One Planet Group Internet Acceptable Use Policy

Overview & Objective

One Planet Group (OPG) uses a wide array of information technology (IT) devices, tools, programs, and systems that enable our teams to perform their jobs effectively and efficiently. While we recognize the extensive value these resources add to our daily work, we also appreciate the associated risk these tools have the potential of introducing to the safety and security of both our systems and teams.

OPG makes every effort to create and maintain robust technological security defenses and features to keep our teams and IT systems safe and secure. Our best defense, in addition to implementing savvy and protective IT solutions, is to empower our people. Our goal is to provide our teams with timely and relevant policies and procedures that inspire discretion and good decision making, and work to protect the security, safety and integrity of our IT systems and servers.

The Internet Acceptable Use Policy is designed to provide comprehensive guidance to team members regarding appropriate internet usage and to describe the security features OPG utilizes. We recognize that while the use of company equipment and systems is primarily designed to perform job-related-duties, sensible personal use of these tools is also expected and permitted. The intention of this policy is not to restrict access to websites of choice, but rather to ensure that all users exercise good judgment to lessen the potential of risk.

Scope

The policies and procedures included herein apply to all One Planet Group (and subsidiaries) users (including full-time and part-time employees, contractors, volunteers, guests, vendors, and partners) who access our networks, systems, and devices, whether it be inside an established office location, or remotely. It is the user’s responsibility to read and understand this policy and to conduct their activities in accordance with its terms.

Privacy Statement

All technology provided by OPG and its subsidiaries, including computer systems, communication networks, company-related records and other information stored electronically, is the property of OPG. The company reserves the right to examine, monitor, and regulate e-mail and other electronic communications, directories, files and all other content, including Internet use, transmitted by or stored in its technology systems, whether onsite or offsite. The company also reserves the right to install security and device management tools on company-owned work devices. While users should feel confident in using the internet while on OPG’s networks, they should not expect privacy when using company tools and systems. The complete privacy policy can be accessed here.

Compliance

This policy shall take effect upon publication. Compliance is expected with all enterprise policies and standards. Policies and standards may be amended at any time.
If compliance with this standard is not feasible or technically possible, or if deviation from this policy is necessary to support a business function, entities can request an exception by contacting IT@oneplanetstudios.com.

Acceptable Use Guidelines

What is appropriate internet usage?

Users are advised to use our company’s internet connection for the following reasons:

• To complete their job duties.
• To seek out information that they can use to improve their work.
• To access websites for limited personal use, while conforming to expectations as included in this document.

Users should:

• Keep their passwords private and secure at all times.
• Log into their corporate accounts only from safe devices.
• Use strong passwords to log into work-related websites and services.

What is inappropriate internet usage?

Users should not use our network to:

• Download or upload obscene, offensive, or illegal material.
• Send confidential information to unauthorized recipients.
• Invade another person’s privacy and sensitive information.
• Download or upload movies, music, and other copyrighted material and software.
• Visit potentially dangerous websites that can compromise the safety of our network and computers.
• Perform unauthorized or illegal actions, like hacking, fraud, buying/selling illegal goods and more.
• Communicate with other users, customers, vendors, or partners in a manner that may be deemed inappropriate or offensive.

We also advise users to be careful when downloading and opening/executing files and software. If they’re unsure if a file is safe, they should email it@oneplanetstudios.com.
Our company may install anti-virus and disk encryption software on our company computers. Users may not deactivate or configure settings and firewalls without approval.
OPG will not assume responsibility if users’ devices are infected by malicious software, or if their personal data are compromised because of inappropriate use.

Company-issued equipment

We expect our users to respect and protect our company’s equipment. “Company equipment” in this policy includes company-issued phones, laptops, tablets, and any other electronic equipment that belongs to One Planet Group.
We advise users to take appropriate measures to safely and securely store devices when not in use and remind users that they are solely responsible for their equipment whenever they take it out of their office/home office.

Email

Users can use their corporate email accounts for both work-related and personal purposes as long as they don’t violate this policy’s guidelines. Users shouldn’t use their corporate email to:

• Register to illegal, unsafe, disreputable or suspect websites and services.
• Send obscene, offensive, or discriminatory messages and content.
• Send unauthorized advertisements or solicitation emails.
• Sign up for a competitor’s services unless authorized.

We also advise users to exercise caution when opening emails, attachments, and/or clicking on links that originate from unknown or suspicious recipients. In addition, confidential information, including banking information should never be shared or changed in a company system via an email request. If suspicious or malicious activity is suspected from email communication, users should contact it@oneplanetstudios.com.

OPG reserves the right to monitor corporate emails and websites visited on our devices to protect our IT systems from safety and security threats.

Internet usage restrictions

In an effort to ensure the safety and security of our teams, IT tools, and systems, OPG and its subsidiaries take appropriate measures to inspect, restrict, and/or block web traffic on its company owned-devices and networks.

Some of the benefits from traffic inspection include:

• Preventing data breaches by finding hidden malware and stopping hackers from sneaking past our network security defense.
• Enabling us to sniff out malicious requests in encrypted internet communication between users and the internet.
• The support of a multilayered defense strategy that keeps the entire organization secure.

While the intent of OPG is not to monitor user IT activity at the individual level, users should understand that a variety of technological solutions are implemented to inspect, restrict and guide safe and secure usage of our internet traffic to avoid our networks and systems from becoming compromised. Inspection of traffic is critically important as the vast majority of internet traffic is encrypted, including malicious content.

Website Categories Susceptible to Monitoring, Filtering & Restriction

It is well recognized that specific categories of websites carry a higher degree of risk in introducing malicious content into our systems and networks. These categories may change over time, and our IT teams work diligently to remain up to date with trends and take relevant action to keep our teams and resources safe and secure. Some of these measures include the inspection and filtering of outgoing and incoming traffic, the blockage of specific categories of sites, and the suspension or blockage of access to sites or materials that originate from geographical regions that are known to introduce risk.

While not exhaustive, some examples of categories that are identified as high-risk include and may be subject to filtering and blocking include those that pertain to:

• Mature, profane, or pornographic materials
• Illicit substances
• Gambling and/or gaming
• Hate, violence, and/or extremism

User Notifications

OPG and its subsidiaries have implemented mechanisms to notify users of potential risk by blocking access to some websites, and/or creating pop-up features that indicate that a site may either not be suitable or safe for browsing as defined by our Acceptable Use Policy (AUP). As users navigate the internet, be it for work-related or limited personal use, they should expect to encounter notifications that alert them about permitted access to websites. 
While the vast majority of websites we use on a daily basis are safe to browse, users may attempt to access sites that have been categorized as high-risk, but accessible. Should this occur, users should expect to encounter pop-up notifications advising of the security risk and recommendations on how to proceed with caution. Websites that have been deemed as unsafe under the AUP will be blocked and users can expect to be advised that they are not permitted to access the site on company devices or networks. 
OPG recognizes that filtering tools are not perfect. If a user experiences the restriction or blockage of websites that are required to perform work duties, they should contact it@oneplanetstudios.com.

Enforcement

Users are required to adhere to these Security Policies and Procedures. Should a user violate any element of this policy they could be subject to disciplinary action, up to and including termination. Serious violations can lead not only to disciplinary action, including termination, but also could result in legal ramifications. Users should be aware of this possibility when communicating electronically within and outside the company. Examples of serious violations include:

• Using our internet connection to steal or engage in other illegal activities.
• Causing our computers to be infected by viruses, worms, or other malicious software.
• Sending offensive or inappropriate emails to our customers, users, vendors and/or partners.

Users should follow Internal and external email, voice mail, text messages and other electronic communications are considered business records and may be subject to discovery in the event of litigation.

Contacts

Comments, Questions, or Concerns?
To ensure that our IT Security Policies and Procedures are implemented fairly and transparently, the company has appointed internal representatives for our users. If you have any questions about these policies and procedures, or need support please contact one of the below entities.

• IT - it@oneplanetstudios.com
• People - HR@oneplanetgroup.com
• Legal - legal@oneplanetstudios.com

Version history - Last updated March 2023