Acceptable Use Policy by Andrew Breen - PowerPoint PPT Presentation

About This Presentation
Title:

Acceptable Use Policy by Andrew Breen

Description:

According to Wikipedia: a set of rules applied by many transit networks which ... Earthlink: http://www.earthlink.net/about/policies/use ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 15
Provided by: csU60
Category:

less

Transcript and Presenter's Notes

Title: Acceptable Use Policy by Andrew Breen


1
Acceptable Use Policyby Andrew Breen
2
What is an Acceptable Use Policy?
  • According to Wikipedia a set of rules applied by
    many transit networks which restrict the ways in
    which the network may be used
  • usually found in the terms of service agreement
  • Plays a big role in information security

3
SANS Guidelines 1.0 - Overview
  • Intention for publishing an AUP
  • What computer systems and devices it applies to
  • Who it applies to

4
2.0 - Purpose
  • Why Rules exist
  • What could happen if rules are not followed

5
3.0 Scope
  • Who policy applies to
  • What equipment policy applies to

6
4.0 - Policy
  • 4.1 General Use and Ownership
  • privacy is desired, but all data is propery of
    company
  • exercise good judgement for personal use
  • encryption is encouraged
  • authorized personnel may monitor system
  • compliance audits may occur

7
4.0 Policy (cont.)
  • 4.2 Security and Proprietary Information
  • some information on network may be confidential
  • keep passwords private and change frequently
  • all workstations should have automatic password
    protected screensavers
  • use encryption
  • special care for laptops
  • non-business postings online must contain
    disclaimer
  • be cautious of email attachments

8
4.0 Policy (cont)
  • 4.3 Unacceptable Use
  • unless specified, these activity are prohibited
  • no unlawful activities permitted

9
4.0 Policy (cont)
  • System and Network Activities
  • violation of intellectual property rights
  • exporting software in violation of export control
    laws
  • malicious programs released on network
  • fraud
  • giving account username and password to anyone
  • port scanning
  • interfering with other users access

10
4.0 Policy (cont)
  • Email and Communications
  • sending spam
  • harassment
  • forwarding chain letters
  • forging email headers

11
5.0 - Enforcement
  • details disciplinary action if employee violates
    policy

12
6.0 - Definitions
  • any relevant Definitions

13
7.0 Revision History
  • history of revisions to document
  • right to make revisions in future

14
Examples of Acceptable Use Policies
  • The University of Scranton http//academic.scrant
    on.edu/organization/resnet/computingpolicy.shtml
  • Earthlink http//www.earthlink.net/about/policies
    /use/
Write a Comment
User Comments (0)
About PowerShow.com