violate company policies.
- Avoiding security measures or attempting to compromise network integrity.
- Installing unauthorized software or connecting unauthorized devices to company networks.
- Use of personal computers for work-related tasks.
- Logging into personal computers with @lenet.com email addresses or client email addresses.
- Storing Lenet or client documents on personal devices.

Data Protection and Privacy
- All users must comply with applicable data protection laws, including GDPR, HIPAA, or other relevant regulations.
- Sensitive data must be encrypted when transmitted or stored.
- Access to client or company data should be restricted to those with a legitimate need.

Monitoring and Enforcement

- Lenet reserves the right to monitor system usage to ensure compliance.
- Violations of this policy may result in disciplinary action, up to and including termination of employment or termination of contracts.

Roles and Responsibilities

- SOC Team members: Responsible for monitoring compliance and responding to security incidents.
- Lenet members: Responsible for understanding and adhering to this policy.
- Lenet Management: Responsible for policy enforcement and ensuring users are adequately trained.

Exceptions

Any exceptions to this policy must be documented and approved by Lenet management.

Review and Updates
This policy will be reviewed annually or as necessary to address the changes in business needs, technology, or regulations.

Policy Acknowledgment
All Lenet members, contractors, and third-party entities are required to acknowledge and adhere to this policy.