14/03/2024

Dear Team Members,

COMPANY POLICY RELATING TO REMOVABLE MEDIA & MOBILE DEVICES

In an effort to maintain the security and integrity of our group’s data and IT infrastructure and to ensure that we follow and comply with GDPR regulations, we are issuing clear guidelines regarding the use of USB storage devices (USB flash drives, external hard drives, etc.) within the Platinum Group, to all Team Members.

The misuse or loss of these devices could pose a serious GDPR breach, and which would put Company & Customer data at serious risk.

Please ensure you adhere to the following best practise rules at all times when handling portable/removable media storage devices.

Also please refer to our “REMOVABLE MEDIA & MOBILE DEVICES” policy in the Company Handbook (Section 3) on Platinum Info Central for further guidance or clarification http://www.platinuminfocentral.com/ssl-platinum/companyhandbook/default.htm

  1. Approved Devices Only:

Only USB storage devices that have been approved by the IT department are permitted for use on company computers. Devices must meet our security standards to safeguard against malware and other security threats.

  1. Device Registration:

All USB storage devices must be registered with the IT department before use. Please contact IT to complete the necessary registration process, which includes a security check and encryption setup. Note that there will be a register of devices held within the IT Department.

  1. Sensitive Data Handling:

Storage of sensitive or confidential company data on USB storage devices is strictly controlled. Such data may only be transferred to or stored on encrypted and approved USB devices when absolutely necessary, and must be approved by your department head in advance.

  1. Personal Use:

The use of personal USB storage devices for storing or transferring work-related data is strictly prohibited. Personal devices pose a significant security risk and can lead to data breaches.

  1. Security Practices:

Always eject USB storage devices safely and log out from any system when finished. Never leave your USB device unattended in a computer. Report any lost or stolen devices to the IT department immediately.

  1. Data Transfer:

Be cautious when transferring data. Ensure that the data being transferred does not violate any company policies or laws regarding data privacy and protection.

  1. Virus Scanning:

All files transferred to a USB storage device will be automatically scanned for viruses and malware using the company-provided antivirus software.

  1. Device Disposal:

When a USB storage device is no longer needed, please contact the IT department who will securely erase any data that is still contained on the device.

IMPORTANT; Should you have a such device in your workspace that you have previously used for work purposes, or you see any devices anywhere in the Platinum Group that are not being used or stored securely, please send them to the IT Department.

  1. Exceptions:

There will be exceptions to these guidelines including the use of USB pen-drives and SD cards for updating Sat-Nav/Radio systems on vehicles.  As this data does not pose any risk to the business, these are exempt from being encrypted.

Should you have any questions, please contact the IT Department regarding the contents of this email and also let us know if you believe there are any other circumstances where it would not be possible to encrypt your portable media storage device/s.

Yours sincerely

Jeremy, Martyn, Paul & Michael (The Board of Directors)
Paul Jones (Group IT Manager)

Renrod Ltd/Platinum Motor Group