Company Policies
There are six key policies which govern Rake FX's operations and require all crew members to be familiar with and practice while working with the studio.
The policies are:
1. Work From Home (WFH) IT Guidelines and Policy
2. WFH User Management Guidelines
3. Bring Your Own Device (BYOD) Policy
4. IT Security Policy on Email Usage
5. Operations Security Standard 6. Physical Security Policy
These policies are designed to be practical, reasonable and ensure your time at Rake FX is a safe, enjoyable and productive one. If you have any questions about any of the policies, please feel free to bring them to your supervisor.
1. Work From Home (WFH) IT Guidelines and Policy
Purpose
The purpose of this policy is to establish guidelines to ensure a secure and productive work-from-home (WFH) environment.
This policy outlines the standards for accessing company resources, maintaining data security, and ensuring the continuity of work.
1. Home Office Setup
-
Hardware Requirements: Employees must have a computer that meets the company’s minimum specifications, including a reliable internet connection with a minimum speed of 300 Mbps.
-
Software Requirements: Any necessary software (e.g., VPN, project management tools, communication tools) must be installed and configured according to company standards. The IT department will provide assistance with installations when necessary.
-
Ergonomics: Employees are encouraged to maintain an ergonomic workspace to reduce strain and injury.
2. Security and Data Protection
-
VPN Usage: Employees must use the company-provided Virtual Private Network (VPN) to access company resources and ensure secure communication.
-
Antivirus Software: The company may designate specific software for company usage on some or all devices. The company may provide licenses for specific software.
-
Data Encryption: All sensitive data must be stored on encrypted drives. Employees are prohibited from storing company data on unencrypted or personal devices without prior approval.
-
Multi-Factor Authentication (MFA): Employees must enable MFA for accessing company systems, wherre applicable.
-
Regular Updates: Employees must regularly update operating systems, software, and security patches to ensure protection against vulnerabilities.
3. Access Control
-
User Accounts: Employees will be provided with individual user accounts for accessing company systems. Sharing of accounts is strictly prohibited.
-
Access Rights: Access to company systems and data will be granted based on the principle of least privilege, meaning employees will only have access to the information and systems necessary for their role.
-
Password Policy: Employees must adhere to the company’s password policy, which includes using strong, unique passwords and changing them regularly.
4. Communication and Collaboration Tools
-
Company-Approved Tools: Employees must use company-approved tools for communication and collaboration. The use of unapproved tools is not permitted.
-
Data Sharing: Files and data should be shared using secure company platforms. Email or third-party services for transferring files containing sensitive information are not allowed unless explicitly approved by IT.
5. Data Recovery and Incident Reporting
-
Disaster Recovery: In case of hardware failure or data loss, employees must immediately report the incident to the IT department for recovery Assistance.
-
Security Incidents: Any security incidents, including unauthorized access, data breaches, or loss of devices, must be reported to the IT
6. Monitoring and Compliance
-
Monitoring: The company reserves the right to monitor system usage to ensure compliance with this policy. This includes, but is not limited to, monitoring network traffic, email communications, and file access logs.
-
Compliance: Failure to comply with this policy may result in disciplinary action, up to and including termination of employment or contract.
7. Privacy
• Employee Privacy: The company respects employee privacy and will only access personal devices or data when necessary for security or compliance reasons.