Cisco logo

Cisco Code of Business Conduct

I Am Trusted with Confidential and Proprietary Data

We are trusted as a leader in world-changing technology. Protecting the confidentiality, integrity and availability of proprietary and confidential data, whether it is our product development, HR, financial, customer, supplier or brand, it keeps us at the forefront of the global marketplace.

How can I help protect Cisco’s assets?

Do not provide information regarding Cisco, our customers or partners to others without securing the required approvals and written agreements. What may appear to be an innocent request for information could result in serious harm to our company. Be alert to requests for information from anyone inside or outside of Cisco including:

  • Overall business trends
  • Business in our geographic theaters
  • Product & Service pricing, booking or delivery
  • Customer names, contacts or other data pertaining to a Cisco customer
  • Lead times
  • Lawsuits or intellectual property disputes
  • Suppliers
  • Intellectual (company) assets
  • Pricing
  • Product development

Employees are sometimes contacted by “external influencers”, who are seeking information about Cisco’s business, people, customers or partners. Any employee interaction with these parties – the press, industry analysts or members of the financial community – regarding our company must be coordinated with Global Analyst Relations, or Cisco Investor Relations respectively. Violation of this policy is serious and may result in disciplinary action, including immediate termination and possible prosecution for violation of securities laws.

  • What is considered to be proprietary information?

    It is valuable information that Cisco owns, has the right to use, or has access to. Proprietary assets represent the product of our hard work. They are often confidential and can include:

    Click to expand
    • software programs and subroutines
    • source and object code
    • engineering drawings
    • copyrighted works, ideas and know-how
    • techniques and inventions (patentable or not)
    • any design-related information
    • product specifications or mask works
    • algorithms and formulas
    • flowcharts, schematics and configurations
    • circuits and mechanisms
    • works of authorship and research
    • processes for tooling, manufacturing, assembly, installation and service
    • marketing and pricing
    • new product roadmaps
    • customer lists or information
    • trade secrets
    • costs or other financial data (including unannounced press releases, information about our business transactions, operations, acquisitions or mergers)
    • employee salaries and compensation terms

    Each of us is responsible for protecting the confidentiality, integrity and availability of proprietary information that belongs to Cisco, our customers, vendors, partners and others with whom we do business:

    Confidentiality
    Only authorized persons or processes are allowed to have access to the proprietary information.

    Integrity
    The accuracy and reliability of the proprietary information is maintained by preventing the unauthorized modification of the information, either accidentally or intentionally.

    Availability
    Reliable and timely access to the proprietary information is maintained for authorized individuals and processes.

    Cisco employees sign a nondisclosure agreement (NDA) when they are hired (and may need to sign additional agreements depending upon the nature of the job). In addition to the obligations outlined in the agreement, all employees must comply with the following requirements:

    Use or Release of Information

    Requests from External Parties
    Requests for confidential, proprietary information and the disclosure of confidential, proprietary information with third parties require a written agreement. Please visit NDA Central for further information.

    Internal Need-to-Know
    Confidential or proprietary information should be disclosed only to those Cisco employees with a legitimate business purpose, who need the information to do their jobs.

    Securing Third-Party Information
    Proprietary or confidential information entrusted to us by a customer, partner, supplier, vendor or other third party should not be used or copied by a Cisco employee unless its use is authorized in writing by the appropriate Cisco Data Trustee and the third party, and its data protection requirements have been identified by the third party.

    Bringing Information into Cisco

    Do not accept unauthorized information
    Any unsolicited, third-party proprietary information should be refused or, if inadvertently received by an employee, returned unopened or transferred to Cisco Legal.

    Former Employers
    Employees must refrain from using or sharing with Cisco proprietary information belonging to former employers (unless the former employer, or the rights to the information, have been acquired by Cisco).

  • Making Data Protection a Priority.

    The protection of data is everyone’s top priority. Every Cisco employee and supplier has a responsibility to protect the confidential and proprietary data they interact with on behalf of Cisco. The Data Protection Principles below will help guide your interactions at every level within the organization, so take the time to read and understand them.

    1. Accountable: I am responsible and accountable for protecting the proprietary and confidential data I encounter.
    2. Knowledgeable: I acknowledge and understand the data protection and privacy policies, and I will complete any required data protection training or privacy training.
    3. Transparent: I will immediately notify my manager and report any suspected or actual confidential or proprietary data loss disclosures for further investigation.
    4. Aware: I THINK before interacting with proprietary and confidential data and can justify with whom and how I've shared it via secure transmission using approved tools/methods.
    5. Consistent: I comply with third party requirements for how their data is handled and route all inquiries and/or contract requests through the Customer Information Clearinghouse.
    6. Proactive: I will design privacy, security and resilience into our product and service offering and processes.

    Cisco has the right to require security controls on all electronic and computing devices used to conduct Cisco business or interact with internal networks and business systems, whether owned or leased by Cisco, the employee or a third party.

    Note: Cisco also has the right to inspect at any time, all messages, files, data, software or other information stored on these devices or transmitted over any portion of the Cisco network.

  • Manage company records properly.

    At Cisco, we collaborate and exchange information in various forms, whether it's an email, video, audio recording, or an electronic or paper document. Know the Cisco policies related to management and retention of records and email so that we are compliant with legal and business requirements.

    Be familiar with the Cisco Record Retention Policy and Schedule to determine how long to keep your content and to prevent the disposition of information related to an investigation, claim or lawsuit.

    Contact the Enterprise Records & Information Management (ERIM) Team for assistance.