Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Internet Acceptable Use Policy User Agreement

advertisement 
WEBSENSE DOCUMENT TITLE
INTERNET ACCEPTABLE USE POLICY
CORPORATE SECURITY POLICIES
INTERNET ACCEPTABLE USE POLICY
Page1



This template is intended to provide sample content for an information security policy document
describing Internet use risks, company policy, employee education, and technical controls.
This template is intended to serve only as sample content and does not represent legal advice. Consult
with your attorney for legal advice.
Any portion of this template may be modified, highlights indicate items that require customization
TABLE OF CONTENTS
Contents
Overview .................................................................................................................................. 2
Purpose .................................................................................................................................... 2
Scope....................................................................................................................................... 2
Policy ...................................................................................................................................... 2
General Internet Use ................................................................................................................. 2
Use of Social Media ................................................................................................................... 2
Inappropriate Content ............................................................................................................... 2
Content Publishing and Confidentiality ........................................................................................... 3
Malware and Data Loss Prevention ................................................................................................ 4
Productivity ............................................................................................................................ 4
Unacceptable Use Examples ........................................................................................................ 4
Technical Controls .................................................................................................................... 5
Expectation of Privacy ............................................................................................................... 5
Bandwidth Usage ...................................................................................................................... 5
Personal Usage ........................................................................................................................ 5
Circumvention of Security ........................................................................................................... 5
Audits ................................................................................................................................... 5
Enforcement .............................................................................................................................. 5
Revision History .......................................................................................................................... 6
Internet Acceptable Use Policy User Agreement ................................................................................... 6
CONFIDENTIAL
INTERNET ACCEPTABLE USE POLICY
Page2
(Company Name) is hereinafter referred to as “The Company”.
Overview
The Company recognizes that there are legitimate business [and personal] reasons for using the Internet at work or
using corporate computing resources. To enable employees to take advantage of the business value of these sites
and to promote an open, trusting, collaborative workplace, This policy allows [specified or all?] employees to use
the Internet within the guidelines specified below.
Purpose
The purpose of this policy is to detail the acceptable use of corporate information technology resources for the
protection of all parties involved.
Scope
This policy applies to any and all use of corporate IT resources including, but not limited to, computer systems,
personal mobile devices, email, network, and the corporate internet connection.
Policy
General Internet Use
General access to the Internet is permitted for the following employees: [Insert, Employees, Titles, Groups or “All
employees”] within the limitations set forth in this policy.
Use of Social Media
General use of social media sites is permitted for the following employees: [Insert, Employees, Titles, Groups or
“All employees”] within the limitations set forth in this policy.
Posting of content to corporate sponsored social media (e.g. the corporate Facebook page) is permitted only for
the following employees authorized to publicly represent the company: [Insert, Employees, Titles, Groups].
Inappropriate Content
While Web and Social Media contains legitimate business and personal content, they also include content that is
inappropriate for the workplace including nudity, violence, abused drugs, sex, and gambling. Inappropriate
content should not be accessed by employees while at work, or while using company resources. A complete list of
content categories and web applications considered to be inappropriate can be found in the Web Content Policy
(note – a template for this document is provided in this toolkit). In addition to these guidelines, employees should
use common sense and consideration for others in deciding which content is appropriate for the workplace.
The company employs technical controls to provide reminders, time quotas, monitor, and enforce this policy (see
Technical Controls below.)
CONFIDENTIAL
INTERNET ACCEPTABLE USE POLICY
Page3
Content Publishing and Confidentiality
The following are policy guidelines regarding what you should and should not do when publishing content to the
Web or Social Media. These guidelines apply to all communications whether personal or company-sponsored.
Employees are responsible for content they publish on the Web and Social Media sites and can be held personally
liable for content published. Employees also can be subject to disciplinary action by The Company for publishing
inappropriate or confidential content. These guidelines only cover a sample of all possible content publishing
scenarios and are not a substitute for good judgment.

Know and follow all privacy and confidentiality guidelines in The Company’s Employee Handbook. All
guidelines in the employee handbook, as well as laws such as copyright, fair use and financial disclosure
laws apply to social media.

Do not disclose or use The Company’s confidential or proprietary information or that of any other person or
company. For example, ask permission before posting someone's picture in a social network or publishing in
a blog a conversation that was meant to be private.

Do not comment on The Company’s stock price or confidential financial information such as future business
performance or business plans.

Do not cite or reference customers, partners or suppliers without their written approval.

Identify yourself. Some individuals work anonymously, using pseudonyms or false screen names. The
Company discourages that practice.

Be professional. If you have identified yourself as an employee of The Company within a social website,
you are connected to your colleagues, managers and even The Company’s customers. You should ensure
that content associated with you is consistent with your work at The Company.

Ask permission to publish or report on conversations that are meant to be private or internal to The
Company and when in doubt, always ask permission from The Company’s legal department.

Speak in the first person when engaging in personal social media communications. Make it clear that you
are speaking for yourself and not on behalf of The Company.

Link back to the source – When you do make a reference to a customer, partner or supplier, where possible
link back to the source.

Be aware of your association with The Company’s social media – If you identify yourself as a The Company’s
employee, ensure your profile and related content is consistent with how you wish to present yourself with
colleagues and customers.

Use your best judgment – Remember that there are always consequences to what you publish. If you're
about to publish something that makes you even the slightest bit uncomfortable, review the suggestions
above and think about why that is. If you're still unsure, and it is related to The Company’s business, feel
free to discuss it with your manager or simply do not publish it. You have sole responsibility for what you
post to your blog or publish in any form of social media.

Do not use ethnic slurs, personal insults, obscenity, or engage in any conduct that would not be acceptable
in The Company’s workplace. You should also show proper consideration for others' privacy and for topics
that may be considered objectionable or inflammatory.

Do not conduct confidential business with a customer or partner business through your personal or other
social media.

Do not register accounts using The Company’s brand name or any other unregistered or registered
trademarks.
The Company employs technical controls to provide reminders, monitor, and enforce these guidelines (see
CONFIDENTIAL
INTERNET ACCEPTABLE USE POLICY
Page4
Technical Controls below.)
Malware and Data Loss Prevention
The online criminal community utilizes both general Web and Social Media sites to deliver malware and carry out
schemes designed to damage property or steal confidential information. To minimize risk related to such threats,
adhere to the following guidelines. While these guidelines help to reduce risk, they do not cover all possible
threats and are not a substitute for good judgment.

Do not use the same passwords for web sites that you use to access company computing resources.

Do not follow links or download software from individuals or organizations that you do not know.

If any web or Social Media content looks suspicious in any way, close your browser and do not return to
that page.

When on Social Media sites encrypt sessions whenever possible. Facebook, Twitter and others support
encryption as an option. This is extremely important for roaming users who connect via public Wi-Fi
networks.
The company employs technical controls to provide reminders, monitor, and enforce this policy (see Technical
Controls below).
Productivity
The Company recognizes that employees have a need, at times, to conduct personal business within the Web and
Social Media while at work or using company resources. Therefore, The Company allows limited access to nonbusiness Web and Social Media content. For example, employees are allowed to access personal communications
applications, email, and blog content within social media for a quota of up to [Insert Quota Time] per day. It is
the responsibility of the employee to ensure that personal business does not affect work quality or productivity. A
complete list of content categories that are allowed both on unlimited and quota basis can be found in the Internet
Acceptable Use Policy Worksheet (note – a template for this document is provided in this toolkit).
The company employs technical controls to provide reminders, monitor, and enforce this policy (see Technical
Controls below.)
Unacceptable Use Examples
The following actions shall constitute unacceptable use of the corporate network. This list is not exhaustive, but is
included to provide a frame of reference for types of activities that are deemed unacceptable. The user may not
use the corporate network and/or systems to:









Engage in activity that is illegal under local, state, federal, international, or other applicable laws.
Engage in any activities that may cause embarrassment, loss of reputation, or other harm to the company.
Disseminate defamatory, discriminatory, vilifying, sexist, racist, abusive, rude, annoying, insulting,
threatening, obscene or otherwise inappropriate messages or media.
Engage in activities that cause an invasion of privacy.
Engage in activities that cause disruption to the workplace environment or create a hostile workplace.
Make fraudulent offers for products or services.
Perform any of the following: port scanning, security scanning, network sniffing, keystroke logging, or
other IT information gathering techniques when not part of the employee’s job function.
Install or distribute unlicensed or “pirated” software.
Reveal personal or network passwords to others, including family, friends, or other members of the
household when working from home or remote locations.
CONFIDENTIAL
INTERNET ACCEPTABLE USE POLICY
Page5
Technical Controls
The Company’s Web acceptable use policy described above is monitored and enforced by a Secure Web Gateway
system. The Secure Web Gateway inspects inbound and outbound employee Web communications to enforce
acceptable use policy, prevent confidential data loss and block Web-based attacks (malware, phishing, etc.).
Expectation of Privacy
Users should expect no privacy when using the corporate network or company resources. Such use may include but
is not limited to: transmission and storage of files, data, and messages. The company reserves the right to monitor
any and all use of the computer network. To ensure compliance with company policies this may include the
interception and review of any emails, or other messages sent or received, inspection of data stored on personal
file directories, hard disks, and removable media.
Bandwidth Usage
Excessive use of company bandwidth or other computer resources is not permitted. Large file downloads or other
bandwidth-intensive tasks that may degrade network capacity or performance must be performed during times of
low company-wide usage.
Personal Usage
Personal usage of company computer systems is permitted as long as such usage follows pertinent guidelines
elsewhere in this document and does not have a detrimental effect on the company or on the user’s job
performance.
Circumvention of Security
Using company-owned or company-provided computer systems to circumvent any security systems, authentication
systems, user-based systems, or escalating privileges is expressly prohibited. Knowingly taking any actions to
bypass or circumvent security is expressly prohibited.
Audits
The company must conduct periodic reviews to ensure policy compliance. A sampling of users must be taken and
audited against this policy on a yearly basis.
Enforcement
This policy will be enforced by the IT Manager and/or Executive Team. Violations may result in disciplinary action,
which may include suspension, restriction of access, or more severe penalties up to and including termination of
employment. Where illegal activities or theft of company property (physical or intellectual) are suspected, the
company may report such activities to the applicable authorities.
CONFIDENTIAL
INTERNET ACCEPTABLE USE POLICY
Page6
Revision History
Revision 1.0, 8/30/2012
Internet Acceptable Use Policy User Agreement
I hereby acknowledge that I have read and understand the Internet Acceptable Use Policy of The Company. I agree
to abide by these policies and ensure that persons working under my supervision abide by these policies. I
understand that if I violate such rules, I may face legal or disciplinary action according to applicable law or
departmental policy.
I hereby agree to indemnify and hold The Company and its officers, trustees, employees, and agents harmless for
any loss, damage, expense or liability resulting from any claim, action or demand arising out of or related to the
user’s use of The Company owned computer resources and the network, including reasonable attorney fees. Such
claims shall include, without limitation, those based on trademark or service mark infringement, trade name
infringement, copyright infringement, unfair competition, defamation, unlawful discrimination or harassment, and
invasion of privacy.
______________________________________
Employee Name (print)
______________________________________
________________________________
Employee Signature
Date
© 20 1 2 We b se n se , I n c . Al l r i gh t s r e se r ve d . We b se n se an d t h e We b se n se l o g o ar e r e g i st e r e d
t r a de m ar k s o f We b se n se , In c . i n t h e U n i t e d S t at e s an d v ar i o u s c o u n t r i e s . A l l o t h e r
t r a de m ar k s ar e t h e pr o pe r t y o f t h e i r r e s pe c t i ve o wn e r s .
CONFIDENTIAL
Related documents
NtregaBusinessPlanExpress 1.1 MB
NtregaBusinessPlanExpress 1.1 MB
Opt Out - Coastal Medical Group
Opt Out - Coastal Medical Group
Design Principles/elements PP
Design Principles/elements PP
WE SPEAK: Faculty & Staff Survey 2012
WE SPEAK: Faculty & Staff Survey 2012
Parent/Guardian Response Form
Parent/Guardian Response Form
Louisiana State Confidentiality
Louisiana State Confidentiality
Non-Employee Confidentiality & Non
Non-Employee Confidentiality & Non
Non-disclosure declaration (DOC)
Non-disclosure declaration (DOC)
Download
advertisement