Acceptable Use Policy - Public

Last updated 4.11.2024

PURPOSE

Rocket Software and its affiliates (“Rocket Software”) make information resources available to employees and other authorized users subject to the terms of this Acceptable Use Policy - Public (this “Policy”). Authorized users may only use Computer Systems (defined below) in accordance with this Policy and for valid business uses, which include serving the interests of Rocket Software and of its clients and customers during normal operations.

“Computer Systems” are defined as all Rocket Software systems or resources, such as internet/intranet/extranet-related systems, including but not limited to computer equipment, software, operating systems, storage media, network resources and network accounts providing electronic mail, online browsing, and file transfer protocols.

“Rocket Software Information” is defined as all information (whether now existing or hereafter created or acquired) developed, created, or discovered by Rocket Software, or which became known by, or was conveyed to Rocket Software. Rocket Software Information includes financial data, personal data of Rocket Software employees, vendors or customers (and prospective employees, vendors or customers), intellectual property rights (including patents and patent applications), domain names, trade secrets, copyrights, ideas, techniques, know-how, inventions (whether patentable or not), and/or any other information of any type relating to designs, configurations, documentation, recorded data, schematics, circuits, mask works, layouts, source code, object code, master works, master databases, algorithms, flow charts, formulae, works of authorship, mechanisms, research, manufacture, improvements, assembly, installation and the information concerning Rocket Software’s actual or anticipated business, research or development, or which is received in confidence by or for Rocket Software from any other entity or person.

This Policy is in place to protect Rocket Software Information against loss or theft, unauthorized access, disclosure, copying, use, modification, or destruction (each an “Information Security Incident”). Information Security Incidents can result in a broad range of negative consequences, including reputational, financial, regulatory and liability to customers and other third parties.

This Policy demonstrates management’s support for proper conduct principles and commitment to a healthy and productive environment.

SCOPE

This Policy applies to all users of Computer Systems, whether owned or leased by Rocket Software, the employee, or a third party.

“Users” includes all directors, officers, and employees of Rocket Software, as well as third-party contractors, partners and agents of Rocket Software that have access to Rocket Software Information or Computer Systems owned or leased by Rocket Software (“Individual Users” or “you”).

All Individual Users are responsible for exercising good judgment regarding appropriate use of Rocket Software Information and Computer Systems in accordance with Rocket Software policies and standards, and applicable laws and regulations.

By accessing Rocket Software Information and/or Computer Systems, Individual Users acknowledge and agree that they must comply with the terms of this Policy and applicable law and that they will keep all Rocket Software Information confidential and only used for the benefit of Rocket Software. Rocket Software reserves the right to update this Policy from time to time based on Rocket Software business demands (including customer and partner requirements). You should check this Policy from time to time to ensure that you are aware of any changes.

GENERAL USE AND OWNERSHIP

Any Rocket Software Information that is stored on Computer Systems, whether owned or leased by Rocket Software, the employee or a third party, remains the sole property of Rocket Software. This includes Rocket Software Information that is stored on personal devices, such as photos or texts. If you use Computer Systems to produce intellectual property for Rocket Software, you acknowledge that this is Rocket Software Information and that Rocket Software is the owner of these rights, including moral and other intellectual property rights, unless you have a signed agreement with Rocket Software that expressly states otherwise. There is no guarantee of privacy while using Computer Systems. Rocket reserves the right to monitor user and workstation activity and examine incidents on any equipment at any time. Individual Users further acknowledge and agree to the following:

• Individual Users agree to ensure through legal or technical means that Rocket Software Information is protected in accordance with this Policy.
• Information security is everybody’s responsibility, and it is every Individual User’s responsibility to report any real or suspected violation of Rocket Software policies and/or standards. Individual Users are required to promptly report the theft, loss or unauthorized disclosure of Rocket Software Information, or any other Information Security Incident (see below for details on how to report).
• Individual Users may collect, access, use or disclose Rocket Software Information only to the extent it is authorized and necessary to fulfill their assigned job duties or their engagement with Rocket Software, as applicable.
• Authorized Rocket Software personnel may monitor equipment, systems, and network traffic for limited reasons, such as compliance with mandatory legal obligations, protecting against as well as investigating security threats and incidents, for network maintenance purposes or the investigation of reported violations against our policies and applicable laws.
• Rocket Software may audit Individual Users’ use of Computer Systems as permitted by applicable law on a periodic basis, including to ensure compliance with this Policy.

Policy

Environment

It is the goal of Rocket Software to establish an environment that reflects is values and is optimized for achieving its mission. To that end, Individual Users acknowledge and agree to the following:

• All entities or Individual Users granted access to Rocket Software Information must be subject to confidentiality provisions protecting Rocket Software Information and Computer Systems.
• The ability to access Rocket Software Information or Computer Systems, whether internal or external, does not imply any consent regarding the use of such assets.
• To protect Rocket Software Information and Computer Systems, web content filtering and other safety and security measures will be used.

You are expressly prohibited from using Computer Systems to download/upload, create and/or display the following:

• Items of a pornographic or prurient sexual nature.
• Items of a racist or sexist nature, or negatively targeting any identifiable group.
• Items that elicit an uncomfortable response or are deemed inappropriate.

These actions can create an uncomfortable or hostile environment and are prohibited. Management, in its sole discretion, reserves the right to determine what is or is not appropriate.

Stewardship

Individual Users must always act in accordance with Rocket Software values and demonstrate responsible stewardship towards Rocket Software Information and Computer Systems, including by meeting the requirements set forth below.

• Downloading large or streaming files requires excessive bandwidth. To ensure availability of Rocket Software information resources for all business needs, all high bandwidth applications shall be justified by business requirements.
• Attempts to intentionally damage or hinder Rocket Software Information resources, such as the introduction of viruses, worms, or other forms of malicious software are prohibited.
• Uncontrolled software, freely available on the Internet or via other sources, often harbors hidden malicious intent and may result in the inadvertent introduction of viruses, worms, Trojans, and other forms of malicious code. Introduction of ANY software not approved by the Information Security Program is prohibited.
• Use of removeable media for storing or transferring any Rocket Software or customer data is not permitted. Examples of removable media include portable hard drives, flash drives, CD/DVDs, and internal storage on mobile devices such as phones and tablets.
• Usage of Rocket Software Information and Computer Systems shall be based upon business requirements. If you realize that you have access to Rocket Software Information that is of a highly confidential or sensitive nature and not something that you need access to in order to perform your role for Rocket Software, you must report it immediately

Compliance

All Individual Users are expected to comply with all laws and follow Rocket Software’s values and ethical standards and policies, including the specific requirements set forth below.

• Unauthorized reproduction of copyrighted works, such as software and documentation, is an infringement of intellectual property laws, and is prohibited. Unauthorized duplication of copyrighted material may subject users and/or the Rocket Software to both civil and criminal penalties under the United States Copyright Act.
• Individual Users may not duplicate any licenses, software, or related documentation for use either on the Rocket Software’s premises or elsewhere unless such duplication is expressly authorized by the licensing agreement with the publisher. Individual Users must not provide licensed software to any outsiders including contractors, customers, or others.
• Printers and other devices which could disclose sensitive information in printed form shall be cleared of such information in a timely manner.
• Certain personal information records, such as Social Security numbers, health information and bank account information, may only be accessed by authorized individuals that require that information to perform their jobs. Disclosure, either accidental or intentional, will be taken very seriously.
• Any attempt to circumvent access controls, or “hacking”, regardless of intent, is a violation of this Policy and prohibited.
• Use of Rocket Software Information or Computer Systems for personal gain, such as gambling or self-marketing, is prohibited.
• Casual and limited personal use of Rocket Software Information resources is allowed on a non-interfering basis. Sending and receiving an occasional personal email, and limited “break time” web surfing may be considered examples of casual personal use so long as all other requirements of this Policy are followed.
• Sharing accounts, passwords and other user access information is prohibited. Sharing user accounts and passwords hinders the ability to hold users accountable for their activities and may result in false accusations against the legitimate account holder. Account sharing may also result in identity theft.

Social Networking Use

Rocket Software recognizes that many Individual Users use social networking for personal uses. Individual Users have a responsibility to limit the business risk associated with the use of social networking. They further agree to the requirements set forth below.

• Access from within the Rocket Software network to social networking services and sites not specifically intended to support Rocket Software business goals as part of your role at Rocket Software shall be prohibited.
• The personal use of any chat or streaming media service shall not be permitted on Computer Systems without explicit management approval.
  Social networking posts must conform to all relevant requirements of both this Policy and all applicable confidentiality obligations you are subject to.
• Individual Users shall not claim to represent Rocket Software in social network postings or messages unless specifically authorized to do so by management.
• Postings shall not use Rocket Software’s logo, trademark, proprietary graphics or photographs of Rocket’s premises, personnel, or products without explicit management approval.
• Postings, whether business-related or personal, must not contain information that Rocket Software considers proprietary or confidential. Any such posts, even those made anonymously, are subject to investigation and appropriate remedial action by the Rocket Software.

Cloud Services

Cloud services can be a valuable resource for achieving business goals but unsanctioned cloud services create unacceptable risk to the Rocket Software business. It is important that all Individual Users only use Rocket Software-sanctioned services when handling Rocket Software Information, including as described below.

• The use of personal cloud services or account for storing Rocket Software Information is prohibited, including backup systems, video, or audio recording tools.
• To limit exposure to potential malware and/or loss of Rocket Software intellectual property, the use of Rocket Software-supplied equipment to access personal cloud services is not allowed.

Email

Rocket Software identifies email as an important method for communicating for Individual Users, customers, and the community. To protect Rockets systems, data, and image Individual Users should only use their Rocket Software email when conducting business.

• Only Rocket provided email accounts may be used to conduct Rocket business.
• The use of personal email accounts to conduct Rocket Software business or transfer Rocket Software Information is prohibited.

Training and Awareness

Rocket Software provides an enterprise-wide training and awareness program designed to educate Individual Users on evolving cyber risks and threats to Rocket Software Information, its customers, partners and employees. Active participation in cyber training and awareness activities is critical to the security of the organization and is requirement for continued employment or engagement with Rocket Software.

ADDITIONAL GUIDANCE AND REPORTING

We encourage you to consult with a member of the IT/Security Teams if you have any questions about this Policy. If you are a Rocket Software employee, you can email security@rocketsoftware.com. If you are outside of Rocket Software, you can email support@rocketsoftware.com.

Suspected phishing attempts should be report via the reporting process in the Rocket Software email client. All other suspected or actual security issues (including Information Security Incidents), must be reported by reaching out to a member of the Security Team (including via email to security@rocketsoftware.com or support@rocketsoftware.com if you are outside of Rocket Software). You can also report criminal or ethical violations via our third-party reporting portal, Speak Up. Speak Up also provides an anonymous reporting option if you feel more comfortable reporting anonymously (visit www.rocketsoftware.ethicspoint.com).

ENFORCEMENT

Compliance with this Policy is a condition of access to Rocket Software Information and Computer Systems and continued employment or engagement with Rocket Software. Individual users understand that they have no expectation of privacy while using Rocket Software Information and Computer Systems. Rocket Software reserves the right to monitor usage of Rocket Software Information and Computer Systems and to take relevant disciplinary action based upon inappropriate use or violations of this or any other Rocket Software policy.

Except for potential criminal activity, which may be reported to the proper authorities, recourse is managed by the Rocket Software People Department and may include escalation of policy violations to direct management, department management and executive leadership. Noncompliance with this or any Rocket Software policy may result in disciplinary action up to and including termination or employment or engagement.