5-5 Prohibited Uses of Information Resources

Generally prohibited activities when using information resources include, but are not limited to, the following:

  1. Stealing electronic files containing nonpublic information or copying, moving, or storing electronic files containing nonpublic information to local hard drives, removable media, or via remote-access technologies.
  2. Violating copyright laws.
  3. Installing unauthorized software, including games and screen savers.
  4. Browsing the private files or accounts of others, except as provided by appropriate authority.
  5. Performing unofficial activities that may degrade the performance of information resources, such as playing electronic games.
  6. Performing activities intended to circumvent security or access controls of any organization, including the possession or use of hardware or software tools intended to defeat software copy protection, discover passwords, identify security vulnerabilities, and decrypt encrypted files, or compromise information security by any other means.
  7. Writing, copying, executing, or attempting to introduce any computer code designed to self-replicate, damage, or otherwise hinder the performance of, or access to, any Postal Service computer, network, or information.
  8. Accessing the Postal Service network via modem or other remote access service without the approval of the manager, Corporate Information Security Office Information Security Services.
  9. Promoting or maintaining a personal or private business or using Postal Service information resources for personal gain.
  10. Conducting fraudulent or illegal activities including, but not limited to, gambling, trafficking in drugs or weapons, participating in terrorist acts, or attempting unauthorized entry to any Postal Service or non-Postal Service computer.
  11. Conducting fundraising, endorsing any product or service, lobbying, or participating in any partisan political activity.
  12. Disclosing any Postal Service information that is proprietary and not otherwise public without authorized management approval.
  13. Performing any act that may defame, libel or misrepresent the Postal Service, its personnel, business partners, or customers.
  14. Using someone else’s log-on ID and password or any other personal identity credential.
  15. Using personal information resources (e.g., laptops, notebooks, personal digital assistants [PDAs], hand-held computers, or storage media including universal serial bus [USB] devices) at retail counter areas, mail processing areas, or workroom floors. This does not apply to personal information resources used by the unions in accordance with the collective bargaining agreement.
  16. Connecting any non-Postal Service (e.g. personal, contractor, or supplier) information resources to the Postal Service intranet (Blue) or Postal Service computing devices.
  17. The physical connection of Postal Service-sponsored cell phones to the Postal Service intranet (Blue) or Postal Service computing devices, regardless of purpose, is unauthorized. The physical or wireless connection of other Postal Service peripheral devices or personal peripheral devices to the Postal Service intranet (Blue) or Postal Service computing devices is strictly prohibited under any circumstances.
  18. Using non-Postal Service (e.g., personal, contractor, supplier) information resources to collect, process, store, transmit Postal Service sensitive-enhanced, sensitive, or non-publicly available information.
  19. Plugging a Postal Service nonencrypted USB drive into a personal computing device.
  20. Using unauthorized webcams, cameras, cell phones with cameras, or watches with cameras (and other personal imaging devices) in restrooms, locker rooms, retail counter areas, mail processing areas, workroom floors, vehicles, or other Postal Service areas unless approved by area or headquarters vice president or designee for business purposes. (See Management Instruction AS882-2007-6, Postal Service Use of Retail and Cell-Phone Cameras, on the use of handheld and cell phone cameras.)
  21. Sending unprotected PANs.
  22. Copying, moving, or storing cardholder data onto local hard drives or removable media when accessing cardholder information via remote access technologies.