We are Stronger Charity [the
The use of email, Internet and distribution list by staff, volunteers and trustees of the charity is permitted and encouraged where such use supports the goals and objectives of the Charity, however, we must ensure that communications are appropriate to the Charity's business activities and the charity is protected from risk of hacking, phishing, or legal implications arising from inappropriate use.
This policy applies to all staff, volunteers and trustees who are expected to always comply with the principles below.
The policy covers Microsoft 365 email communications, including the use of distribution lists, along with Microsoft Teams instant messaging, WhatsApp and Internet usage.
The following behaviour by an employee/volunteer is considered unacceptable:
Phishing is when attackers attempt to trick users into doing 'the wrong thing', such as clicking a bad link that will download malware or direct them to a dodgy website. Phishing can be conducted via a text message, social media, or by phone, but the term 'phishing' is mainly used to describe attacks that arrive by email.
They are likely to have a 'call-to-action.' This could be asking you to click a link or open a file, which will install a virus or some ransomware. Or it could be asking you to fill out an invoice, make a fraudulent payment, provide some personal details or log in to an account. Most of the time a savvy user will disregard these emails, as they do not come from contacts your users trust. But they can be convincing and cause real harm. Report these kinds of emails to the IT department (ITTeam@wearestrongercharity.org) of the charity without opening any attachments to the phishing email.
Malicious websites are sites that attempt to install malware on an individual's device while visiting the website (a general term for anything that will disrupt computer operation, gather personal or business information or in a worst-case scenario, gain total access to the individual's computer).
To avoid malware, all staff, volunteers and trustees are required to have active anti-virus protection on their devices at all times and update their anti-virus regularly. Details of the anti-virus will be shared with the IT Team who will monitor for compliance.
All of the Charity's email resources and distribution list are provided to support its vision and purpose. Therefore, the Charity maintains the right to examine any systems, email or distribution list and inspect any data recorded in them.
We are Stronger Charity reserves the right to access and disclose, for legitimate business and/or legal reasons, any message, document, or other matter sent through any communications services and equipment used by the Charity.
To ensure compliance with this policy, the Charity also reserves the right to check upon the use and content of emails and distribution list. Such monitoring is for legitimate purposes only and will be undertaken in accordance with a procedure agreed with employees and volunteers. Details of the procedure can be found in the Communication Monitoring Procedure.
Where it is believed that a volunteer has failed to comply with this policy, this will be investigated by hr_employment@wearestrongercharity.org and appropriate action taken. This may result in the requirement for further training or the termination of any volunteer agreement.
This policy will be reviewed annually. The next review is due in June 2025.