Securing Technology

AFC's computer hardware and software applications are powerful tools that must be handled properly. Private use of these tools is prohibited.

Hardware

AFC® hardware includes all business computing components such as workstations, networks, telecommunications (voice and data), portable computers and peripherals.

AFC policy:

Any private use of AFC technology resources or data is prohibited. Only appropriate business use is acceptable.

Software

AFC licenses the use of computer software programs under agreements with strict duplication controls. We do not have the right to reproduce software except as authorized by the developer.

AFC policy:

Employees may not duplicate commercial computer software, except for backup or archival purposes or as permitted by the developer.

As a result:

  • We require a license for each user.
  • We authorize only one backup copy of each program disk.
  • An employee must have approval from a supervisor or the AFC IT department before removing any system disks from AFC premises.
  • Employees may only provide software to others when licensing provisions allow.
  • Since free and unwarranted software is particularly vulnerable to viruses, employees may not download, copy or use "shareware"- including bitmap pictures, screen savers and software/files available on computer bulletin boards - on any AFC hardware without advance written permission of the AFC IT Department .

For more information:
Intellectual Property
AFC Business Computing Policy

E-mail

In order to provide a means of fast and efficient business communication, AFC has implemented an electronic mail system.

AFC policy:

All e-mail communications are considered AFC property and shall be used for appropriate AFC business use only.

As a result:

  • Your e-mail communications are not private. The Company has the right to access your e-mail communications at any time.
  • E-mail is to be used for AFC business use only.
  • Because its security cannot be guaranteed, do not use e-mail to send sensitive or confidential information.

For more information:
AFC Business Computing Policy

Access and Security

AFC policy:

Passwords and access information must be kept confidential.

Every employee is responsible for reducing the possibility and consequences of the theft of personal AFC computing resources and devices (e.g., desktops, laptops, and similar devices), related materials such as diskettes and printed output, and the information they contain.

No matter where these assets are kept - in an office or home office, at a client location, or in a hotel, plane or car, etc., employees are responsible for protecting them appropriately.

As a result:

  • System access is granted on a need-to-know basis.
  • Screen savers should require a password.
  • Users should not share or disclose access information to anyone, including other AFC employees, unless appropriate business situations require it. Access information includes passwords, IDs, dial-up numbers, long-distance codes, etc.
  • Users should not access the system to grant access to someone else.
  • Users are required to change their passwords every 179 days.
  • Users are cautioned not to connect dial-up modems to workstations that are simultaneously connected to a local area network (LAN) for security reasons.
  • Keyed or coded locks can be provided for keyboards or hard-drives for computers that house sensitive and/or critical data.
  • All critical files should be located in at least two places (e.g., hard drive, network, and/or diskette).
  • Users must promptly notify the AFC IT Department of any security breaches or other incidents.