Acceptable Use Policy
Security Strategies and Policy
Professor Darrell Nerove
October 20, 2012
Working in many different arenas while pursuing my degree in Computer Security has opened my eyes to many things, one thing that I have noticed is that some companies felt that they were immune to data breaches. I have worked in smaller organizations that just didn’t have the knowledge to protect their network against security breaches. One inexpensive and very productive way to counteract lack of resources or know how is with an Acceptable use police. An acceptable use policy is not put in place to snoop on individuals rather than to protect the businesses assets. The AUP (acceptable use policy) that I want to focus on is one that governs internet usage. Acceptable use policy regarding internet usage normally includes information about websites that are off limits as well as defining a scope for what sites are allowed to be accessed for personal surfing. Most AUP’s are put in place to protect the company’s employees, partners and the company itself from any illegal or damaging actions by individuals knowingly or unknowingly. Confidentiality, integrity and availability are the founding stables of insuring that information is secure. An acceptable use policy enforces confidentiality, integrity and availability by limiting access and disclosure to authorized users -- "the right people" -- and preventing access or disclosure to unauthorized ones -- "the wrong people.”, as well as requiring employees to authenticate themselves in order to control access to data system resources and in turn hold employees responsible if violations occur under their user id. The company that I presently work for has an acceptable use policy it purposes is to highlight an outline the acceptable use of the computer equipment and systems that we are granted access to. It is always stated throughout all the acceptable use policies I have seen that...
Please join StudyMode to read the full document