Information security and the importance of operational security
Workplace is an internal Securitas platform and only employees have access to what is written and published there. Because it's used on private devices, there's a larger risk than with traditional internal communications systems that unauthorized persons can gain access to the platform; someone can lose their personal phone that isn't password protected, for example. It's incredibly important that everyone is aware that in the wrong hands, certain information can hurt us or our customers. For that reason, it's forbidden to publish secret or sensitive information on Workplace (specified further down in the document). All users need to be aware of this, and it's every user's responsibility to maintain our information security by reminding their colleagues about the following rules.
Anything that breaks the rules should be reported immediately to the system administrators by flagging the post (click on the three dots in the upper right corner of the post and choose "report post".
- Publishing private information is not allowed, whether about how we work or about our customers; only public and internal information is permitted. Public information is factual information published freely within and outside Securitas (such as policies and press releases); internal company information, however, retains a certain amount of sensitivity for Securitas (documents in our management system, among others).
- You may not publish or share sensitive information regarding the business, our work and other employees. This can include prices and contract information, business strategies, instructions regarding work practices or equipment, etc. A rule of thumb: if we don't talk about it openly, don't post it on Workplace.
- Don't publish customer information on Workplace. It's no secret that certain businesses or organizations are our customers, but we never discuss the services we provide or how they're staffed. Don't post about events at a specific assignment, either. Instead, talk about your experiences without identifying the customer.
- Publishing pictures taken inside our customers' property or in the surrounding areas is not permitted. Exceptions are pictures taken from places accessible to the general public, for example, a picture of a store taken from the customer parking lot.
- If you want to discuss vacancies: create a group that consists of interested parties or use Workchat; instead of the customer's name, use something like position codes or districts/shift-ID.
- Information in the form of text, pictures and videos that have been published on Workplace may not be copied, shared, displayed and in any other way made accessible to anyone outside of Securitas.
- Your login credentials may not be shared with anyone else and should be protected as a valuable document; likewise, you should ensure that you are logged out of any devices before leaving them unattended.
- So that everyone can understand what the conversation is about, only the official language/languages in your respective country is permitted in posts. Preferably use English in the global [ALL] and international [INT] groups, however you can write in your native language, relying on the Workplace translation function.
- The administrator of a group is also responsible for ensuring that the guidelines are followed by the group's members.
System administrators can see the content posted in every group – even groups that are private or secret.
Note that if you don't follow the guidelines, disciplinary action in accordance with Securitas' group and local policies may follow immediately. Failure to comply with these guidelines will be reported to your immediate supervisor.