IT POLICY
This document of Sunbrilo Technologies Private Limited (“Company”) serves to outline the policy on the use
and storage of company provided laptops (“Policy”).
Purpose
This policy addresses the actions that must be taken by all Sunbrilo employees who have a company-issued
laptop.This Policy describes the controls necessary to minimize information security and laptop damage risks.
Scope
This Policy and the procedures herein affect all employees who use laptops for official purposes. Employees
are also advised that in addition to the terms and conditions of laptop usage as reflected in this Policy,
employees shall also have to adhere to any terms of their respective employment agreement which mandate or
restrict any action in this regard.
A. Intended Use of Laptops
Laptop shall be the property of the Company at all times and the employee will not have any right or interest
in the said asset except using such asset during the employment or for such duration as may be decided by the
Company. Employee must ensure that the laptop is being used only for official purposes and in the course of
the rightful discharge of their duties and not for generating, transmitting, corresponding any content that is
contrary to Company policies. This may lead to the employee being subject to disciplinary or any other
appropriate action as per Company policies.
B. Laptop Security Controls
All laptops acquired for employees on behalf of the Company shall be deemed to be Company’s property.
Each employee issued with a laptop shall be responsible for the security of that laptop, regardless of whether
the laptop is used in the office, at the employee’s place of residence, or in any other location such as a hotel,
conference room, car or airport. Employee shall ensure security of the laptop in each of the following domains
as per the stated guidelines. Laptops must compulsorily be protected by a username and password.
C. Physical Security & Theft Prevention
Approved by the CEO W.E.F. 1st June 2022 Version: SBHR 1.0
�To ensure physical security of laptops and data therein, all employees are required to undertake the following
actions:
1. The physical security of Company provided laptops is the employee’s personal responsibility. He/she
is therefore required to take all reasonable precautions, be sensible and stay alert to the risks.
2. Keep your laptop in your possession and within sight whenever possible, Be extra careful in public
places such as airports, railway stations or restaurants. It takes thieves just a fraction of a second to
steal an unattended laptop.
3. Never leave the laptop unattended when using it outside the office.
4. Lock the laptop away out of sight when you are not using it, preferably in a strong cupboard, filing
cabinet or safe. This applies at home, in the office or in a hotel.
5. Never leave a laptop visibly unattended in a vehicle. If necessary, lock it out of sight in the trunk or
glove box but it is generally much safer to take it with you.
6. Carry and store the laptop in a padded laptop computer bag or strong briefcase to reduce the chance of
accidental damage.
7. Employees may not take the laptop for repair to any external agency or vendor at any point of time.
8. In case of any failure, employees are required to report the same to the management.
9. In case of the loss of laptop- be it on, or off Company premises, due to negligence of the employee,
the Company may recover the cost of the laptop from the employee. It is the Company’s discretion
to impose further penalties on account of loss of sensitive Company information.
10. If there is damage on account of the above the employee may be liable to pay the damages at cost to
the Company/the same may be deducted from their monthly salary or Full & Final settlement.
11. Company maintains the right to conduct inspections of any computer equipment, including all laptop
it owns or manages without prior notice to the Employee who is at the time the user or custodian of
such computer equipment. Employee will submit the laptop for random audit by Company in order
to check the physical presence as well as the functional usability of the asset.
12. In case of leaving the employment or being terminated for any reason, employee will hand over the
asset to Company in good condition failing which Company is authorized to charge penalty against
the employee.
Approved by the CEO W.E.F. 1st June 2022 Version: SBHR 1.0
�D. Data Security Controls
Employees are expected to ensure the security of the data within their laptops. In this regard you are to adhere
to the following:
1. You are personally accountable for all network and systems access under your user ID, so keep your
password absolutely secret. Never share it with anyone, not even members of your family, friends,
or IT staff.
2. Corporate laptops are provided for official use for authorized employees. Do not loan your laptop or
allow it to be used by others such as family and friends.
3. Avoid leaving your laptop unattended and logged-on. Always shut down, log off or activate a
password-protected screensaver before walking away from the machine.
E. Virus Protection
1. Email attachments are now the number one source of computer viruses. Avoid opening any email
attachment unless you were expecting to receive it from that person.
2. Always virus-scan any files downloaded to your computer from any source (CD/DVD, USB hard
disks and memory sticks, network files, email attachments or files from the Internet). Virus scans
normally happen automatically if your virus definitions are up to date, but you can also initiate
manual scans if you wish to be certain.
3. Report any security incidents (such as virus infections) promptly to the IT Help in order to minimize
the damage
4. Respond immediately to any virus warning message on your computer, or if you suspect a virus (e.g.
by unusual file activity) by contacting the IT Help. Do not forward any files or upload data onto the
network if you suspect your PC might be infected.
F. Data Backups
1. You will be personally responsible for storing your data in one drive.
2. Remember, if the laptop is stolen, lost or damaged, or if it simply malfunctions, it may be impossible
to retrieve any of the data from the laptop.
Approved by the CEO W.E.F. 1st June 2022 Version: SBHR 1.0
�G. Use of Unauthorized Software /Content
1. Employees are required to ensure that they do not download, install or use unauthorized software
programs. Unauthorized software could introduce serious security vulnerabilities into the Company
networks as well as affecting the working of your laptop. Software packages that permit the
computer to be ‘remote controlled’ (e.g. PCAnywhere) and ‘hacking tools’ (e.g. network sniffers and
password crackers) are explicitly forbidden on Company equipment unless they have been explicitly
pre-authorized by Company management for furtherance of legitimate business purposes of the
Company.
2. All software or other programs that are downloaded onto the Company provided laptop, whether or
not they are so downloaded in accordance with the business needs of the Company, or the directions
of the Company management in this regard, shall immediately become the sole and exclusive
property of the Company, and henceforth can only be used in accordance with the directions of the
Company in this regard. Further, any programs or software that were pre-installed at the time of the
possession of the laptop being handed over to the Company, cannot be altered or removed, whether
permanently or temporarily, in any manner whatsoever save and otherwise than in accordance with
the directions of the Company in this regard.
3. The employee shall not install any unauthorized accessories/software like messengers, chatting
software or any malicious software, which may cause problems to the functioning of the Laptop and
strictly adhere to Company’s software.
4. If there is damage on account of the above the employee may be liable to pay the damages at cost to
the Company/the same will be deducted from their monthly salary or Full &final settlement.
5. As you might expect, Company will not tolerate inappropriate materials such as pornographic, racist,
defamatory or harassing files, pictures, videos or email messages that might cause offence or
embarrassment to either the Company, its employees or any third party. No employee should ever
store, use, copy or circulate such material on the laptop and should not visit or attempt to visit any
dubious websites. The Company’s IT staff shall routinely monitor the Company network and
systems for such materials and track use of the Internet by all employees. Such IT staff shall report
serious/repeated offenders and any illegal materials directly to Company management, and
appropriate disciplinary processes will be initiated against such employees by the management.
Approved by the CEO W.E.F. 1st June 2022 Version: SBHR 1.0
� 6. Employees are also advised that any information in digital or electronic form that they come across in
the laptop computer systems provided to them, whether at the time of receiving such systems or at
any time thereafter, shall be compulsorily treated by employees as confidential information
(“Confidential Information”). Such Confidential Information can exist in any electronic form,
including but not limited to documents, memoranda, spreadsheets, databases, encrypted data,
passwords, lists of any nature, source code, object code, algorithms, software programs, emails and
other communications, designs, blueprints, business projections and plans, financial data, customer
and client names and contacts, supplier names and contacts, price lists and quotations, contractual
documents, term sheets and executed agreements with vendors/suppliers and customers, and so on.
Employees cannot use such Confidential Information in any manner whatsoever save and otherwise
than in strict accordance with the directions of the Company in this behalf. Any unauthorized usage
by the employee of such Confidential Information, or any act of omission or commission of the
employee which results in such unauthorized usage of Confidential Information by any third party,
shall expose the employee concerned to liability and consequent action by the Company and/or its
management.
7. Further, in the event any employee is unsure of the status of any digital/electronic information that he
or she may discover on any laptop system provided to such employee, the employee must forthwith
and without any further delay communicate the existence of such information to the Company’s IT
team on the assumption that all such information is potentially Confidential Information, and
thereafter follow the instructions of the IT team in this regard. Under no circumstances shall the
employee attempt to process such Confidential Information in any manner whatsoever for his or her
own personal usage, and any delay in contacting the IT team in this regard shall be regarded as
dereliction of duty by the employee.
H. CONSEQUENCES OF BREACH
1. Any action of the employee that are inconsistent with this Policy shall be treated as serious
professional misconduct on the part of the employee, and the employee concerned shall be subject to
any disciplinary proceeding, or action, by the Company, which the management of the Company
may deem appropriate under the existing circumstances. Such action may also include any rights of
Approved by the CEO W.E.F. 1st June 2022 Version: SBHR 1.0
� termination or any other rights that the Company may have under the terms of the employment
agreement entered into by the Company with the employee concerned.
2. Employees are further advised that in the event any such employee fails to adhere to the requirements
of laptop usage and restrictions on usage of Confidential Information, he or she shall be subject to
any penal liability under the provisions of the Information Technology Act, 2000 (the “Act”),
including but not limited to Section 43 of the Act.
3. The Company shall bear expenses for laptop maintenance and repairs arising out of the normal wear
and tear However, in the event of any damage to the laptop arising out of the negligence, misuse or
abuse of the laptop by the employee, the employee shall be solely liable to make the payment for all
the expenses arising therefrom. The Company shall have the right to reclaim such expenses and
deduct the same from your monthly salary or Full & Final settlement.
▪ Please sign below to indicate receipt of the laptop security policy and to authorize the deduction of
wages if the laptop is lost or stolen/ damaged.
Approved by the CEO W.E.F. 1st June 2022 Version: SBHR 1.0
