Acceptable Usage Policy - IIFL Housing Finance Limited

Acceptable Use of IIFL Assets, Information and Data by Employees / Contractors / Vendors / etc.

This Acceptable Usage of IIFL Assets, Information and Data (“Agreement”) is executed at Mumbai on this
01/04/2024
date____________________________, by and between; IIFL Housing Finance Limited, a company incorporated
under the Companies Act and having its headquarters in Mumbai (hereinafter referred to as the “Disclosing Party”
which term shall unless repugnant to the context and meaning thereof be deemed to include its subsidiaries,
PARAMVEER TOMAR
successors and permitted assigns) of the One Part; and Ms. / Mr _________________________________________,
an adult India inhabitant residing
NEW DHEERWALI JWALAPUR HARIDWAR
at_____________________________________________________________________________________________
_______________________________________________________________________________________________
____________________________________________(hereinafter referred to as the “Receiving Party” which term
shall unless repugnant to the context and meaning thereof be deemed to include his/her legal heirs, executors,
administrator, and permitted assigns) of the Other Part.

The IIFL Assets, Information and Data handler/processor must ensure the acceptable usage of these as mentioned
below. In case of improper handing / processing of IIFL Assets, Information and Data the handler / processor will face
Legal or Disciplinary actions based on the severity of impact on business due to misuse happened.

Acceptable use of Assets

Having access to the organizations assets / data / information must be used only for official / business purposes. Any
use which shall be carried out with individual’s credentials (username, password, USB-Token, etc.) will be under
his/her own responsibility.

Employees should immediately report any misconduct observed against the usage of asset/data/information to
Incident Management Team and Information Security Team.

It is mandate to adhere IIFL Cyber & Information Security Policy and Procedure requirements throughout the
engagement with IIFL.

Email Usage Procedure

• Each user should delete data from their mailbox as well as from storing space when no more required
• Any business critical data/information should not be circulated over email and team members may use tools
provided by IIFL to circulate any business critical documents instead of sending them over emails
• Corporate email systems should be used for business communications only
• Outgoing/Incoming email size limit should be set as per company standards to all email users.
• SFTP folders or secure links to be used for sharing large sized data with clients/vendors/customers instead of
sending it over the emails

Page 1|3
Acceptable Usage Policy - IIFL Housing Finance Limited

Acceptable Internet Usage

• IIFL accepts that use of internet is a valuable business tool. However, misuse of this facility can have a negative
impact on employee productivity and on the reputation of the organization.
• Internet usage is restricted to official use only.
• Revocation of internet access will be performed as soon as it is not more required or the concern person is no
more associated with IIFL.
• Only IIFL provided system / devices is allowed to get connected with IIFL Network or via Wi-Fi
• In case of any personal mobile device connectivity via IIFL Wi-Fi will not be entertained.
• Download of files types such as Archive file types, Audio file types, executable file types, Image file types which
disrupt the network or which have the purpose of compromising the integrity and security of the IIFL Group
Companies networks and file servers is prohibited. For example - ZIP, 7-Zip, GZIP, TAR, RAR, .avi, .mp4, .mpeg,
.mp3, .wav, .exe, etc.
• Users are not authorised to install any software that has been downloaded from the internet onto IIFL Group’s IT
asset/ equipment.

Desktop/Laptop/Tab Acceptable Usage

• IRA/Department head should inform the Admin team well in advance about the requirement of desktop/laptop
along with prerequisite.
• Password and domain level policies to be adhered at all times
• Only IT technicians would be provided with admin access. Exception to this will be provided post authorized
personnel approval. Record of exceptions are maintained and reviewed periodically by the Digital Workspace
Team.
• Must not store any personal data on IIFL assigned desktops/Laptops/tabs/etc.
• Games and other prohibited/ unauthorized software should not be installed
• Clear screen policy and lock the screen must be followed when away from system.
• Usage of removable/movable media or transfer of organization business data is prohibited unless authorized by
Department Head and Information Security Team.
• USB port of desktop/Laptop is blocked by default for any data transferring and storage devices. In case this is not
the same please inform the IRA and Admin Team to get that done.
• Only IIFL provided laptops should be used within the office premises unless approved by the IIFL Information
Security Team.
• Ensure that individually assigned IIFL Laptop should have encryption software installed.
• Damaging, tampering or theft of asset/data will be subject to disciplinary actions. IIFL is entitled to recover the
amount for such loss/damage of asset/data from the employee.

Page 2|3
Acceptable Usage Policy - IIFL Housing Finance Limited

IP Phone Usage:
• STD/ ISD dial-in facility on the phones shall be provided on request basis along with approval (Business Head
approval) & business justification
• STD/ ISD dial-in facility should be availed only using “Passcode” provided by Voice Support team
• An individual will only be held accountable for the calls made by his/her assigned Passcode.
• IP Phone device movement is allowed post approval and business justification
• Phones should be strictly used for business purposes only. The individually allocated STD/ ISD Passcode is
confidential & should not be shared with anyone else in any manner (written/ verbal)
• Disclosing any type of organizational confidential information to any unauthorized personnel warrants strict
action.
• Speaker mode in the work area to be avoided unless warranted.

Server Usage:
• Defined policies and procedures for Server Usage have to be adhered.
• For all request related to server, end user will raise a service request to Wintel team. based on the business need
and necessary approvals Wintel team will execute the request

Return of IIFL Assets, Data and Information:

• Any asset, data or information assigned or generated / created for performing official job within IIFL is solely
owned by IIFL only.
• Shall return all organizational assets, data and information in possession (or assigned) before the last working day
of employment, upon resignation or termination or end of contract or agreement with IIFL.

PARAMVEER TOMAR
Name in block letters: ____________________________________________________________________________

23-Apr-2024
Signature: _______________________________________ Date: _______________________________

Page 3|3