1. Resource Mission Statement

Nexly.biz (the “Company”) provides high-performance computing, networking, and data resources to drive innovation and educational excellence. This policy establishes the structural standards for the professional and secure utilization of these institutional assets, ensuring the continuous stability and defensive integrity of our global ecosystem.

2. Structural Scope

This policy governs all Company-owned or leased hardware, software, cloud VPCs, and communication networks. It applies to all "Nexly Citizens," including employees, contractors, and third-party partners who interact with our compute fabric.

3. Individual User Accountability

Every citizen is responsible for the professional utilization of the assets assigned to them. Users must protect Company resources from theft, damage, and unauthorized access, treating institutional hardware as a prerequisite for their operational output.

4. Software Deployment & Integrity

Only software explicitly sanctioned by IT Command may be installed on institutional endpoints. The use of pirated software, unauthorized browsers, or non-verified encryption tools is strictly prohibited, as they represent entry-vectors for structural systemic risk.

5. Network & VPN Protocol

All remote connections to Nexly internal subnets must utilize the Company-mandated secure tunnel (VPN/Zero-Trust Proxy). Bypassing institutional firewalls or utilizing unauthorized proxies is a critical security violation.

6. Credential Fortress & MFA

Unique user credentials (IDs and Passwords) are the first line of defense. Users must utilize the Company’s Password Vault and Multi-Factor Authentication (MFA). Sharing credentials with colleagues or third parties is fundamentally prohibited.

7. Prohibited Logic & Conduct

Prohibited uses of IT resources include, but are not limited to:

• Unauthorized Penetration: Attempting to circumvent security controls or probing internal nodes for vulnerabilities.
• Malicious Payload Hosting: Utilizing Company storage for malware, cryptographic miners, or illegal content.
• Commercial Gain: Utilizing Company compute for personal businesses or external consulting.

8. Data Sovereignty & Exfiltration

Nexly information assets—including source code, customer data, and strategic blueprints—must remain within Company-managed storage clusters. Transferring institutional data to personal cloud storage or non-sanctioned external drives is strictly forbidden.

9. Digital Conduct & Communication

Communication platforms (Slack, Email, Teams) must be used professionally. The use of Company resources to transmit harassing, discriminatory, or offensive material—including "Digital Stalking"—is a primary breach of the Employee Code of Conduct.

10. Utilization Monitoring & Logging

For the purposes of cybersecurity and infrastructure maintenance, Nexly logs all activity on its network and endpoints. Our automated SIEM (Security Information and Event Management) system scans for anomalies and policy violations in real-time to protect the ecosystem.

11. Privacy Threshold & Expectation

Users should have **no expectation of privacy** regarding information stored on or transmitted through Company-owned resources. To the extent permitted by law, Nexly reserves the right to decrypt, inspect, and archive all data within its compute fabric.

12. Enforcement & Sanctions Logic

Violations of this AUP trigger an immediate "Incident Review." Sanctions range from the revocation of IT privileges and performance coaching to permanent dismissal and criminal referral for intentional system damage or data theft.

13. IT Integrity Command

To request software authorization, report a compromised endpoint, or inquire about VPN protocols, please connect with the IT Command Desk.