Lunr Management Model and Employee Handbook
  • 👋Welcome to LUNR!
  • About us
    • 🚀Vision, Mission & Focus
      • Vision
      • Mission
      • Pillars
  • How We Make Decisions
    • 🚀Strategy
      • Context, not control
      • Strategic management
      • Culture code
    • 🏹Leadership
      • Managers
      • Tech leads
      • Traits of leadership
      • Leaders Performance
    • 👭Team management
      • Team Structure Designed for Success
      • Embracing Effective Ceremonies
      • Strategic Sessions: Empowering Innovation
  • How we build processes and a great product
    • ⚙️Operations and roles
      • How We Navigate Growth and Complexity
      • Our Responsibility Assignment Matrixes: RACI & CODE-KS
    • 📚Knowledge management
      • Knowledge Categories
      • Knowledge Accountability Index
      • Confluence
      • Learning day
      • Company Knowledge Centricity Level
      • Realms
    • 👨‍💻Engineering culture
      • Engineering culture
      • Team culture
      • Engineering Process and Roles
      • Team Events and Processes
        • Scrum Events
        • Ongoing Meetings
        • Concepts
  • How we ensure people’s growth
    • 📈Performance
      • Paths
        • Individual Contributors Path
          • Individual Contributors Levels - Software Engineering
          • Individual Contributors Steps
        • Management Path
          • Level 1 - Our Pace setters
          • Level 2 - Our Coaches
          • Level 3 – Our visionaries and servant leaders
          • Level 4 – Our transformational leaders
          • Key concepts
      • Performance evaluation
      • 360 Evaluation Matrix
      • K-POC
      • CAP
      • Management Model Golden Rules
    • 💰Compensation
      • IC Frameworks
        • 👨‍💻Android Development
        • 📱Android OS Development
        • 🔐Assets security
        • 👨‍💼Business Development
        • 📧Digital marketing
        • 💻Front-end web development
        • ⌨️Full Stack Web Development
        • 🏢Facility cleaning
        • 🔑Information security
        • ↗️Marketing automation
        • 🐞QA automation
        • 👾Quality assurance
        • 🧍Recruiting Operations
        • 📖Technical Training
        • 🤦Technical recruitment
        • 🤖WordPress Developers
        • 👩‍🎨UX/UI
      • MGT Frameworks
        • 👨‍💻Application support management
        • ➗Accounting&Finance Management
        • 👯HR Operations Management
        • 🔒Information Security Management
        • 📧Marketing Management
        • 📞NOC&Support management
        • 🚵Operations management (logistics)
        • 🤦‍♀️Operations management (administration)
        • 🖥️Product owner
        • 🔩Product Engineering Management
        • 🤝Product Marketing Management
        • 👨‍💼Project Management (Business)
        • 👨‍💻Project Management (Software)
        • 🛒Sales Management
        • 📳Software Engineering Management
        • 🌟Strategic Business Development Management
        • 💟Strategic Human Resources Management
        • 🚟Supply Chain Management
        • 👌Technical Account Management
        • ☎️Technical Support Management
        • 📜Technical Training Management
    • 🌟Empowering Growth through Transparent Management: Your Path to Success
  • Policies
    • 🎹Internal rules
      • Employee Probationary Period
      • Employee Code of Conduct
      • Physical Access Control
      • Cybersecurity and digital devices
        • Internet usage
        • Cellphone
        • Corporate e-mail
        • Social media
        • Conflict of interest
        • Workplace measures
        • Employee relations
        • Solicitation and Distribution
      • Substance Abuse and Drug Testing Policy
      • Employee Attendance and Working Hours Policy
      • Shiftwork Policy
      • Overtime policy
      • Employee Time Off Policy
      • Remote office policy
      • Smoke-free office policy
      • Employee Referral Program Policy
      • Moonlighting Policy
      • Anti-discrimination Policy
      • Violence In The Workplace Policy
      • Workplace Harassment Policy
      • Source Code Policy
      • Data Protection and Privacy Policy
      • Employee Confidentiality Policy
      • Business Trips Policy Policy
      • Company Equipment Policy
      • Event Participation Policy
      • Training Benefit Policy
      • Termination of Employment Policy
      • Disciplinary Action Policy
      • Corrective Action Plan (CAP) Policy
    • 💵Salaries
    • 📖LUNR knowledge
    • 🧙Sources
    • 📑Glossary
  • ©️License
Powered by GitBook
On this page
  1. Policies
  2. Internal rules

Cybersecurity and digital devices

Take security seriously: Everyone, from our customers and partners to our employees and contractors, should feel that their data is safe. We can all contribute to this by being vigilant and keeping cybersecurity top of mind.

Policy Elements

There are guidelines for using computers, phones, our internet connection, and social media to ensure security and protect our assets. This category, as an exception, applies to all our employees, contractors and anyone who has permanent or temporary access to our systems and hardware.

Confidential data

Confidential data is secret and valuable. Common examples are:

  • Unpublished financial information

  • Data of customers/partners/vendors

  • Patents, formulas or new technologies

  • Customer lists (existing and prospective)

All employees are obliged to protect this data. In this category, we will give our employees instructions on how to avoid security breaches

Protect personal and company devices

When employees use their digital devices to access company emails or accounts, they introduce security risks to our data. We advise our employees to keep both their personal and company-issued computer, tablet and cell phone secure. They can do this if they:

  • Keep all devices password protected.

  • Ensure they do not leave their devices exposed or unattended.

  • Log into company accounts and systems through secure and private networks only.

  • Avoid accessing internal systems and accounts from other people’s devices or lending their own devices to others.

Manage passwords properly

Password leaks are dangerous since they can compromise our entire infrastructure. Not only should passwords be secure so they won’t be easily hacked, but they should also remain secret. We use a password management tool that generates and stores passwords. Employees are obliged to create a secure password for the tool itself, following the abovementioned advice.

Transfer data securely

Transferring data introduces security risk. Employees must:

  • Avoid transferring sensitive data (e.g. customer information, employee records) to other devices or accounts unless absolutely necessary. When mass transfer of such data is needed, we request employees to ask our System Administrators for help.

  • Share confidential data over the company network/ system and not over public Wi-Fi or private connection.

  • Ensure that the recipients of the data are properly authorized people or organizations and have adequate security policies.

  • Report scams, privacy breaches and hacking attempts.

Our System Administrators need to know about scams, breaches and malware so they can better protect our infrastructure. For this reason, we advise our employees to report perceived attacks, suspicious emails or phishing attempts as soon as possible to our specialists. Our System Administrators must investigate promptly, resolve the issue and send a companywide alert when necessary.

Additional measures

To reduce the likelihood of security breaches, we also instruct our employees to:

  • Turn off their screens and lock their devices when leaving their desks.

  • Report stolen or damaged equipment as soon as possible to HR and Employee Experience Expert

  • Change all account passwords at once when a device is stolen.

  • Report a perceived threat or possible security weakness in company systems.

  • Refrain from downloading suspicious, unauthorized or illegal software on their company equipment.

  • Avoid accessing suspicious websites.

  • We also expect our employees to comply with our social media and internet usage policy.

Our System Administrators will:

  • Install firewalls, anti-malware software, and access authentication systems.

  • Arrange for security training to all employees.

  • Inform employees regularly about new scam emails or viruses and ways to combat them.

  • Investigate security breaches thoroughly.

  • Follow these policies provisions as other employees do.

Remote employees

Remote employees must follow this policy’s instructions too. Since they will be accessing our company’s accounts and systems from a distance, they are obliged to follow all data encryption, protection standards, and settings, and ensure their private network is secure. We encourage them to seek advice from our System Administrators.

Policy Violation

In case the employee does not follow the Cybersecurity measures, the following action will be taken:

  • Disciplinary action: if a minor violation

  • Termination of Employment: if a severe violation

If we suspect employees are engaged in suspicious or unethical activities, we reserve the right of investigating any sort of communication that occurred inside the Company's facilities or through the Company's devices.

PreviousPhysical Access ControlNextInternet usage

Last updated 9 months ago

🎹