Presentation is loading. Please wait.

Presentation is loading. Please wait.

Acceptable Use Policy by Andrew Breen. What is an Acceptable Use Policy? According to Wikipedia: a set of rules applied by many transit networks which.

Published byStephanie Carr Modified over 8 years ago

Similar presentations

Presentation on theme: "Acceptable Use Policy by Andrew Breen. What is an Acceptable Use Policy? According to Wikipedia: a set of rules applied by many transit networks which."— Presentation transcript:

1 Acceptable Use Policy by Andrew Breen

2 What is an Acceptable Use Policy? According to Wikipedia: a set of rules applied by many transit networks which restrict the ways in which the network may be used According to Wikipedia: a set of rules applied by many transit networks which restrict the ways in which the network may be used usually found in the terms of service agreement usually found in the terms of service agreement Plays a big role in information security Plays a big role in information security

3 SANS Guidelines – 1.0 - Overview Intention for publishing an AUP Intention for publishing an AUP What computer systems and devices it applies to What computer systems and devices it applies to Who it applies to Who it applies to

4 2.0 - Purpose Why Rules exist Why Rules exist What could happen if rules are not followed What could happen if rules are not followed

5 3.0 – Scope Who policy applies to Who policy applies to What equipment policy applies to What equipment policy applies to

6 4.0 - Policy 4.1 General Use and Ownership 4.1 General Use and Ownership privacy is desired, but all data is propery of company privacy is desired, but all data is propery of company exercise good judgement for personal use exercise good judgement for personal use encryption is encouraged encryption is encouraged authorized personnel may monitor system authorized personnel may monitor system compliance audits may occur compliance audits may occur

7 4.0 – Policy (cont.) 4.2 – Security and Proprietary Information 4.2 – Security and Proprietary Information some information on network may be confidential some information on network may be confidential keep passwords private and change frequently keep passwords private and change frequently all workstations should have automatic password protected screensavers all workstations should have automatic password protected screensavers use encryption use encryption special care for laptops special care for laptops non-business postings online must contain disclaimer non-business postings online must contain disclaimer be cautious of email attachments be cautious of email attachments

8 4.0 – Policy (cont) 4.3 – Unacceptable Use 4.3 – Unacceptable Use unless specified, these activity are prohibited unless specified, these activity are prohibited no unlawful activities permitted no unlawful activities permitted

9 4.0 – Policy (cont) System and Network Activities System and Network Activities violation of intellectual property rights violation of intellectual property rights exporting software in violation of export control laws exporting software in violation of export control laws malicious programs released on network malicious programs released on network fraud fraud giving account username and password to anyone giving account username and password to anyone port scanning port scanning interfering with other users access interfering with other users access

10 4.0 – Policy (cont) Email and Communications Email and Communications sending spam sending spam harassment harassment forwarding chain letters forwarding chain letters forging email headers forging email headers

11 5.0 - Enforcement details disciplinary action if employee violates policy details disciplinary action if employee violates policy

12 6.0 - Definitions any relevant Definitions any relevant Definitions

13 7.0 – Revision History history of revisions to document history of revisions to document right to make revisions in future right to make revisions in future

14 Examples of Acceptable Use Policies The University of Scranton: http://academic.scranton.edu/organi zation/resnet/computingpolicy.shtml The University of Scranton: http://academic.scranton.edu/organi zation/resnet/computingpolicy.shtml http://academic.scranton.edu/organi zation/resnet/computingpolicy.shtml http://academic.scranton.edu/organi zation/resnet/computingpolicy.shtml Earthlink: http://www.earthlink.net/about/poli cies/use/ Earthlink: http://www.earthlink.net/about/poli cies/use/ http://www.earthlink.net/about/poli cies/use/ http://www.earthlink.net/about/poli cies/use/

Download ppt "Acceptable Use Policy by Andrew Breen. What is an Acceptable Use Policy? According to Wikipedia: a set of rules applied by many transit networks which."

Similar presentations

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.
Rockingham County Public Schools Technology Acceptable Use Policy

Rockingham County Public Schools Technology Acceptable Use Policy
Northside I.S.D. Acceptable Use Policy 2009-2010.

Northside I.S.D. Acceptable Use Policy
DO-IT TRAINING KIT Acceptable Use Policy

DO-IT TRAINING KIT Acceptable Use Policy
Woodland Hills School District Computer Network Acceptable Use Policy.

Woodland Hills School District Computer Network Acceptable Use Policy.
2014 HIPAA Refresher Omnibus Rule & HIPAA Security.

2014 HIPAA Refresher Omnibus Rule & HIPAA Security.
AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.

AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.
CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.

CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.
Policy 6460 Staff Use of Computerized Information Resources Regulation 6460 R-Staff Use of Computerized Information Resources Regulation 6460 R.2 Staff.

Policy 6460 Staff Use of Computerized Information Resources Regulation 6460 R-Staff Use of Computerized Information Resources Regulation 6460 R.2 Staff.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Boyertown Area School District Acceptable Use Policy.

Boyertown Area School District Acceptable Use Policy.
Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?

Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?
Acceptable Use Policies What you need to know as an elementary school teacher.

Acceptable Use Policies What you need to know as an elementary school teacher.
ACCEPTABLE An acceptable use policy (AUP), also known as an acceptable usage policy or fair use policy, is a set of rules applied by the owner or manager.

ACCEPTABLE An acceptable use policy (AUP), also known as an acceptable usage policy or fair use policy, is a set of rules applied by the owner or manager.
VISD Acceptable Use Policy

VISD Acceptable Use Policy
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.

Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.
Port Byron Central School Port Byron NY Computer Ethics Presentation September 2003.

Port Byron Central School Port Byron NY Computer Ethics Presentation September 2003.
For Students of Humble ISD

For Students of Humble ISD
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Similar presentations

Ads by Google