What is THAT on your computer?
Do you have a company phone? Store work on a computer, or do you maintain equipment? Do you use a company credit card? Do you have access to confidential information or company records, or deal with personal data? All of these are examples of company assets. Some of them are tangible and some intangible, but everyone from a janitor working at a mill to the executives sitting in an office controls some kind of assets each and every day. It’s easy to forget that these assets are actually entrusted to us, and that it is our responsibility to treat them properly. This is why the Ethical Spotlight is now aimed at this topic: the appropriate use of company assets.
Company assets is an important part of Stora Enso’s infrastructure and any loss, damage, or misuse creates unnecessary expenses and affects the profitability. If you use something every day, like your computer or your smartphone, you might forget the appropriate professional use of it. It might feel like it’s no longer a tool enabling your work, but your own device to be used as you wish.
Many companies these days, Stora Enso being no exception, rely heavily on technology to do business. For accessibility, many of us have smartphones with easy access to emails. Many employees work remotely, meaning that a laptop with access to Stora Enso’s network is being carried outside the office walls. You should always be aware of your responsibility for safeguarding the assets, both tangible and intangible.
The new EU General Data Privacy regulation (the GDPR) enters into force on 25 May this year and requires all of us to take even more care of the personal data we process in our daily work. Privacy has always been important but with the increasing amount of hackers, con artists and other fraudsters, data breaches are becoming more and more common. Data breaches are often caused by acts of criminals but sometimes also by a pure mistake of an individual handling the personal data or the devices, which makes it possible for the hackers to access the data. Every one of us must learn to embed the rules into our thinking and daily work, and act accordingly. Security measures can help us protect the data from outsiders, but we as employees handling the data, need to also understand what data we collect and save, where is it being stored and for how long, and who has access to it.
Every one of us has probably surfed the web or checked social media pages during office hours. The need for limited and occasional use of company email or the computer for personal purposes is understandable. However, the threat of employee misuse goes beyond loss of productivity and efficiency. Entering unsecure websites opens up the door for hacking and viruses onto our servers, which could cause irreparable damage to our business. If the company assets are used for inappropriate or illegal use, such as to browse or download illegal material, such as pirated videos, music or software or to view inappropriate or illegal material, this puts the company at risk as well. The company could be found liable for possessing illegal material on its servers, not to mention that it’s a serious violation of our values.
One extreme example of violation of international laws and Stora Enso’s values, is downloading, storing and sharing of child sexual abuse material. This has become a huge problem in the world and combatting child porn is not a problem just for the police anymore. The majority of child sexual abuse material that law enforcement finds in investigations is stored on private storage devices, such as hard drives, computers, mobile phones and cloud services. However, it can be downloaded, shared and consumed in other ways – including on a work computer. One or two people in a thousand access child sexual abuse material from their work computer., as the work computer is often perceived as one of the most private possessions employees own, with nobody else like family members having access to it. Stora Enso is fully committed to combatting also this serious issue. If anyone should witness this kind of material being possessed by any of our employees they should report it immediately.
Ethical behavior is demonstrated not only in how we act towards each other but also in how we treat property. Please go through the Ethical Spotlight material from HERE to educate yourself on dealing with company assets, how to safeguard them and remind yourself how to deal with personal data in your daily work.
Ethics and Compliance