Scribd
Upload
70 views12 pages

Deriv Group Portable Computing Device Policy

This document outlines Deriv Group's portable computing device policy. It defines portable computing devices as laptops from Microsoft and Apple platforms. The policy applies to all Deriv Group subsidiaries and employees/contractors issued a portable device. It provides guidelines for appropriate use, controls against unauthorized use, reporting lost/stolen devices, and an acknowledgement form. Users must use devices for work purposes only and take precautions to prevent theft/damage.

Uploaded by

mojtaba
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
70 views12 pages

Deriv Group Portable Computing Device Policy

This document outlines Deriv Group's portable computing device policy. It defines portable computing devices as laptops from Microsoft and Apple platforms. The policy applies to all Deriv Group subsidiaries and employees/contractors issued a portable device. It provides guidelines for appropriate use, controls against unauthorized use, reporting lost/stolen devices, and an acknowledgement form. Users must use devices for work purposes only and take precautions to prevent theft/damage.

Uploaded by

mojtaba
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Deriv Group

Portable Computing Device Policy


Document Changes
Version Control Data
Version BOD Approval
Changes Date Preparer/Reviewer
Number Date

1.0 Drafting of Employee PCD Policy 9-Dec-16 Francesca


This policy shall supersede the Portable Computing
Device Policy issued by each individual subsidiary of
2.0 the Deriv Group of companies, restructuring of 1-Aug-23 Alwin/Edwin
sections, addition of section 1.3, updated fields on
Acknowledgement Form

1
Portable Computing Device Policy
Table of contents

1. Introduction 3

1.1. Purpose 3

1.2. Definition 3

1.3. Application 3

2. Appropriate Use 4

2.1. General guidelines 4

2.2. Controls against unauthorized use 5

2.3. Inappropriate material 5

2.4. Virus and malware protection 6

3. Usage of device outside office premises 7

4. Reporting loss/theft/damage of device 8

5. Annexure - Acknowledgement Form 9

2
Portable Computing Device Policy
1. Introduction
1.1. Purpose

The purpose of this document is to outline and establish general guidelines on the
utilization and storage of portable computing devices allocated by Deriv to its
employees or any independent contractor(s) it engages (hereinafter collectively
referred to as “the users(s)”). This is intended to minimize Deriv's exposure to
information security risk as well as increasing the user's personal safety and
safeguard of Deriv's hardware investment.

1.2. Definition

The term ‘portable computing device’ or “PCD” shall mean and be inclusive of all
laptops, including, but not limited to, the Microsoft Windows and Apple Macintosh
platforms.

1.3. Application

This policy applies to Deriv Group SEZC and shall be adopted by all subsidiaries
within the Deriv Group of companies and applies to any and all employee, staff or
independent contractor assigned a portable computing device by any subsidiary
within the Deriv Group of companies. Any reference to “Deriv” is with reference to
the company employing the user or engaging the services of the user. It shall be
binding on the user upon the signing and acknowledgement of the form annexed
hereto (provided during onboarding).

It is mandatory for all users to read, understand and comply with this policy.

The policy is subject to change from time to time as circumstances dictate, and all
changes will be effectively communicated to all users.

3
Portable Computing Device Policy
2. Appropriate Use
Users should always keep in mind that the PCD assigned remains the property of
Deriv, thus, the PCD should be used for work purposes and not for personal use.
Thus, all users are discouraged from installing any personal software on the PCD.
Additionally, users should not lend it to anyone or otherwise permit use by anyone
else.

2.1. General guidelines

It is the users’ responsibility to keep their assigned PCD(s) secure and protected at
all times. Due care should be taken in the handling, transportation and usage of the
PCD(s). All users are expected to take all necessary measures and precautions to
prevent the loss, theft, damage and/or unauthorized use of their respective PCD and
shall include the following:

● Keep the PCD in a locked and secured environment when not in use.
● Avoid keeping the PCD for prolonged periods of time in a vehicle; especially in
extreme temperatures.
● Keep food and drinks away from the PCD.
● Do not leave the PCD unattended at any time in an unsecured location.
● Avoid creating a trip hazard when plugging in the PCD for power.
● Operating the PCD on a hard surface, preferably one that allows ventilation.
● Unplug any accessories whenever the PCD is not in use, as it uses power
unnecessarily and can cause overheating.

As a general rule, the user should always keep PCD in his/her possession and within
sight whenever possible, just as if it were one’s own wallet, handbag or mobile
phone. Be extra careful in public places such as airports, railway stations or
restaurants. It takes thieves just a fraction of a second to steal an unattended laptop.

4
Portable Computing Device Policy
2.2. Controls against unauthorized use

● Never leave a laptop logged on to networks, email systems and websites.


● Only visit websites you know and trust and only connect to approved or known
wireless networks.
● If the internet the user is connected to is delivered through digital subscriber
line (DSL), cable or satellite, the user should verify that the internet service
provider (ISP) provides firewall protection.
● Choosing a password that is unique to the data-encryption key; make it long,
random and complicated to guess, never tick ‘remember me’ when visiting
websites and always use LastPass, Authy and Duo.
● Make sure recommended updates are installed to prevent security breaches
and/or attacks.
● User’s email should be filtered for spam. If any inappropriate material is
received by email, the user should delete it immediately. If persistent, report to
IT Admin.

2.3. Inappropriate material

Deriv does not tolerate inappropriate use of any Deriv property and/or PCD(s). PCD
assigned should strictly be used for work purposes only. Any offensive,
pornographic, racist or abusive content found on any Deriv PCD(s) will warrant
disciplinary proceedings. Serious offenses will be reported as necessary to the police
or enforcement authorities.

5
Portable Computing Device Policy
2.4. Virus and malware protection

Malware is harmful software such as viruses and spyware. Malware on device(s)


could be spread to the wider group network or risk the security of the data on the
user’s PCD. It is important that no malware should be allowed on Deriv’s PCD(s).

Deriv provides all laptop users with pre-installed antivirus software. All users are
required to know how to access and use this software. No email attachments should
be opened unless they were expected and from a trusted source. Email attachments
are the number-one malware risk.

6
Portable Computing Device Policy
3. Usage of device outside office premises
In circumstances where any users are required to address work through Deriv-
assigned PCD outside of office premises, the following guidelines should be adhered
to:

● Make sure that the laptop is shut down before placing it into the carrying bag.

● Choose an ordinary looking briefcase or non-traditional laptop carry bag, perhaps


a backpack type, as bags that obviously contain computers are an easily
identifiable target for the casual thief.

● Be aware of your surroundings. Ensure you are not exposing yourself or the
laptop to opportunistic theft.

● Do not use your laptop while traveling unless necessary. Even then, consider the
location you choose with care. Ensure you are not easily overlooked and never
open documents or communications that are of a commercial or sensitive nature
while in a public place.

● Always store inside your home, never leave in the car, and keep where it cannot
be easily seen from outside.

● Avoid leaving laptops in hotel rooms. Use the hotel safe and get a receipt if
necessary.

7
Portable Computing Device Policy
4. Reporting loss/theft/damage of device
In the unfortunate event where a PCD is damaged, lost or stolen, the incident must
be reported immediately to the respective user’s Head of Department and the IT
team.

8
Portable Computing Device Policy
5. Annexure - Acknowledgement Form

Department:

Laptop Make:

Laptop Model:

Serial Number:

Accessories:

Battery Charger ロ

Mouse ロ

Carrying Case ロ

USB ロ

Yubikey ロ

Other (please indicate)

I have read and understood the Portable Computing Device policy and agree to fully comply
with the procedures. I acknowledge that while I am working for
________________________________________________________, I will take proper
care of all company device(s) that I am entrusted with. I further understand that upon
termination, I will return all company device(s) back to Deriv and that the company device(s)
will be returned in proper working order. I understand I may be held financially responsible
for damaged company device(s). This agreement includes, but is not limited to any PCDs
allocated by Deriv. Additionally, I understand that failure to return any PCD will be
considered theft and may lead to criminal prosecution by Deriv.

9
Portable Computing Device Policy
Name of Recipient: Name of Issuer:

Signature: Signature:

Date: Date:

10
Portable Computing Device Policy
Evaluate and assess all risks of loss from the services it provides.

Risk
Crime Scenario
Low Medium Very High
Case occurred more than 10 years ago X
Case more than 3 years X
Case occurred in last 3 years X

11
Portable Computing Device Policy

You might also like