Create a Policy for Safeguarding Computers and Other IT Equipment

John Storts
Slide Show

Six Keys to a Secure Workstation

In the race to acquire the most sophisticated security tools, many forget that the first line of defense is really the user.

Protecting business desktops, laptops, tablets and other IT equipment from misuse starts at the end-user level. It's important that the business defines boundaries for appropriate use and communicates those boundaries clearly and concisely to all employees. Creating policies is the first step in setting those boundaries and enforcing them.


Toolkit Cafe contributed the IT Computer Equipment Security Policy template to assist others in the creation of policies that protect both the organization and the employee. The template, part of its comprehensive IT Governance and Compliance Toolkit, can be fully customized to reflect pertinent policy details, including content owners and revision history. Initially, it provides five common policy items that you can revise to meet your business environment. These items outline the official stance on:

  • Reasonable and limited use of company equipment for personal reasons, unless prohibited by the nature of the work
  • The rights of the company to monitor use of equipment, including email and Internet access, without notice or consent
  • Accessing a co-worker's computer without authorization
  • Conducting or soliciting outside business using company equipment
  • Proper disposal of equipment, including removal of any files or licensed software, by authorized personnel


In addition, the template includes spaces for indicating who employees should address questions to within the IT department and what the consequences are for non-compliance.


Don't wait to put a security policy in place until after a breach, theft or obvious violation occurs. Craft a strong policy now and make sure all employees are aware of it to proactively avoid problems. Unless conversion rates have changed in some fundamental way, an ounce of prevention is still worth a pound of cure.


Related Content

Information Security for End Users

Network Security Policy for Portable Computers

Excessive Use of Information Technology Resources Policy

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
May 28, 2011 4:16 PM VugVee VugVee  says:

Wow, OK that makes a lot of sense dude. Wow.


May 31, 2011 5:18 PM Sam Sam  says:

One should also think about what happens with the equipment once its no longer used. All too often, equipment is discarded through non-reputable channels and sensitive information is properly deleted before the equipment is sold on. Companies like http://www.durabilit.com ensure that all data is securely removed from any equipment that they obtain and guarantee this to their customers. After all, you wouldn't want your private information become publicly available?


Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.