Summary
This policy provides details about the prohibition and limitations of certain specific software distributions and classes of software. Due to considerations for licensing compliance, security, and data governance, some software distributions and applications are generally incompatible with other IT management policies and must have their usage on company resources tightly controlled.
Policy
Certain software distributions, applications, and various categories of software, applications and devices, are prohibited from installation or usage with Connor Group IT assets. This is done as part of IT management's security, data governance, and compliance management programs. IT management shall implement technical controls to prevent download, installation, execution, operation, or otherwise block the usage software specified in this policy. IT management may provide mechanisms in the technical controls for this policy that allow for specific exceptions to the policy provided that there is a business case for the usage, no reasonable alternative, and approval from senior IT management.
Prohibited Applications:
- The Java Runtime Environment (JRE), the Jave Software Development Kit (JDK), or other elements of the Java SE ecosystem distributed and licensed by Oracle.
Prohibited Classes of Software:
- All torrent clients and sharing software distributions
- Any software or devices that intercept or collect network traffic
- Any software or devices used for the forensic analysis or inspection of storage devices or system memory