Managed IT Services & Marketing Solutions for Southern California
(626) 412-8113 | info@xaastechs.com |
Legal & Compliance

Acceptable Use Policy

Guidelines for using XaaS Techs systems, services, and resources in a secure, responsible way. This policy applies to clients, authorized users, and anyone accessing our managed environments.

Last updated:

Questions about this policy?

If you have questions about what’s allowed or need clarification on any section of this Acceptable Use Policy, contact us:

This AUP should be read together with our Terms of Service and Privacy Policy.

This Acceptable Use Policy (“AUP”) describes rules and guidelines for using XaaS Techs systems, networks, and services (collectively, the “Services”). By accessing or using the Services, you agree to comply with this AUP in addition to any applicable agreements between you and XaaS Techs (including our Terms of Service or managed services agreements).

1. Scope

This AUP applies to:

  • Clients and their employees, contractors, and agents;
  • Any user with access to systems managed or hosted by XaaS Techs; and
  • Any person using devices, networks, or accounts configured or administered by XaaS Techs.

2. General acceptable use

You may use the Services only for lawful business purposes and in line with your organization’s policies and applicable contracts. In general, you must:

  • Comply with applicable laws and regulations;
  • Respect the rights and privacy of others;
  • Protect credentials, devices, and confidential information;
  • Follow reasonable security practices and guidance provided by XaaS Techs or your organization.

3. Prohibited activities

You may not use the Services, or allow others to use them, to engage in any of the following activities. These examples are not exhaustive.

3.1 Illegal, harmful, or abusive behavior

  • Violating any applicable law or regulation;
  • Harassing, threatening, or abusing others;
  • Distributing, viewing, or storing illegal content;
  • Engaging in fraud, identity theft, or deceptive practices.

3.2 Security violations

  • Attempting to gain unauthorized access to systems, networks, accounts, data, or devices (including penetration testing or scanning without prior written approval);
  • Circumventing or attempting to bypass security controls such as MFA, access controls, or monitoring tools;
  • Introducing malware, ransomware, or other malicious code, or knowingly taking actions that significantly increase security risk;
  • Sharing login credentials or authentication tokens unless explicitly allowed by policy.

3.3 Network and system abuse

  • Launching or participating in denial-of-service (DoS/DDoS) attacks;
  • Overloading systems or networks (intentionally or negligently) in a way that disrupts normal operations;
  • Running unauthorized servers, proxies, or relays on managed networks;
  • Interfering with, altering, or disrupting devices, configurations, or services managed by XaaS Techs without authorization.

3.4 Misuse of email and communication tools

  • Sending spam or unsolicited bulk messages that violate anti-spam laws or your organization’s policies;
  • Phishing, impersonation, or other deceptive communication intended to trick recipients into sharing information or performing actions;
  • Sending threatening, harassing, or offensive messages using accounts or systems managed by XaaS Techs.

3.5 Inappropriate content

  • Creating, storing, or transmitting content that is unlawful, discriminatory, or reasonably considered hateful or abusive;
  • Using business systems to host or distribute adult, obscene, or otherwise inappropriate content not related to your organization’s legitimate activities.

4. Account, credential, and device responsibilities

Users are responsible for the security of their accounts and devices that access the Services. In particular, you agree to:

  • Keep passwords and MFA codes confidential and not share them with others;
  • Use strong, unique passwords and enable multi-factor authentication where required or recommended;
  • Promptly report suspected account compromise, lost or stolen devices, or unusual activity to your internal IT contact or XaaS Techs (depending on your agreement);
  • Follow endpoint security requirements such as encryption, antivirus/EDR, and patching policies.

5. Use of company data and systems

Access to systems and data managed by XaaS Techs is granted for authorized business purposes only. You must:

  • Access only the data and systems you are authorized to use, and only for legitimate business reasons;
  • Handle confidential or sensitive information in accordance with your organization’s policies and applicable regulations;
  • Avoid copying or transferring data to personal devices or consumer cloud services unless explicitly authorized;
  • Avoid installing unapproved software or altering configurations on managed devices without permission.

6. Remote work and personal devices

If you access the Services from home, in the field, or using personally owned devices (BYOD), you may be required to follow additional controls, such as:

  • Device encryption and screen lock requirements;
  • Up-to-date operating system and security patches;
  • Approved antivirus/EDR or mobile device management tools;
  • Ensuring family members or other third parties do not access business accounts or data.

Your organization’s remote work and BYOD policies may provide further detail and will apply in addition to this AUP.

7. Reporting violations or security concerns

If you become aware of a potential security issue, policy violation, or misuse of the Services, you should promptly report it to:

  • Your internal IT or security contact; and/or
  • XaaS Techs support, where we have a direct managed services agreement in place.

Good-faith reporting of suspected issues is encouraged. You should not attempt to investigate or exploit potential vulnerabilities on your own unless you are explicitly authorized to do so.

8. Enforcement

Violations of this AUP may result in actions such as:

  • Warning or required training for the user;
  • Temporary or permanent suspension of access to specific systems or services;
  • Investigation by your organization’s HR, legal, or security teams;
  • Termination of service agreements or notification to law enforcement where required by law.

XaaS Techs may work with your organization’s leadership to investigate suspected violations and take appropriate steps to protect systems, data, and users.

9. Changes to this Acceptable Use Policy

We may update this AUP from time to time to reflect changes in our Services, security practices, or legal requirements. When we make material changes, we will update the “Last updated” date at the top of this page and may provide additional notice as appropriate.

10. Contact us

If you have questions about this Acceptable Use Policy, or how it applies to your use of XaaS Techs services, you can contact us at:

XaaS Techs
Email: info@xaastechs.com
Phone: (626) 412-8113
Website: https://xaastechs.com/

This Acceptable Use Policy is provided for general informational purposes only and does not constitute legal advice. You should consult with your legal counsel to ensure your policies and practices comply with applicable laws and regulations.