Table of contents
Topics on this page

Rules of Behavior for External Users

The following rules describe your responsibilities and expected behavior with respect to Trend Micro Cloud One for Government (C1G) system information and system usage.

  1. You must report all security incidents or suspected incidents to the InfoSec team (security@TrendMicro.com). Reports of any anomaly/ possible security incidents are immediately analyzed and mitigated by the Information Security team.

  2. As a Trend Micro customer, you are in sole control of the individual permissions on your accounts and surveys, which enables integrity of the systems that you access.

  3. You must construct strong passwords as per the C1G password policy, which has a default 8-character minimum.

  4. You must not store passwords or other sensitive information on desks or in plain sight. Passwords may not be shared and must be protected at all times.

  5. You must never share account information details with anyone from Trend Micro except members of the Trend Micro customer support if you require their assistance. You should only share the information after ensuring that the parties have the proper clearance, authorization, and need-to-know.

  6. You must follow proper logon/logoff procedures. You must manually logon to your session; do not store your C1G password locally on your system or utilize automated logon capabilities. You must promptly logoff when session access is no longer needed. If a logoff function is unavailable, you must close your browser. Never leave your computer unattended while logged into the C1G system.

  7. Your COG account will be disabled after three invalid login attempts during a 15-minute period and stays deactivated for thirty minutes. You may contact the customer support team to unlock the account or use the self-service password reset option (which sends an email with a link to reset password).

  8. You own all right, title and interest in all data you enter into C1G System, including uploaded content such as completed forms and documents. All reports and downloads that are derived from the data are also owned by you. All data specified is deemed as Confidential information and will not be utilized by Trend Micro for any purpose.

  9. You are solely responsible for all data and are liable for your data and the manner in which you collect or distribute your data to third parties.

  10. You must not resell Trend Micro services or permit third parties to use the services without prior written consent.

  11. You must not make unauthorized copies of any content within C1G System except your own data.

  12. You must not upload data that contains nudity, pornography, profanity, or foul language or links to such content.

  13. You must not upload or store malicious software or data that condones, promotes, contains, or links to warez, cracks, hacks, their associated utilities, or other piracy related information, whether for educational purposes or not.

  14. You must not upload data that infringes any copyrights, patents, trademarks, or other Intellectual property.

  15. You must not upload binary files or executable files.

  16. You must use browsers using SSL (v3 or higher) and TLS 1.2 which use AES 128/256-bit encryption.

  17. You must not reverse engineer or tamper with the security of the C1G System.

  18. You must not perform vulnerability tests, network scans, penetration tests or other investigative techniques on Trend Micro services.

  19. You may not use social media to disclose Trend Micro’s confidential or customer information. This includes anything related to Trend Micro strategy, sales, products, security, policy, management, etc., that have not been made public.

  20. You must report a suspected security breach event (such as logging into the Trend Micro platform and leaving your computer unattended and if someone downloads data) to security@TrendMicro.com. In such a case, Trend Micro will provide reasonable assistance to mitigate further exposure and attempt to determine the root cause.

  21. You agree to contact the InfoSec team (security@TrendMicro.com) if you do not understand any of these rules.