Acceptable Use Policy

Purpose

The purpose of this Acceptable Use Policy (“Policy”) is to outline the acceptable uses of Structsure’s network, software, and all related content (the “Structsure Platform”).  Inappropriate use of the Structsure Network may expose Structsure and the users of the Structsure Network to risks including, but not limited to, virus attacks, compromise of network systems and services, and legal liability.

Scope

This Policy applies to the use of information, electronic and computing devices, and network resources located or accessible on the Structsure Platform.  All users of the Structsure Platform are responsible for exercising good judgment regarding appropriate use of information, electronic devices, and network resources in accordance with this Policy and with your organization’s policies and standards, and local laws and regulations. This Policy applies to any user of the Structsure Platform. This document is not intended to replace your organization’s acceptable use policy, but work in tandem with it.  As used in this Policy, “user” refers to any employee, contractor, consultant, or other person who uses or has access to the Structsure Platform. “Structsure” refers to BrainGu, LLC and its employees, contractors, and affiliates. “You” or “your” refers to any user of the Structsure Network.

Policy

General Use

  • You have a responsibility to promptly report to Structsure the theft, loss, or unauthorized access of any asset with access to the Structsure Network.
  • You have may access and use the Structsure Network only to the extent it is authorized and necessary to fulfill your assigned job duties.

Security

  • All devices that are used to connect to the Structsure Network must comply with your organization’s minimum access policy, if applicable.
  • System level and user level passwords must comply with the Structsure Network’s password policy and your organization’s password policy. Providing access to another unauthorized individual, either deliberately or through failure to secure its access, is prohibited.
  • All computing devices that access the Structsure Network must be secured with a password-protected screensaver with the automatic activation feature set to 10 minutes or less. You must lock the screen or log off when the device is unattended.

Unacceptable Use

The following activities are, in general, prohibited. Certain individuals may be exempt from these restrictions during the course of their legitimate job responsibilities, in the sole discretion of Structsure (e.g., systems administrations staff may have a need to disable the network access of a host if that host is disrupting production services).

Exporting software, technical information, encryption software or technology, in violation of international or regional export control laws, is illegal. Structsure should be consulted prior to export of any material that is in question. Structsure is not liable for any content created using the Structsure Network.

Under no circumstances is a user authorized to engage in any activity that is illegal under local, state, federal, international, or any other law while utilizing the Structsure Network. The list below is by no means exhaustive, but is an attempt to provide a framework for activities which fall into the category of unacceptable use of the Structsure Network.

System and Network Activities

The following activities are strictly prohibited:

  1. Violations of the rights of any person or rights protected by copyright, trade secret, patent, or other intellectual property, or similar laws or regulations, including, but not limited to, the installation or distribution of “pirated” or other software products that are not appropriately licensed for use.
  2. Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which the customer or the end user does not have an active license.
  3. Accessing data, a server or an account for any purpose other than conducting your legitimate business on the Structsure Platform, even if you have authorized access.
  4. Introduction of malicious programs into the Structsure network (e.g., viruses, worms, Trojan horses, e-mail bombs, etc.).
  5. Revealing your account password to an unauthorized third party or allowing use of your account by others, which includes family and other household members when work is being done at home.
  6. Use of the Structsure Network to actively engage in processing or transmitting material that is in violation of sexual harassment or hostile workplace laws in the user’s local jurisdiction.
  7. Making fraudulent offers of products, items, or services originating or forwarded through the Structsure Network.
  8. Effecting security breaches or disruptions of network communication. (Security breaches include, but are not limited to, accessing data of which the user is not an intended recipient or logging into a server or account that the user is not expressly authorized to access, unless these duties are within the scope of regular duties. For purposes of this section, “disruption” includes, but is not limited to, network sniffing, pinged floods, packet spoofing, denial of service, and forged routing information for malicious purposes.
  9. Port scanning or security scanning, unless this activity is a part of the user’s normal job or duty.
  10. Executing any form of network monitoring which will intercept data not intended for the user’s host, unless this activity is a part of the user’s normal job or duty.
  11. Circumventing user authentication or security of any host, network or account.
  12. Introducing honeypots, honeynets, or similar technology on the Structsure Network.
  13. Interfering with or denying service to any user other than the user’s host (for example, denial of service attack).
  14. Using any program, script, or command, or sending messages of any kind, with the intent to interfere with or disable a user’s terminal session, by any means, locally or by the Internet, Intranet, or Extranet.
  15. Providing information about, or lists of, employees to parties outside of your organization.

Policy Compliance

Non-compliance with this Policy will be reported to Structsure administrators. Penalties of non-compliance with this Policy can range from a warning to a loss of access for the offending user.

33148:00003:3919871-2