Creating and Managing Effective Acceptable Use Policies - Slide 2

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next Creating and Managing Effective Acceptable Use Policies-2 Next

Many organizations have some sort of AUP written into the terms and conditions of their employment contracts or an associated document. Unfortunately, these tend to be static, non-specific and almost invisible to the end-users, with fewer than half (45 percent) of organizations updating or changing their AUP over the last twelve months.

The Internet has changed dramatically over the last five years and will continue to do so. To be effective, an organization must be willing to review its AUP in order to adapt and address emerging threats, new regulations and changes in use of email and the Internet. A good example of this is YouTube.

For several years, YouTube was considered to be a waste of time as far as businesses were concerned. They didn’t want employees to watch funny clips or music videos all day long. Increasingly, however, many organizations have started to seen the benefits of sites like YouTube. Some now use these sites for training purposes as well as for sales and marketing; thus making the site available to their staff, but amending their AUPs to ensure its usage is not abused.

Nearly all organizations now rely upon information technology to do business. Most office-based employees have access to a computer and many have a laptop or PC that is dedicated to their business use but also for their own personal use. Both email and the Internet provide employees with essential tools that enable them to do their jobs. However, technology is also open to abuse.

For many years employers have issued guidelines to their staff relating to the acceptable use of telephones at work. Most companies usually adopt a pragmatic approach and permit reasonable personal use of their telephones, excluding, for example, lengthy or international calls. Others have been more draconian and issued a clear edict that no personal use is permitted whatsoever. With the increased importance and use of email and Web at the workplace, these guidelines are frequently extended to include all areas of information technology, eventually becoming what is commonly called an acceptable use policy (AUP).

AUPs have become far more important than simply ensuring a user isn’t spending their whole working day surfing the Web, exchanging jokes and pictures or chatting with their friends or family. The reliance upon IT and the nature of the data that passes through it is often fundamental to the successful and smooth running of a business or organization. Any compromise or failure of the system has the potential to be catastrophic and can result in anything ranging from the merely irritating or mildly embarrassing to criminal prosecution and a prison sentence for corporate officers.

An effective AUP, especially when used as the basis for an IT security training program for all members of staff, can help ensure productivity while increasing security. As such, a good AUP can be viewed by employers and employees as a positive (rather than restrictive) measure, by providing a guideline that enables the use of technology for everyone without the risks.

The content of an AUP will undoubtedly vary between organizations. Regardless of content, however, M86 Security contends that to be really successful an acceptable use policy must meet the following criteria.

More Slideshows:


Six Steps to MDM Success Steps you should take before embarking on a master data management initiative.

Five Innovations that Could Change the Way We Live, Work and Play IBM predicts five ways that technology innovations will change people's lives.

Five Voice Recognition Software Picks Top voice recognition software offerings that may take you to the next level in terms of productivity.

 

Related Topics : E-mail Security, E-mail Servers, Passwords, Security Metrics, Spam

 
More Slideshows

The Spam Dirty Dozen: Top Spam-Relaying Countries for Q3 2012

IT security and data protection firm Sophos has published its latest 'Dirty Dozen' report of spam-relaying countries for the third quarter of 2012. ...  More >>

Security and Compliance: Violations and Lack of Confidence Are Widespread

Research shows lack of confidence in and widespread violations of corporate security and compliance policies. ...  More >>

Nine Document Security Tips Nine Tips to Keep Your Electronic Documents Secure

Tips to help ensure that your electronic document repository is 100 percent secure. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.