Good Practices

Work from Home

Remote work has become a common practice at ALTEN. We have opted for this mode of work in order to offer you its many advantages, such as flexibility, saving time and money related to travel, as well as a better work-life balance. However, to ensure compliance with information security requirements, it is essential to follow certain rules. Below are some guidelines:

All security best practices defined within the company and that you have committed to within the IT Charter are also applicable for remote work;
The equipment you have at your disposal is safe and has protective tools. Choose to use it to connect to your local network;
When communicating via Teams, choose to use your headphones and microphone. Ensure the confidentiality of the conversations;
Do not install software on the workstation. If necessary, contact the IT department to provide technical support;
The workstation automatically has security tools (proxy access, VPN, antivirus, security update, disk encryption, etc.). Whatever your access rights to the equipment, it is strictly forbidden to change the configuration of your equipment. Similarly, it is strictly forbidden to bypass the workstation protection systems ;
Make sure that you are logged in (e.g., email, phone, video conference, etc.) and that you can collaborate as needed, with other colleagues to achieve the desired results of the organization;
Ensure the protection of mobile computer equipment, as specified in the Mobile device usage policy.
Ensure the protection of the intellectual property rights of the organization, either for software or for other materials that may be protected by intellectual property rights
Save a minimum of information to your local hard drive. Focus on collaborative networking and shared spaces once the workstation is connected to the Alten network via VPN.
Protect your work environment. Do not mix personal and business information. Do not process or store professional activity information on personal equipment;
Prevent unauthorized access by people who live or work in the place where you operate teleworking.
Take the necessary measures to ensure the confidentiality of the information of the company or its customers (for example, place for calls, documents, etc.);
The user must ensure that his laptop or PC connects to the company's network at least once a week (directly to the company's premises or via the VPN system) to receive all security related updates. In addition, the employee must restart the laptop at least once a week to install the updates. An exception to this rule is only a long-term absence (EX: vacation, sickness, etc.).

Clean desk policy

It’s important to respect this policy so we can reduce the risk of unauthorized access, loss, and damage to information, during and outside normal office hours, or when workstations are left unattended.

Here are the actions you should take to comply with this policy:

All sensitive and confidential documents (personal or customer data), whether on paper or on a hardware device, should be removed from the desk and locked in a drawer or file.
Any paper waste containing sensitive or confidential information should be disposed of by the designated shredders. Under no circumstances should this data be disposed of in the ordinary waste bin.
Computer workstations should be locked (shortcut: Windows key+L) when the office is unoccupied and completely switched off at the end of the working day.
Laptops, tablets and other hardware devices should be removed from the desk and locked in a drawer or file cabinet.
Under no circumstances any external devices like mobile phone, USB storage media should not be connected to company computer/laptop
Access keys to drawers or filing cabinets should not be left unattended at a desk.
Printers and fax machines must be treated with the same care under this policy:
All print jobs containing sensitive and confidential documents must be recovered immediately.
All unused or unnecessary documents should be destroyed by means of a shredder.