Why Establish an Acceptable Usage Policy?
| Why Establish an Acceptable Usage Policy? | | By | Stephen Lyons | | |
|
Background
For the Past 15 years, I have been supporting small businesses with computer problems, ranging from desktop support to network and server integration. I have been a Microsoft® Certified Professional since 1999, and a Microsoft® Certified Small Business Specialist for over a year. I ran my own company, Lyons Den Computer Services, Inc., from 1992-2007. I exclusively serviced businesses with 3-25 workstation and servers. I recently started a new position where I am working with even larger organizations, with over 100 computers per location. One thing most of these companies have in common is a great dependence on technologies such as the internet, email and network connections to the world. Unfortunately, another thing they have in common is a lack of understanding of the depth of security concerns they create by taking advantage of these technologies. One of the largest security holes is often not a missing piece of hardware or software, but a missing piece of documentation that should be in place to protect their investment in all their equipment, personnel and good company name. I am referring to an Acceptable Use Policy for their network and Internet usage.
Purpose
I intend to show company management just how important this document can be, and why they need one, as well as the importance of keeping it updated. I will show examples of problems a lack of policy can create, and show why there is really no “one size fits all” boilerplate policy they can just copy. The company’s culture should have an influence on the policy.
Scope
I intend to cover the main reasons an Acceptable Use Policy in justified and necessary. I will also give examples for consideration of the need for the policy to be updated often and to be ingrained and enforced to the employees.
Why Establish an Acceptable Usage Policy?
The Internet and Productivity
As Internet and
|
Background
For the Past 15 years, I have been supporting small businesses with computer problems, ranging from desktop support to network and server integration. I have been a Microsoft® Certified Professional since 1999, and a Microsoft® Certified Small Business Specialist for over a year. I ran my own company, Lyons Den Computer Services, Inc., from 1992-2007. I exclusively serviced businesses with 3-25 workstation and servers. I recently started a new position where I am working with even larger organizations, with over 100 computers per location. One thing most of these companies have in common is a great dependence on technologies such as the internet, email and network connections to the world. Unfortunately, another thing they have in common is a lack of understanding of the depth of security concerns they create by taking advantage of these technologies. One of the largest security holes is often not a missing piece of hardware or software, but a missing piece of documentation that should be in place to protect their investment in all their equipment, personnel and good company name. I am referring to an Acceptable Use Policy for their network and Internet usage.
Purpose
I intend to show company management just how important this document can be, and why they need one, as well as the importance of keeping it updated. I will show examples of problems a lack of policy can create, and show why there is really no “one size fits all” boilerplate policy they can just copy. The company’s culture should have an influence on the policy.
Scope
I intend to cover the main reasons an Acceptable Use Policy in justified and necessary. I will also give examples for consideration of the need for the policy to be updated often and to be ingrained and enforced to the employees.
Why Establish an Acceptable Usage Policy?
The Internet and Productivity
As Internet and
Cited: "Bytes for beginners." NEA Today 14.4 (1995): 23. "Confusion over Internet use in the workplace;." M2PressWIRE 16 Apr. 2007. 13 July 2007 http://www.m2.com Grossman, Mark Langin, Daniel J. "Employer Liability for Employee Use of Peer-to-Peer Technology." Journal of Internet Law 9.5 (2005): 17. P Palmgren, Keith