We are trusted as a leader in world-changing technology. Protecting the confidentiality, integrity and availability of proprietary and confidential data, whether it is our product development, HR, financial, customer, supplier or brand, it keeps us at the forefront of the global marketplace.
Do not provide information regarding Cisco, our customers or partners to others without securing the required approvals and written agreements. What may appear to be an innocent request for information could result in serious harm to our company. Be alert to requests for information from anyone inside or outside of Cisco including:
Employees are sometimes contacted by “external influencers”, who are seeking information about Cisco’s business, people, customers or partners. Any employee interaction with these parties – the press, industry analysts or members of the financial community – regarding our company must be coordinated with Global Analyst Relations, or Cisco Investor Relations respectively. Violation of this policy is serious and may result in disciplinary action, including immediate termination and possible prosecution for violation of securities laws.
It is valuable information that Cisco owns, has the right to use, or has access to. Proprietary assets represent the product of our hard work. They are often confidential and can include:
Each of us is responsible for protecting the confidentiality, integrity and availability of proprietary information that belongs to Cisco, our customers, vendors, partners and others with whom we do business:
Only authorized persons or processes are allowed to have access to the proprietary information.
The accuracy and reliability of the proprietary information is maintained by preventing the unauthorized modification of the information, either accidentally or intentionally.
Reliable and timely access to the proprietary information is maintained for authorized individuals and processes.
Cisco employees sign a nondisclosure agreement (NDA) when they are hired (and may need to sign additional agreements depending upon the nature of the job). In addition to the obligations outlined in the agreement, all employees must comply with the following requirements:
Requests from External Parties
Requests for confidential, proprietary information and the disclosure of confidential, proprietary information with third parties require a written agreement. Please visit NDA Central for further information.
Confidential or proprietary information should be disclosed only to those Cisco employees with a legitimate business purpose, who need the information to do their jobs.
Securing Third-Party Information
Proprietary or confidential information entrusted to us by a customer, partner, supplier, vendor or other third party should not be used or copied by a Cisco employee unless its use is authorized in writing by the appropriate Cisco Data Trustee and the third party, and its data protection requirements have been identified by the third party.
Do not accept unauthorized information
Any unsolicited, third-party proprietary information should be refused or, if inadvertently received by an employee, returned unopened or transferred to Cisco Legal.
Employees must refrain from using or sharing with Cisco proprietary information belonging to former employers (unless the former employer, or the rights to the information, have been acquired by Cisco).
The protection of data is everyone’s top priority. Every Cisco employee and supplier has a responsibility to protect the confidential and proprietary data they interact with on behalf of Cisco. The Data Protection Principles below will help guide your interactions at every level within the organization, so take the time to read and understand them.
Cisco has the right to require security controls on all electronic and computing devices used to conduct Cisco business or interact with internal networks and business systems, whether owned or leased by Cisco, the employee or a third party.
Note: Cisco also has the right to inspect at any time, all messages, files, data, software or other information stored on these devices or transmitted over any portion of the Cisco network.
At Cisco, we collaborate and exchange information in various forms, whether it's an email, video, audio recording, or an electronic or paper document. Know the Cisco policies related to management and retention of records and email so that we are compliant with legal and business requirements.
Be familiar with the Cisco Record Retention Policy and Schedule to determine how long to keep your content and to prevent the disposition of information related to an investigation, claim or lawsuit.
Contact the Enterprise Records & Information Management (ERIM) Team for assistance.
Customers and other external parties trust Cisco with their vital technology, assets and/or infrastructure – which may sometimes include access to their employees' and customers' sensitive information. We must work to protect all of it.
The world is moving toward the “Internet of Everything” era. As phone and computer systems evolve into new types of collaboration and cloud computing, the data protection risks are also evolving. Our company is a trusted business partner and all Cisco employees should be appropriately cautious when handling any type of customer data.
It is any record containing information about a Cisco customer – whether in paper, electronic, video or other form – in connection with providing a product or service. This includes customer data managed or created by Cisco, as well as customer data handled by third parties on behalf of Cisco. Here are some examples which apply to both the company as well as the individual:
To learn more about protecting customer data:
Refer to Cisco's Data Protection Policy for details about your responsibilities in handling Cisco's and others' information.
No. You should not share information that would be considered confidential or proprietary. Refer to the Guidelines Regarding Proprietary Information of Former Employers for more information.
Do not read the document and do not share it with coworkers or your manager. A package should be quickly sealed and secured. Do not forward the email. Contact Cisco Legal immediately and wait for their instructions.
Yes – an NDA, or other appropriate agreements, should be put in place at the beginning of any new business relationship. Check NDA Central to see if an NDA is already on file.
Only authorized signatures, as assigned in the Virtual Approval Process (VAP) tool, may sign on behalf of Cisco. Submit any customer data protection and privacy questions to the Customer Information Clearinghouse (CIC) Team.
Have another question, contact the Ethics Office for assistance.
The multi-lingual Cisco Ethics Line is available 24 hours a day, 7 days a week, worldwide, with country-based toll-free phone numbers. The Ethics Line is staffed by a leading third-party reporting service. You have the option to remain anonymous* when you call; however, the investigation may be hindered if the investigator is unable to contact you for further information.
*Please note: Some countries do not allow such concerns to be reported anonymously.
Questions and concerns regarding accounting, internal accounting controls, or auditing matters (or other related issues) can be submitted — confidentially or anonymously — to the Audit Committee of the Board of Directors. at the following private mailbox (PMB):
Cisco Systems, Audit Committee
105 Serra Way, PMB #112, Milpitas, CA 95035