Information Technology Policy (Version-8.6)

Security and Privacy

It is the policy of Sulekha.com New media Pvt Ltd. that all information contained on the network or computers attached to the network is strictly confidential. Confidential information is not to be used or given to anyone, whether inside or outside Sulekha.com New media Pvt Ltd, unless there is an authorized business purpose and/or there is a legitimate need to know. It is the responsibility of each person to honour this confidentiality and to report actual or suspected violations to the appropriate authorities at Sulekha.com New media Pvt Ltd. Any violations of confidentiality or unauthorized computer access will be investigated and disciplinary action, including termination.

Creation History

Created on: May 2013

Created by: Syed Noor

Verified By: Sundaresan .C

Approved by: Sundaresan. C

Change History

Updated on 23rd September 2023 by Syed Noor.

User Credentials Policy (Effective from May’13)

The User Id & Password you received is a Single Signe on for the following services

• System Login
• Mail Login
• File Server Access
• Internet Firewall Access
• Helpdesk Access

Password Policy (Effective from May’13)

• Login ID & Passwords should not be shared with other users. Login ID will be disabled, if found guilty.
• Users are forced to change Login Passwords every 45 days with the following complexities
• Min. 8 characters of length
• Should be Alphanumeric
• Should not repeat last 3 passwords.
• Password should not contain first two characters of your Username.

Process for User ID creation, Modification and Deletion.

For User ID & Mail ID creation:(Effective from June ’13)

1. ID Creation request will be raised by HR through our Helpdesk portal.

2. As per the details given by HR, ID will be created under respective location / Department OU in Active Directory.

3. Along with ID creation, the following Access will be added.

• Internet
• File server
• Distribution group receive and send
• FTP
• VPN

4. Restriction for attachment in receiving and sending mails.

User Modification: (Effective from Jun’13)

As per HR Requests in helpdesk portal for below categories of User modification.

• User Login ID
• Designation
• Reporting officer
• Internet access
• Security Group Access

User Deletion: (effective from November ’13)

Removal of Users will be based on 3 cases.

1. Absconding Cases:
2. After the notification of HRMS mail, we reset the User Password and disable the mail id and move to Temp OU in AD.
3. Serving Notice Period:
4. If the user in Notice period, we restrict the external mail access and keep basic internet access and remove the any special internet access like https/social media/shopping etc.
5. Resigned / Terminated:
6. After the No Due Certificate / HRMS alert, reset the password and disable the mail Id and move the user in Resigned Employee OU for final archive process of the user mailbox and delete.

Maternity Leave Policy

Maternity Leave Policy:  If user going in Maternity leave HR must give prior information to IT department, we will check with maternity leave user for returning the system to avoid the rental cost or keep the system with user if needed  After getting confirmation from user who is in Maternity leave will go for sim deactivation or kept active if needed.

System Policy (Effective from May’13)

• Allocation of User Desktop / Laptop with Standard configuration Desktop / Laptop based on User profile of work with max time of 2 business Days from the date of Request from HR.
• Desktop allotment after getting Workstation Details from Admin Team.
• Desktops / Laptops will become user’s Responsibility for any physical damages happening during User work hours.
• As per Policy, if company given asset get physically got damage by employee and the cost of the damage comes under 5k, company will bear the cost for the repair or recovery.

• If the damage cost is up to Rs.5k, the company will bear the damage cost.

• If the damage cost is more than Rs.5k, the amount exceeding Rs. 5k will have to be borne by the employee.
• Desktops are by default considered as shared resources by both Day & Night Shifts. (Except Developer and Designer assets).
• Purchases of additional System hardware accessories will be done based on proper justification along with their Head’s approval.
• Personal Laptops are allowed only for eligible users as per HR Policy subject to Network restrictions applicable based on Team.
• Headsets will provide only those who are in calling team.

Work From Home Policy:

• Allocation of User Desktop / Laptop with Standard configuration Desktop / Laptop based on User profile of work with max time of 3 business Days from the date of Request from HR.
• Desktops / Laptops will become user’s Responsibility for any physical damages happening during his/her tenure with sulekha.com

• Purchases of additional System hardware accessories will be done based on proper justification along with their Head’s approval.

• VPN access will be provided upon reporting manager approval and necessity

• We recommend using UPS for unexpected system failures due to power failure

• Any issue related to IT, users were not authorized to contact Vendor directly, User has to contact only IT Team.

Intern User Policy:

For Intern users, Desktops will be provided at office and not for Work from home. As we don't regularize them as a normal employee, the maintenance and recovery of assets from Interns become challenging and a normal asset declaration cannot be claimed from the user side responsibility.

System Policies – Do’s & Don'ts

• All Desktops should be shut down before user leave for the day or during any power emergencies. Make sure Monitors also switched off.
• Switch off your Monitors during meetings, breaks & Lunch time.
• Avoid Drinks / Eatables near IT Equipment's.
• Personal equipment's like CD / DVD’s, Pen drive, USB External Hard disks, Webcams, Headphones, Speakers, Data Cables with Digital Camera / Mobiles & Laptops are not allowed.
• USB / CD / DVD Drives in Desktops & Laptops are blocked universally.
• Avoid keeping legs over CPU and do not disturb any connection, Cables.
• Self-handling of IT issues is not allowed to avoid personal Damages.
• Swapping of IT assets & Accessories between users Workstation is prohibited

Biometric Access Policy

1. Biometric access (Fingerprint/Access card) will provide whenever employee joining in the Sulekha.
2. To stop of misusing access card, it will disable when the users are in work from home for security reasons.
3. When the user reporting to office permanently, user can contact IT team for enabling access (Biometric) card.
4. Biometric (FP and card) access will be removed. When the time of user relieving from company.

Mail & Messaging Services Policy (Effective from May’13)

Mail Login:

You can access your Webmail through the below mentioned URL:

https://mailrmz.sulekha.net/owa - For common mailboxes

https://outlook.office365.com/ - For user mailboxes 

• No Corrections in mail id is entertained.
• Mailbox size allocation based on Microsoft license assigned, keep emptying unwanted / junk / deleted mails as regular practice to keep mailbox size within limit.
• Message + Attachment size allowed is 5 MB by default for all users per mail.
• Microsoft Teams for Messaging services will be installed based on User Work profile.

Mail & Messaging Services Policy – Do’s Don’ts

• Do not forward / Circulate Unwanted / Unofficial Mails to anyone.
• Do not send bulk mails or mail merge unnecessarily it will lead your mail id block by Microsoft until they unblock you will not get access for mail send or receive
• Sulekha Mail-ids should be used only for official communications.
• Do not subscribe for any private Newsletters / Private Mail ids / non-official websites etc., with your Sulekha.net mail id. This is the starting point of all Junk mails
• External Mail Websites & Messenger services are restricted within Sulekha.
• Unused Mailboxes more than 15 days will get deactivated automatically.

Mailbox Security Policy (Amended by Aug’13)

• All messages distributed via the organization’s outlook system, shall be the property of the company.
• All Emails shall be audited without prior notification if the company finds it necessary.
• If there is evidence that the employee is not adhering to the guidelines set out in this policy, the company reserves the right to take disciplinary action.
• Users shall take care in drafting an email as they would for any other communication.
• Confidential information should be encrypted prior to being sent via email.
• IT team (on intimation from HR) will apply following access controls during his / her Notice period:
  • Sending mails will be restricted to “only within Sulekha”.
  • Mail access like Webmail & through Mobile handset will be disabled
• BH approval required for accessing any resigned / absconding / active user mailbox requested by any Manager / TL.
• Personal mail websites (ex- Gmail/Hotmail/yahoo) access only given for the employees who had the Business head approval. This will restrict the users to data transfer by using of personal mails.

File Server Policy: (Effective from August’13)

• Creating Fileserver security groups in AD based upon the user request.
• Creating folders in fileservers and giving share access for the security groups.
• Security groups are given access under shared folder security.
• Restricted for users to create folders, copy, delete the folders in the shared folder, so it will avoid the user to creating unnecessary folder and deleting the files unexpectedly in the fileserver.
• Audio & Video and image files (except teams work profile) are blocked in Fileserver through File server Resource Manager.
• Enabled quota management through FSRM to restrict the users to save the unwanted data as per policy.
• All Data should be saved only in respective File servers folder structures allotted for their teams and not on local drives like C: , My documents, Desktop etc.,
• System Admin is not responsible for local drives data and no backup will be provided for the same.
• File share access is based on their Team folder Structures with Access Control Policy.
• All Folders in File server are with Predefined Storage Quota enabled based on Team Usage.
• File Screening enabled on all File servers to protect Unwanted File Formats.
• Cross-Branch File Server usage allowed based on Business Heads Approval.

Data security policy: (Amended by September ’14)

• Users cannot copy the data from the system to any external device, because we have blocked the access for external storage (Ex – USB access and DVD drive access) via group policy.
• Users not allowed to bring laptops and external devices
• Users can only access the data in our network.
• VPN access for the roaming users based upon the business Head approval; they can access the data through VPN only.
• Visitors or vendors not allowed to use our network as per policy.
• Wi-Fi access restricted by enabling mac id in all access points.
• All chat logs requested by any Manager / TL / BH has to be routed through HR. Based on HR approval IT will provide the required logs.
• Data Transfer sites like Facebook / Gmail / FTP / Cloud Storage / G ’Talk / Msn Messenger will be disabled.

Software Policy (Amended in July’14)

• Basic OS & must need Licensed applications will be installed along with the Desktop.
• Licensed Software are allowed to install in User machines. Pirated/ Trial Licenses are not allowed.
• Based on the User profile, additional Software / Utilities will be installed subject to Software Standardization policy.
• Pirated / Personal software are restricted.
• Installation & Uninstallation of any software / utilities will be done by System Admin.
• · New Software license purchases are subject to Justification with proper approval from respective Business heads.

Printing Policy (Effective from June’13)

• · Printer / Scanner access restricted for limited Users based on Business Heads approval.
• Printed documents should be cleared from Printer area immediately by respective users.
• Avoid Personal Content printing / scanning / copying.
• Necessary Care to be taken before printing multiple pages to avoid Duplication and Paper Wastage.
• · User based Printing count will be monitored centrally from Chennai IT Team.

General IT Policy

• Common Desktop Wallpaper for all user logins.
• Common Screensaver for all user logins.
• Idle Desktops for 10 mins will be locked automatically.
• Sulekha.com common home page settings for Internet Explorer.
• All Sulekha Websites & Services are available as Default Favorites in Internet Explorer for all Windows Domain Users.

IT Policy for Personal Laptops (Effective from 15th November 2018)

• Personal laptops will be added to our Domain network.

• Users’ Domain login should be used for logging in to the laptop.

• All Group policies applied to our own machines will be applied to these personal laptops.

• If the Laptop OS is home edition / pirated edition, inform user to disconnect from network and use it outside the network, like all BDE.

• The personal laptop will be released from all Domain policy restrictions on the last day of the user gets relieved from Sulekha Roles.

• Forefront Endpoint protection / Windows defender should be installed and scanned before connecting to our network and should be retained after connecting to our network till his last day of Sulekha.

• USB restrictions will get applied.

• Wi-Fi access will be enabled on Sulekha-Wi-Fi access point through Security groups. The laptop mac id will be removed from Sulekha Mobile Wi-Fi access

• Only Licensed Software should be used in these laptops till it serves for Sulekha

Patch Management

• Windows updates for all user machines done through windows server Update Services Tool (WSUS)
• WSUS Server has been deployed in our LAN and all critical updates for servers / desktops.
• All required updates are approved and applied to user machines with a weekly schedule for every Friday 12 pm.
• Windows Update settings has been set for all client machines through Group policy.

Helpdesk URL:

Raise Trouble tickets in the below mentioned URL with your desktop login credentials

https://it.sulehka.net ;