Legal Solutions is a legal consulting, business advisory and immigration consulting firm.

Gallery

Contacts

SF01, Thetsane Office Park Kofi Ann Road, Maseru, Lesotho

info@legalsolutions.africa

+266 6255 0055 / 5860 9379

Twitter Facebook-f Pinterest-p Instagram

Terms of Use

 

INTRODUCTION

The Acceptable Use Policy (AUP) aims to protect all users of Legal Solutions equipment and data and minimise risk by providing clarity on the behaviours expected and required by Legal Solutions employees, Agents, Service Providers, Contractors, and Consultants. It sets a framework on how to conduct Legal Solutions’ business to meet legal, contractual, and regulatory requirements and defines how individuals must behave in order to comply with this policy.

PURPOSE

To ensure that individuals understand their responsibilities for the appropriate use of Legal Solutions’ information technology resources. Understanding what is expected will help individuals to protect themselves, colleagues and Legal Solutions’ equipment, information and reputation and ensure that there is clear accountability.

SCOPE

All Legal Solutions equipment and information (all information systems, hardware, software, and channels of communication, including voice- telephony, social media, video, email, instant messaging, internet, and intranet). User’s personal information which is processed by Legal Solutions equipment is also subject to this policy.

Who this policy applies to:

All Legal Solutions employees, agents, contractors, consultants, suppliers, and business partners (referred to in this document as ‘users’) with access to Legal Solutions’ information and information systems and assets.

  1. ACCEPTABLE USE PRINCIPLES
  2. General Principles

Users must:

1.1 Confirm prior to use of Legal Solutions’ equipment or information that they agree to comply with this AUP and understand that breaching this policy may result in disciplinary procedures.

1.2 Be responsible for their own actions and act responsibly and professionally, following the Legal Solutions’ Standards of Behaviour and respecting the Department and colleagues, suppliers, partners, and citizens.

1.3 Use information, systems, and equipment in line with Legal Solutions’ security and Information Management policies.

1.4 Immediately report any breach of this Acceptable Use Policy to their line manager and to the relevant team and comply with official procedures when a breach of the policy is suspected or reported.

1.5 Never undertake illegal activity, or any activity that would be harmful to Legal Solutions’reputation or jeopardise staff and/or citizen data, on Legal Solutions’ technology.

1.6 Understand that both business and personal use of Legal Solutions’ systems will be monitored as appropriate.

1.7 Understand that they can use whistleblowing and raising a concern if it is believed that someone is misusing Legal Solutions’ assets, information, or electronic equipment.

1.8 Undertake education and awareness on security and using Legal Solutions’ information and technology, including the mandatory annual security e-learning, in order to support the understanding of recognising and reporting threats, risks, vulnerabilities and incidents.

  1. User IDs and Passwords

Users must:

2.1 Protect usernames, staff numbers, smart cards, dongles, and passwords appropriately

2.2 Create secure passwords following relevant Legal Solutions instructions.

2.3 When using a password manager, ensure that their master password is stored securely in line with Legal Solutions instructions. Passwords must not be stored in shared folders or written down.

2.4 Not log on to any Legal Solutions’ systems using another user’s credentials.

2.5 Remove their network access smart card or dongle and/or lock the screen when temporarily leaving devices that are in use.

2.6 Log out of all computer devices connected to Legal Solutions’ internal network during nonworking hours, i.e., at the end of the working day.

  1. Managing and Protecting Information

Users must:

3.1 Understand that they and Legal Solutions have a legal responsibility to protect personal and sensitive information and must not misuse their official position to further private interests or those of others. The Civil Service Code Standards of Behaviour: Integrity refers.

3.2 Ensure that all information is created, used, shared, and disposed of in line with business need and in compliance with the Information Management Policy, Information Asset Inventory Guidance and Retention of Specific Information Guidance.

3.3 Not attempt to access anyone’s personal data unless there is a legitimate business need that is appropriate to their job role. Users must not, under any circumstances, knowingly access, or attempt to access, their own Legal Solutions’ records or the records of friends, family members, ex-partners, relatives, or anyone else they know on any Departmental computer, paper file or benefit system, irrespective of motivation. Legal Solutions’

Standards of Behaviour.

3.4 Comply with Managing HR records in respect of handling employee information.

3.5 Not provide information in response to any type of request whose identity they cannot verify.

3.6 Ensure they are not overheard or overlooked in public areas when conducting Legal Solutions’

business.

3.7 Apply the Legal Solutions’ Security Classification Policy appropriately to documents and email

subject lines in relation to the Official-Sensitive handling caveat.

3.8 Not attempt to access, amend, damage, delete or disseminate another person’s files, emails, communications, or data without the appropriate authority.

3.9 Not attempt to compromise or gain unauthorised access to Legal Solutions’ IT, telephony or content, or prevent legitimate access to it.

  1. Personal Use of Legal Solutions IT

Users must:

4.1 Understand that they are personally accountable for what they do online and with Legal Solutions technology.

4.2 Understand that Legal Solutions allows personal use of its IT resources in an employee’s own time when not on official duty or ‘flexed on’ as per the Flexible Working Hours Policy.

4.3 Ensure that any personal information stored is appropriate i.e., legal, applicable, and compliant with this policy and GDPR legal requirements.

4.4 Understand that the ability to store personal information on Legal Solutions owned devices and systems is a privilege and Legal Solutions has a right to require the data is removed should this data interfere with business activity or use.

4.5 Ensure personal activities do not damage the reputation of Legal Solutions, its employees and citizens including accessing, storing, transmitting, or distributing links to material that:

  • Could embarrass or compromise Legal Solutions in any way,
  • Is obtained in violation of copyright or used in breach of a licence agreement,
  • Can be reasonably considered as harassment of, or insulting to, others,
  • Is offensive, indecent, or obscene including abusive images, language, and literature.

4.6 Follow the Legal Solutions Standards of Behaviour and must not:

  • Trade or canvass support for any organisation on official premises, whether it is for personal gain from any type of transaction or on behalf of external bodies,
  • Send messages or material that solicit or promote religious, political, or other non-business-related causes, unless authorised by Legal Solutions,
  • Provide unauthorised views or commitments that could appear to be on behalf of Legal Solutions,
  • Use malicious, harassing, abusive or threatening communication,
  • Incite hate, bullying and harassment,
  • Visit pornographic sites or undertake any form of gaming, lottery, or betting,
  • Use behaviour that is discriminatory in any sense (e.g., on the grounds of sex, sexual orientation, gender, race, age, religious beliefs, or disability),
  • Use any type of applications and/or devices to circumvent management or security controls or damage, destroy, or deny availability of service,
  • Download software onto Legal Solutions’ devices with the exception of Legal Solutions’ supplied tablet devices and smart phones where permitted from an official source and appropriately licensed. This software must not compromise the performance or security of the device,
  • Access personal webmail accounts on Legal Solutions’ equipment,
  • Download music, video or other media-related files for non-business purposes or store such files on network drives.
  1. Legal Solutions does not accept any liability for any loss, damage or inconvenience you may suffer as a result of personal use of its IT.
  2. Email/Fax/Voice Communication

Users must:

5.1 Comply with Legal Solutions’ email policies

5.2 Only use appropriate language in messages, emails, faxes, and recordings.

Threatening, derogatory, abusive, indecent, obscene, racist, sexist or otherwise offensive content must not be used.

5.3 Not engage in mass transmission of unsolicited emails (SPAM).

5.4 Not alter the content of a third party’s message when forwarding it unless authorized to do so.

5.5 Not try to assume the identity of another user or create or send material designed to mislead people about who originated or authorized it (e.g., through misuse of scanned signatures).

5.6 Be vigilant to scam targeting communications especially phishing emails and know how to spot and report suspicious emails

5.7 Employees and contractors must not use their Legal Solutions email address for personal use.

Only use your Legal Solutions email address for Legal Solutions business related activities and linked organizational activity.

Email Policy.

All employees must use their personal email address for personal activities including purchasing and selling of goods, internet banking and any other personal activity, failure to comply may lead to disciplinary action.

  1. Websites and Social Media

Users must:

6.1 Comply with the Social Media Policy and Social Media Standards and be aware of Cabinet Office guidelines. They must use social media appropriately and understand that the principles covering the use of social media by civil servants in either their official or personal capacity are the same as those that apply for any other activity and that they are responsible for the content they post. Section 3 of Social Media Standards refer.

6.2 Only use approved Legal Solutions social media accounts for official business and where appropriate, use Legal Solutions branding and a professional image or persona on such accounts.

6.3 Understand that their social media content/footprint may be available for anyone to see, indexed by Google and archived for posterity.

6.4 Only access appropriate content using Legal Solutions technology and not intentionally visit sites or news groups that are obscene, indecent or advocate illegal activity, as described in the blocked categories list.

6.5 Contact the relevant team with requests to unblock a website and do not attempt to bypass Legal Solutions web filters.

6.6 Report any access to a site that should be blocked by our web filters to their line manager and contact the relevant team with a request to block a website.

  1. Devices, Systems and Networks

7.1 Only use systems, applications, software, and devices (including USBs, laptops, and smart phones), which are approved, procured and configuration managed by Legal Solutions when undertaking official business, and apply Legal Solutions standards and guidance in their use.

7.2 Users with Legal Solutions mobile phones must always install the most up to date software when it becomes available as this ensures the device has the latest security updates installed and so remains fully compatible with Legal Solutions systems. Failure to do so may result in the device becoming restricted from accessing any Legal Solutions systems prior to potential withdrawal of the service.

7.3 When individuals are required to generate a two-factor authentication onetime password to access a Legal Solutions system, including enrolment and password reset, use of a personal device is permitted in the absence of a Legal Solutions device.

7.4 The use of personal Bluetooth headsets, keyboards and mice are permitted when paired with Legal Solutions devices that are enabled to support the connectivity. Bluetooth connection must be compatible with  devices and users must not download any software onto Legal Solutions devices to conduct the pairing of Bluetooth.

7.5 Legal Solutions permits the use of personal mobile phones and personal landline numbers for voice calls in exceptional circumstances only which include internal calls to colleagues within Legal Solutions, other Government Departments, Local Authorities, and the supply chain/business partners however personal or sensitive information should not be discussed. Where a user has access to a Legal Solutions’ phone or a Softphone on their Legal Solutions ‘device, these must be used as they are the department’s preferred method of communication. Employees and contractors must not use personal phones to contact customers or their appointed agents as this still remains prohibited. The use of other personal mobile phone functionality including SMS texting or personal Email for Legal Solutions work purposes is not permitted.

7.6 The limited use of personal devices (laptops, tablets etc.) is permitted when undertaking training courses for Legal Solutions work purposes, for example where access to training related material and examinations is restricted on Legal Solutions devices and proving difficult to access. This is not a mandatory solution but a personal choice when there is restricted access to training material and courses on Legal Solutions devices that prevents essential learning. The Department is not responsible for any damage, theft, or introduction of malware to personal devices as a result of personal choice by individuals to use their own device for access to training materials. Individuals should take great care when using personal devices for training purposes, ensuring that any official information that should not be in the public domain must not be divulged nor exposed.

7.7 Users must not connect Legal Solutions or personal mobile devices by USB cable to Departmental devices connected to the Department’s infrastructure, for the purpose of uploading/ downloading files or charging.

7.8 Legal Solutions permits connecting Legal Solutions devices, laptops Surface pros etc., by Wi-Fi (or Ethernet) to the internet to connect back to the department from anywhere e.g., home or a hotel. However, Legal Solutions devices must not be connected to the internet via Captive Portals, for security reasons. Legal Solutions’ devices are set up so they do not connect to Captive Portals.

7.9 Legal Solutions permits wirelessly connecting a Legal Solutions device to a Legal Solutions’ or personal, mobile phone via a personal hotspot for the purpose of acquiring an internet connection (tethering) for work purposes. Tethering a personal mobile phone is permissible but Legal Solutions cannot be held liable for this use of a personal mobile phone including any data charges, and so any use of a personal phone for this purpose is the individual’s choice.

7.10 Users must ensure no official information is stored on devices without Legal Solutions’ security controls.

7.11 Do not use any personal wallpapers or screensavers. The use of personal background settings (e.g., MS Teams), images (e.g., Outlook profile) etc. is permitted on Legal Solutions’ devices but must be respectful and must not contain any inappropriate or offensive material that may bring the individual or Legal Solutions into professional disrepute.

7.12 Raise all software requests through the appropriate team.

7.13 Legal Solutions employees and contractors travelling outside the Lesotho on official business and

wishing to take Legal Solutions devices with them should review the HR guidance on working abroad and must contact the relevant team before they travel. Legal Solutions devices, including smart phones, must only be taken outside Lesotho when required for official business and appropriately approved. Legal Solutions may prohibit the carrying and use of Legal Solutions devices in certain countries.

7.14 Employees and contractors are required to contact the appropriate team before travelling to certain countries, whether this is on official business or for a personal visit

e.g., a holiday. Employees and contractors should check the relevant intranet page to check whether this includes the country they are visiting.

  1. Physical Security

Users must:

8.1 Comply with Legal Solutions Physical Security Policy & Physical Security Standards.

8.2 Be responsible for keeping all portable devices assigned to them safe and secure and immediately report any loss or damage of their equipment to their line manager and log a security incident accordingly. If the device is a work phone/smart phone you must also complete the relevant form and ask for the phone to be suspended.

8.3 Protect Legal Solutions equipment appropriately when travelling e.g.

  • Laptops must always be carried as hand luggage,
  • Never leave a portable device visible in parked vehicles,
  • Never leave equipment unattended in a public place e.g., on public transport.

8.4 Return all Legal Solutions assets when leaving Legal Solutions . Failure to return equipment could lead to steps being taken to recover the cost, which could include legal action through the civil courts. Line Managers must complete all appropriate exit procedures with leavers.

  1. Compliance

9.1 If for any reason users are unable to comply with this policy or require use of technology which is outside its scope, this should be discussed with their line manager in the first instance and then the relevant team who can provide advice on escalation/exception routes.

9.2 Seek exceptions to security policies by applying for an Exception.

9.3 All requests to use new software not currently approved by Legal Solutions must be subject to the Software Approvals Process.

9.4 Line managers are responsible for ensuring that users understand their responsibilities and consequences as defined in this policy and continue to meet its requirements for the duration of their employment with Legal Solutions. They are also responsible for monitoring employees’ ability to perform assigned security responsibilities. This does not remove responsibility from employees, who must ensure that they too understand their responsibilities as outlined in this policy and continue to meet the requirements. It is a line manager’s responsibility to take appropriate action if individuals fail to comply with this policy.

9.5 Legal Solutions actively monitors employee and contractor personal use of IT and equipment to ensure everyone is complying with this policy (AUP) and the Legal Solutions Social Media Policy. Monitoring complies with and respects the privacy rights of all employees as outlined in the Legal Solutions Employee Privacy Notice. The consequences of failing to comply with the personal use limitations of Legal Solutions IT and equipment are serious and attract disciplinary penalties up to and including dismissal.

9.6 Legal Solutions will regularly assess for compliance with this policy and may need to inspect physical locations, technology systems, design and processes and speak to people to facilitate this. All Legal Solutions employees, agents, contractors, consultants, business partners and service providers will be required to facilitate, support, and when necessary, participate in any such inspection.

9.7 Failure to report a security incident, potential or otherwise, could result in disciplinary action.

9.8 Breaching this policy may result in disciplinary procedures which could lead to dismissal, including criminal prosecution.