1. Who this applies to
This Acceptable Use Policy ("AUP") applies to anyone using IT services or resources managed, supplied, or hosted by D&B Kennedy Pty Ltd trading as Outlaw IT ("Outlaw IT", "we", "us"). This includes:
- Client end-users (your staff, contractors) on systems we manage
- Visitors to client networks where we provide guest connectivity
- Third parties (vendors, contractors) accessing client systems we manage
Clients are responsible for distributing this AUP to their users and ensuring they understand it.
2. Prohibited activities
You must not use Outlaw IT-managed services or resources to:
- Break the law. Includes Australian law and the law of any jurisdiction your activity affects — fraud, harassment, threatening behaviour, defamation, copyright infringement, financial crime, child exploitation material (mandatory reporting applies).
- Compromise security. Don't attempt to bypass access controls, escalate privileges without authorisation, exfiltrate credentials, plant malware, or otherwise interfere with the integrity of our systems or any other party's.
- Send unsolicited bulk email (spam). Includes commercial spam, harassing email campaigns, or distribution of malware via email.
- Distribute malware, ransomware, or destructive code. Includes intentional malware authorship, sharing, or hosting; also includes negligent failure to scan/remediate infected files before sharing.
- Engage in port scanning, DDoS, or reconnaissance against third parties from systems we manage.
- Use the service for cryptocurrency mining (cloud or otherwise) without specific written agreement.
- Run unauthorised peer-to-peer file sharing of copyrighted material on systems we manage.
- Store or transmit illegal content — child exploitation material, terrorism material, or anything otherwise unlawful.
- Use the service to harass, defame, or threaten any identifiable individual or group.
- Bypass our security controls — e.g. disabling endpoint security agents, removing security software, attempting to bypass Conditional Access policies — without prior written authorisation from the client's authorised IT contact.
3. Acceptable use
Use of Outlaw IT-managed services for legitimate business purposes by authorised individuals is, broadly, acceptable. Specifically:
- Standard business communication (email, Teams, video conferencing)
- Business documents, presentations, financial records
- Personal incidental use that doesn't interfere with business operations or violate this AUP — checking personal email at lunch is fine; running a side business through the company M365 tenant is not
- Reasonable security testing of your own organisation's systems by authorised individuals with prior written notice to Outlaw IT
4. Reporting violations
If you become aware of a violation of this AUP — by a colleague, by an external party, or by a system anomaly suggesting compromise — report it to your organisation's authorised IT contact, or directly to Outlaw IT at info@outlawit.com.au.
We treat AUP violations as security incidents. We respond per our incident-response procedure (see SLA targets).
5. Consequences of violation
Where we identify an AUP violation, our response is proportional to the severity:
- Minor or unintentional violation: we notify the client's authorised IT contact and may impose technical controls (e.g. blocking the specific behaviour at the firewall)
- Material or repeated violation: we notify the client's authorised contact in writing; in some cases (security incidents, illegal activity) we suspend access to the affected service immediately and investigate
- Illegal activity: we cooperate with law enforcement requests and may report to authorities (mandatory for child exploitation material under the Criminal Code Act 1995 (Cth))
Repeat or serious violations may result in termination of the service relationship per the MSA.
6. Updates to this AUP
We update this AUP from time to time. Active clients are notified of material changes by email. The current version is always at outlawit.com.au/aup.
7. Contact
AUP questions: info@outlawit.com.au.