Acceptable Use Policy¶
Version 1.0 | Classification: CONFIDENTIAL — Internal Use Only
Purpose¶
This policy defines the acceptable use of all information systems managed by Greenpeace US IT, including on-premises servers, cloud infrastructure, network devices, and administrative tools.
Scope¶
Applies to all GPUS-IT staff, contractors, and any individual with administrative or user access to GPUS-IT systems.
Authorized Use¶
Systems are provided solely for business purposes in support of Greenpeace US operations. Authorized activities include:
- Administration of DNS, DHCP, monitoring, and logging services
- Access to management interfaces (Webmin, Grafana, Kibana) for operational purposes
- Backup, restore, and disaster recovery operations
- Security monitoring and incident response
Prohibited Activities¶
The following are strictly prohibited:
- Use of GPUS-IT systems for personal, commercial, or non-Greenpeace activity
- Installation of unauthorized software or services
- Sharing of administrative credentials
- Disabling of security controls including AIDE, auditd, SELinux, or firewalld
- Exfiltration of configuration data, credentials, or log data to unauthorized systems
- Attempting to access systems or data beyond authorized scope
Monitoring and Enforcement¶
All activity on GPUS-IT systems is logged via auditd and centralized in the WIND ELK stack. Users have no expectation of privacy on GPUS-IT systems. Violations may result in access revocation and disciplinary action.
Review¶
This policy is reviewed annually by the IT Manager.
Acceptable Use · v1.1 · 2026-03-14 · GPUS-IT · Classification: CONFIDENTIAL — Internal Use Only