Autodesk must be protected against any illegal or damaging actions.
Employees, contingent workers, and other third parties must use Autodesk’s information and systems in accordance with Autodesk’s Information Security Risk Management Policy and associated Information Security Risk Management Standard.
Autodesk systems are meant for business use. Occasional personal use should not interfere with job responsibilities and must be compliant with Autodesk’s Code of Business Conduct.
Autodesk information and systems must not be used to perform any activity that is prohibited by local, state, or federal law or that violates Autodesk’s Code of Business Conduct.
2. Corporate Ownership & Privacy
Any information created by an employee, contingent worker, or other third party, during the course of business at Autodesk, or generated on, sent, received, or stored on Autodesk-owned, leased, or administered systems, is the property of Autodesk.
Autodesk does not guarantee the confidentiality of non-Autodesk information stored on systems connected to Autodesk’s network.
Only authorized individuals may monitor systems and networks (e.g., for purposes of security, network maintenance, compliance, etc.).
Authentication controls, such as passwords, certificates, and tokens must not be shared and must be protected from disclosure at all times.
Passwords must periodically expire and be sufficiently complex so they cannot be easily guessed or deciphered. Password reset and creation requirements are defined in Autodesk’s Access Control Standard.
4. Confidential Communication
Communications that are meant to be confidential must be labeled and handled as such.
5. Unacceptable Use
Employees, contingent workers, and other third parties must not introduce malicious software (e.g., viruses) into Autodesk systems.
Employees, contingent workers, and other third parties must not engage in activities that might degrade the performance of Autodesk systems, negatively impact authorized access to Autodesk information and systems, or attempt unauthorized access to information and systems.
Employees, contingent workers, and other third parties must not disable pre-set security settings on their workstations (e.g., desktop firewall, disk encryption, anti-virus software, etc.).