Free Essay

Purpose of an Acceptable Use Policy

In: Computers and Technology

Submitted By sbing00
Words 953
Pages 4
Purpose of an Acceptable Use Policy
Name
Institution
Course
Date

Purpose of an Acceptable Use Policy Acceptable use policy is an official and legal document that binds the employees of Tata communications to understand that the information and data is the property of the organisations and there are a certain rules that should be abided by when using this information. It secures the rights of a company to enforce certain obligations over them to make sure that they do not indulge in unethical and unprofessional sharing of the information upon which they are working or can access. The acceptable use policy which is taken as an example for the purpose of this paper is of Tata communications, which is the telecommunication company in India. The policy aims to elucidate the guidelines and standards for the employees to make sure that the information privacy and security is not compromised by the employees and that they are well aware of how to use the information. Every new employee at the company is made to go through the acceptable use policy and sign it for future reference. This maintains the check over the usage and sharing pattern of the employees. Each and every point that is central or peripheral to the usage and sharing is mentioned clearly with enough examples and instances to remove any kind of confusion to the employees. Critique the AUP The AUP is very well written and communicated however, there are certain points that can be included to make sure that the policy is even more transparent and clear. There should be a clear indication of the penalties that entail the use of any external device or data storage device in the company’s network. The policy should elucidate the ethical and moral bindings apart from the legal bindings so that it motivates the employees to follow the rules. The policy should be easy to comprehend with minimal legal language to ensure that ignorance does not become the excuse for violation. The AUP should be based on ethical and professional standards rather than legal violations so that it is easier for the employee to abide by it and it does not become an obligation but a good practice. AUP should also include the sharing violations of abstract and tacit information and not just confine itself to the data and statistical information. This will ensure that any kind of information sharing breach can be considered as violation and penalised. Methods to mitigate their risk exposure, and minimize liability The methods which can be used to mitigate the risk and minimise liability are: 1. Making the AUP available in the public domain: Tata communications has displayed its AUP on its website which makes it apparently very easy to go access and thus does not allow the employee to make the excuse of inaccessibility. 2. AUP should be succinct and clear: Tata communications has used easy language and legal terms to ensure that it is understandable to every kind of employee like engineers or techies who normally are weak with verbose document. 3. AUP should be applicable to long term vision of the company: Tata communications has made sure that its AUP is in line with what the company stands for and thus it makes sure that the employees can associate it with the mission and vision. 4. AUP should not be a perfunctory document: Tata communications makes sure that AUP is well read and understood by the employee before they sign it and thus it is given along with the employment letter. Any violation is then treated as an intentional offense and cannot be excused because the employee considered it just a formality and were not aware of any particular clause. Methods for increasing the awareness of the AUP Methods that can be used to increase the awareness of AUP are: 1. It should be made part of the employment documents 2. It should be made available to the employees at their work stations 3. It should be made part of HR orientation program at the time of joining 4. It should be made compulsory for all the employees to read and understand at the time of joining. 5. Notice boards should display the offenders and penalties regularly so that it is widely discussed in the office. 6. Employees should be made part of amendments and issues concerning the AUP so that it can be updated and made more effective according to dynamic business environment.
Conclusion
AUP is an important tool for technology companies like TATA communication that deal with lot of data and information. This information if shared and leaked by an employee, can lead to a massive competitor attack and lead to loss of market share. Thus, every company should protect itself by binding its employees by a legal document that clearly mentions do’s and don’ts while they work with the company’s classified information. This will enable the company to safeguard its information and also eliminate the chances of trade secret sharing with the competitors. AUP should be widely available and should be made part of regular discussions at the company so that it is not considered as a formality.

References Acceptable use policy – Tata communications, retrieved from: http://www.tatacommunications.com/policies Electronic communications privacy act of 1986, (P.L. 99-508), The United States Department of Justice, last retrieved: 29th April 2013. http://www.justice.gov/jmd/ls/legislative_histories/pl99-508/pl99-508.html FOIA, Electronic Frontier Foundation, Legal guide for bloggers, last retrieved: 29th April 2013. http://www.eff.org/issues/bloggers/legal/journalists/foia Protecting Information Rights-Advancing Information Policy, Office of Australian Information Commissioner, last retrieved: 29th April 2013. http://www.privacy.gov.au/materials/types/guidelines/view/6849…...

Similar Documents

Premium Essay

Acceptable Use Policy

...The Company provides employees with electronic communications tools, including an Email System. This written Email Policy, which governs employees’ use of the Company’s email system, applies to email use at the Company’s headquarters and district offices, as well as at remote locations, including but not limited to employees’ homes, airports, hotels, client and supplier offices. The Company’s email rules and policies apply to full-time employees, part-time employees, independent contractors, interns, consultants, suppliers, clients, and other third parties. Any employee who violates the Company’s email rules and policies is subject to disciplinary action, up to and including termination. Email Exists for Business Purposes The Company allows email access primarily for business purposes. Employees may use the Company’s email system for personal use only in accordance with this policy. Employees are prohibited from using personal email software (Hotmail, etc.) for business or personal communications at the office. Authorized Personal Use of Email Employees may use email to communicate with spouses, children, domestic partners, and other family members. Employees’ personal use of email is limited to lunch breaks and work breaks only. Employees may not use email during otherwise productive business hours. Employees are prohibited from using email to operate a business, conduct an external job search, solicit money for personal gain, campaign for political causes or......

Words: 814 - Pages: 4

Premium Essay

Acceptable Use Policy

...Acceptable Use Policy This written agreement outlining the terms and conditions of Internet usage, including rules of online behavior and access privileges. Because of the possible misuse of companies -wide computer networks and the Internet by employees having access privileges, Richman Investments are particularly concerned about having a well-developed AUP in place, which is then signed by the all employees and members of Management. Software Access Procedure Software needed, in addition to the Microsoft Office suite of products, must be authorized by your supervisor and downloaded by the IT department. If you need access to software, not currently on the Company network, talk with your supervisor and consult with the IT department. Internet Usage Internet use, on Company time, is authorized to conduct Company business only. Internet use brings the possibility of breaches to the security of confidential Company information. Internet use also creates the possibility of contamination to our system via viruses or spyware. Spyware allows unauthorized people, outside the Company, potential access to Company passwords and other confidential information. Removing such programs from the Company network requires IT staff to invest time and attention that is better devoted to progress. For this reason, and to assure the use of work time appropriately for work, we ask staff members to limit Internet use. Additionally, under no circumstances may Company computers or other......

Words: 523 - Pages: 3

Free Essay

Acceptable Use Policy Definition

...Acceptable Use Policy (AUP) Definition After research and careful consideration of some of the other policies listed by other companies such as AT&T, Sprint, T-Mobile, and Verizon Wireless, Richman Investments has come up with the an acceptable use policy (AUP). The following are not allowed at any time: Making of unauthorized promises in e-mail. All emails should have a footer which states that the messages are from the sender only and do not represent the decisions or policies of Richman Investments. Using company resources or web services to visit web sites which contain inappropriate material is prohibited. This includes pornography, sexually oriented material, or sites which promote or depict discrimination, violence, or illegal activities. In addition, it is no longer allowed to have big attachments to multiple recipients in the organization will be enforced. This can tie up the system during a busy point in the day which could end up keeping the company from making profitable decisions. In addition, no jokes or humorous items on Richman Investments email system. These emails may not be considered funny to some, therefore will not be allowed by any. Making statements concerning race, sexual orientation, disability, religion, or national origin are prohibited. These statements could be seen as harassment by either the person receiving it or by other people that may see it. Use of company email to support inappropriate activities is not allowed. Checking a......

Words: 324 - Pages: 2

Free Essay

Acceptable Use Policy

...Acceptable Use Policy (AUP) You must sign or digitally sign this form prior to issuance of a network userid and password. Initial Awareness Training must be completed prior to signing this agreement. IA Awareness training is found at http://ia.gordon.army.mil/dodiaa/default.asp. The IA Awareness test located on the Fort Gordon website must be completed to fulfill the Awareness training requirement. [pic] By signing this document, you acknowledge and consent that when you access Department of Defense (DoD) information systems: 1. You are accessing a U.S. Government (USG) information system (IS) (which includes any device attached to this information system) that is provided for U.S. Government authorized use only. 2. You consent to the following conditions: a. The U.S. Government routinely intercepts and monitors communications on this information system for purposes including, but not limited to, penetration testing, communications security (COMSEC) monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. b. At any time, the U.S. Government may inspect and seize data stored on this information system. c. Communications using, or data stored on, this information system are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any U.S. Government-authorized purpose. d. This information......

Words: 2024 - Pages: 9

Premium Essay

Acceptable Use Policy

...Acceptable Use Policy (AUP) The three companies I compared policies with were; SANS, Sopho, and Pinterest. In regards to SANS institute and Sopho they were alike in several ways first of all the AUP was from a employee / company comparison, such as not sharing id's, passwords, company's copyright information etc…They also shared Pirated software not licensed by the company is prohibited. My third choice Pinterest is more of a social site and some of the policies are different because even though your accessing the companies site to post images, opinions etc…they still have AUP in place to restrict users from posting pornographic images, creates a risk of harm, loss, physical or mental injury, emotional distress, death, disability, disfigurement, or physical or mental illness to yourself, to any other person, or to any animal. Researching different companies policies gave me a broader understanding on how to tailor the AUP to better suit the company, in other words they are not all the same. You need to create on a case by case bases. My AUP definition for Richman Investments Acceptable Use and Unacceptable use are as follows; The following activities are, in general, prohibited. Employees may be exempted from these restrictions during the course of their legitimate job responsibilities (e.g., systems administration staff may have a need to disable the network access of a host if that host is disrupting production services). Richman......

Words: 619 - Pages: 3

Free Essay

Acceptable Use Policy

...union: Acceptable Use Policy 1. Purpose The purpose of this policy details the acceptable and unacceptable use of ABC Credit Union devices and services for the purposes of employee protection from viruses as well as company protection from compromised data and other legal allocations. 2. Scope This policy applies to all employees, partnered businesses, and any other persons or organizations that utilize equipment and services owned or leased by ABC Credit Union. 3. Policy 3.1 General Use and Ownership Users must be aware that any data created or stored on ABC Credit Union systems and because of this Administration cannot be held responsible for data confidentiality found on any device belonging to ABC Credit Union. All ABC Credit Union employees are responsible for exercising what constitutes “Acceptable Use” of workstations and their applications as well as any attached network devices i.e. Printers, Telephony, ect. Guidelines for this policy will be created by individual departments, however any questions regarding policy adherence must be brought to the respective departmental managers. All internal data will adhere to an encryption policy per ABC Credit Union IT. For guidelines on this policy, please consult our Information Sensitivity Policy. Internal network traffic will be monitored by ABC Credit Union IT per Audit Policy ABC Credit Union reserves the right to audit their enterprise on a periodic basis to ensure compliance with this......

Words: 748 - Pages: 3

Premium Essay

Acceptable Use Policy

...Richman Investments ACCEPTABLE USE POLICY Information Security Policy Number 12345 Effective 10/15/2013` I. Introduction An Acceptable Use Policy (AUP) is an organization-wide policy that defines what is allowed and what is not allowed regarding use of Information Technology (IT) assets by employees. The following policy is to be followed by all employees of Richman Investments, authorized individuals, vendors, and contractors who use any information technology (IT), electronic, or communication devices owned and/or provided by Richman Investments for the purpose of assisting them with their job-related duties. Access to the Internet is a privilege and all employees must adhere to the policies regarding computer, email, and Internet usage. Violation of these policies will result in disciplinary and/or legal action that may include counseling, revocation of company devices, termination of the employee, and legal action. II. Roles and Responsibilities Every employee must acknowledge that they have received a copy of the AUP and confirm that they have a complete understanding and agree to abide by the rules set forth in the AUP. Receipt and signing of the AUP will occur at Employee Orientation, and in the event of changes to the policy, a revised AUP must be signed. III. Policy Directives A. Acceptable Use Management Requirements A Standard Operating Procedure (SOP) will be established to support the development and maintenance of this AUP. ...

Words: 747 - Pages: 3

Premium Essay

Acceptable Internet Use Policies

...Necessity of an Acceptable Internet Use Policy for Business William E. Boyle Point Park University Abstract This paper will argue that an Acceptable Internet Use Policy, combined with effective network monitoring and policy enforcement is an essential requirement for businesses to protect business assets and resources. It discusses the potential loss to business from employee misuse of internet access and the danger from external sources. Necessity of an Acceptable Internet Use Policy for Business The internet is an integral part of today’s business resources. Organizations, large and small use the internet to improve organizational efficiencies. Businesses use the internet for everything from worldwide sales using websites, workforce collaboration using email and network data access, and for business research. In most business organizations, all types of devices, from desktop computers to cell phones and PDA’s, allow workers to access the internet and send and receive email on demand. A 2008 study by the Pew Internet & American Life Project found that 53% of Americans are employed, and 96% of these workers have some access to these tools. (Madden, M. & Jones, S., 2008). This allows workers instant access to websites, email and instant messages, but uncontrolled access exposes a business organization to a great risk of financial loss. All businesses must manage this risk through the implementation of an Internet Use Policy combined with employee......

Words: 2537 - Pages: 11

Free Essay

Acceptable Use Policy

...person who uses a power tool without reading safety guidelines first takes a chance of getting hurt. Although using the Internet may not be physically harmful there still needs to be a set of safety guidelines to adhere to. In 2000 Congress enacted The Children’s Internet Protection Act (CIPA) to address this safety. CIPA imposes that all schools and libraries that receive Internet services at a discounted rate follow certain guidelines to help keep students safe while online. In order to continue receiving the discounted rate schools and libraries must certify that they have an Internet safety policy that includes technology protection measures. Websites that are obscene, contain child pornography, or are harmful to minors must be either blocked or filtered. The policy that schools use is The Acceptable Use Policy (AUP). The Acceptable Use Policy outlines rules regarding internet use so that the students, and staff, are protected. It must address a number of issues including personal safety, illegal activities, system security, privacy, plagiarism, copyright infringement and access to inappropriate materials. In addition, it should make it clear to the student that the school’s technology property is to be used for educational purposes only. Student’s rights, such as free speech, and access to information, should be outlined in the document, as should the consequences for violating the Acceptable Use Policy. Teachers need to discuss the Acceptable Use Policy......

Words: 601 - Pages: 3

Premium Essay

Acceptable Use Policy Breakdown

...description and scope of the contents of the policy. #Acceptable Use Policy This policy is used to establish a culture of trust and integrity amongst the employees and users of the network. The acceptable use policy should contain an overview, purpose, scope, general use & ownership and un-acceptable use sub-sections. Email Policy The policy defines standards for conducting communications within the corperate network email system. These standards minimize the potential exposure to the company from unsolicited email messages and attachments. The email policy should contain a purpose and enforcement sub-sections. Anti-Virus Policy The policy defines standards for protecting the company’s network from any threat related to maleware Identity Policy The policy defines rules and practices for protecting the corporate network from unauthorized access. The Identity policy identifies who each user is and what resources they are allowed to access. The identity policy should contain sub-sections on purpose, employee training, visitors (i.e.temps, contractors and consultants,) and prohibited practices. Password Policy Passwords are an important aspect of netwok security. They are the front line of protection for user accounts. The password policy should contain sub-sections on purpose, scope, policies, guidelines and enforcement. Encryption Policy This policy provides guidance so that encryption efforts will use only those algorithms that have received......

Words: 476 - Pages: 2

Premium Essay

Define an Acceptable Use Policy

...1.0 Introduction Richman Investments at all times is to establish acceptable and unacceptable use of electronic devices and network resources. All employees of Richman Investments must comply with the rules and regulations for use of the Internet, sending e-mail, entering to social media sites, and downloading attachments from internet. The Richman Investments AUP will help achieve these goals. 2.0 Scope Every supervisor, employee and temporary employee that works for Richman Investments must follow this policy as it is written. This policy also applies to all equipment affiliated with Richman Investments. 3.0 Policy 3.1 General As an employee of Richman Investments, you are responsible for the internet access. In ordnance with the policies set forth by Richman Investments resources may not be used for any unlawful or prohibited purpose. For extra security Richman Investments will monitor all systems, equipment, and network using the Audit Policy. Any devices that might interfere with the Richman Investments network will be immediately disconnected. Firewalls must be turn on at all times. Antivirus programs must be updated regularly. 3.2 Security 1. Every device connected to the Richman Investments network must comply with the Access Control Policy. All hard drives must be encrypted. 2. All employees of Richman Investments must keep their passwords secure and do not share accounts. Authorized users are responsible for the security of their...

Words: 620 - Pages: 3

Premium Essay

Internet Acceptable Use Policy

...Industries 14 Internet Use Policy OMNICORP Devices Rodriguez, Jacob Isiah CTR NSWC Corona, MS41 CONT OMNICORP Industries 14 Internet Use Policy OMNICORP Devices Rodriguez, Jacob Isiah CTR NSWC Corona, MS41 CONT Change Management | Version History VERSION | NAME | CHANGES | DATE | APPROVED BY | 1.2 | Jacob Rodriguez | Modify Policy | 8/19/2014 | Jacob Rodriguez | 1.1 | Jacob Rodriguez | Extend and refine the policy | 7/25/2014 | Jacob Rodriguez | 1.0 | Jacob Rodriguez | Creation | 7/1/2014 | Jacob Rodriguez | Introduction OMNICORP makes internet access available to its employees where relevant and useful for their jobs. It is unfortunate that the internet can be so great but yet so risky. Accordingly, this policy shall be categorized as “Highly Important”. This will ensure the proper individuals and systems follow the policy. This internet use policy describes the rules governing internet use at the company. It also sets out how staff members are expected to behave when using the internet. As OMNICORP grows their products and services so shall this policy implementation and structure. This policy should be read alongside other key policies. The company’s Data protection and email policies are particularly relevant to staff who use the internet Purpose The internet is a powerful tool that can bring significant benefits to OMNICORP. However, it’s important every person at the company who uses the internet understands how to use it......

Words: 1678 - Pages: 7

Premium Essay

Acceptable Use Policy

...Assignment: Create an Internet and Email Acceptable Use Policy Course Foundations of Computer security Instructor: Amanda Lawrence Cooley Investments is an organization based upon client trust and confidentially. Without the trust placed in the organization by the clients, the organization will cease to exist. As such, every employee should consider their daily actions and the correlation of those actions to the trust placed in the company by the clients. Just as “Employee Smith” would safeguard his home computer against a malware attack, so should he protect the company’s computer from a malware attack. The following will outline the acceptable use of Cooley’s assets regarding Internet and email access and the actions that are prohibited. Cooley Investment’s computers, computer files, e-mail system, Internet access and any software furnished to employees are company property and subject to monitoring and unannounced review. They are to be used for company business only, and not for excessive personal use to communicate with friends or family or to access the Internet for personal purposes. While use of the computer, e-mail and Internet is intended for job-related activities, incidental and occasional brief personal use is permitted within reasonable limits so long as it does not interfere with the employee's work. The company specifically prohibits the use of computers (including Internet access) and the e-mail system in ways that are disruptive, offensive......

Words: 805 - Pages: 4

Premium Essay

Acceptable Use Policy

...Acceptable Use of Computers and Networks For Richman Investments   I. Introduction Richman Investments’ commitment to great customer service and longevity has always been its legacy. Therefore Richman’s need, to be as secure as possible, is vital. Computers, computing systems, and networks owned by Richman Investment must be secure. All Employees that access any of these resources must comply with specific policies and guidelines stated in this policy. II. Scope This policy applies to all users Richman Investments’ computing and network resources, locally or remotely. III. Policy Statement Employees using the network resources belonging Richman Investment must act in compliance with the policies of this company in regards to using a shared resource. IV. Acceptable Use Guidelines Richman’s Acceptable Use Policy for computers and networks: Employees are responsible for passwords and other security identities. Employee cannot gives access to information to unauthorized personnel. Password must be kept in a secure place and out of view. Employees must use proper security measures to protect information, data, and systems of Richman Investment. Users must protect their computer systems and accounts by using strong passwords, installing anti-virus software specified by the network administration. Unauthorized use of internet, email, and social network site are forbidden. Employees cannot use computers to send, post, or display malicious or offensive messages, text,......

Words: 279 - Pages: 2

Premium Essay

Acceptable Use Policy

...Acceptable Use Policy or AUP is a written policy and an agreement that defines what is allowed and not allowed to be used by employees regarding the use of internet. Here at Richman Investment are giving you, the employees the details and what the policy entails. The use of the Internet is a privilege, not a right, and inappropriate use will result in a cancellation of those privileges. The purpose of the internet resources is to help employees in the performance of their job related functions and not for personal usage. Each employee that is given privileges will have to comply with the company’s policy. Internet usage should be conducted for the company business only. Internet use creates the possibility of virus attacks or allowing any unauthorized people to get into our system with the potential of accessing company’s confidential information. The use of personal internet must be limited and only to be used for web based emails only with the approval of your Supervisor or Manager. Under no circumstances may Company network to be used on Social networking such as Facebook, or video viewing such as you tube, pornographic, or any unethical use. These websites will be restricted and prohibited for viewing. Doing so can lead to disciplinary action up to and including termination of employment. Like the internet, email should also be for Company purposes only. Any employees are not allowed to send personal emails using Company......

Words: 576 - Pages: 3