Email Acceptable Use Policy

This Email Acceptable Use Policy (AUP) applies to all En.Core staff (including temporary staff), visitors, contractors, students and researchers of the institution and to those using the En.Core’s IT resources. This policy should be considered part of the Conditions of Use for Computers and Networks at En.Core. You should also read En.Core’s Information Security Policy.

General Principles

Use of email by En.Core employees is permitted and encouraged where such use is suitable for business purposes and supports the goals and objectives of En.Core and its business units. Email is to be used in a manner that is consistent with the En.Core’s standards of business conduct and as part of the normal execution of an employee’s job responsibility.

(1) En.Core email accounts are to be used for ONLY En.Core business.

(2) En.Core will directly access staff email accounts in the pursuit of an appropriately authorised legal or disciplinary investigation.

(3) Use of email may be subject to monitoring for security and/or network management reasons. Users may also be subject to limitations on their use of such resources.

(4) The distribution of any information through En.Core’s network is subject to the scrutiny of the institution, which reserves the right to determine the suitability of this information.

(5) The use of computing resources is subject to Nigerian law and any illegal use will be dealt with appropriately. For example the Police can have a right of access to recorded data in pursuit of a crime.

(6) Email messages are treated as potential corporate messages of the organisation.

(7) En.Core reserves the right to redirect the email of staff that have left for legitimate business purposes. Users are responsible for ensuring personal emails are stopped.

Unacceptable Use or behaviour:

It is unacceptable to;

(1) Solicit emails that are unrelated to business activities or for personal gain

(2) Send or receive any material that is obscene or defamatory or which is intended to annoy, harass or intimidate another person

(3) Represent personal opinions as those of the company

(4) Upload, download or otherwise transmit commercial software or any copyrighted materials belonging to parties outside of the company, or the company itself

(5) Reveal or publicise confidential or proprietary information which includes, but is not limited to financial information, databases and the information contained therein, computer network access codes, patient information and business relationships

(6) Waste time on non-En.Core business

(7) Delete sent, received and or drafted emails

Users should:

(1) Keep emails brief and use meaningful subject lines

(2) Re-read messages before sending to check for clarity and to make sure that they contain nothing which will embarrass the organisation or make it liable

(3) Understand how to use – and don’t mismanage – CC and BCC: only CC in people that really need to receive the email

(4) Use file compression techniques for large documents or send them using an alternative method

(5) Archive effectively

(6) Don’t overuse the “URGENT” flag as it will lose its value

(7) Never reply to spam

(8) Avoid using email for sensitive or emotional messages or offensive content

(9) Take care in drafting emails, taking into account any form of discrimination, harassment, institution representation, and defamation of Data Protection issues.

(10) Staff Emails are a form of corporate communication and therefore should be drafted with the same care as letters.

(11) Users should be careful when replying to emails previously sent to a group.

(12) Ensure your terminal is locked or logged out when you leave your desk, a malicious user could send messages in your name.

(13) Avoid ‘Mail Storms’ – long discussions sent to a distribution list – consider verbal communication or use a bulletin board.

Monitoring

En.Core accepts that the use of email is an extremely valuable business, research and learning tool. However misuse of such a facility can have a detrimental effect on other users and potentially En.Core’s public profile. As a result;

(1) En.Core maintains the right to access user email accounts in the pursuit of an appropriately authorised investigation

(2) The specific content of any transactions will not be monitored unless there is a suspicion of improper use.

(3) We are obliged to monitor to fulfil our responsibilities with regard to Nigerian law.

(4) Action as deemed appropriate by the Director of Computing Services and, if required, other representatives such as the Director of HR may be taken.

Updated 15th May, 2017