Our new insurance carrier is requiring us to add additional office policies to the ones we currently have. Does anyone have policies in place for Internet Usage or Offensive Behavior? We're a small municipality with approximately 150 employees. Does anyone have anything similar in place?
Submitted by: Sandra Clair-Ball
A company I work for actually has an IT Acceptable Use Policy that they have all new employees sign off on during orientation. The full document is 2 pages, but I pulled some areas that I hope are helpful to you...
A. General Use and Ownership
1. Users should be aware that the data they create on the corporate systems remains the property of COMPANY X. Management cannot guarantee the confidentiality of information stored on any device belonging to COMPANY X. Electronic files sent, received, or stored on COMPANY X systems or network are property of COMPANY X and may be accessed or monitored by authorized employees without knowledge of the user.
3. COMPANY Xâ€™s systems and network should be used only for official business only. IT
reserves the right to remove any non-business related software or files from any system. Examples of such software include, but are not limited to; games, pop email, music files, image files freeware, instant messenger, and shareware.
B. Security and Proprietary Information
1. Users must keep passwords secure and do not share accounts. Authorized users are responsible for the security of their passwords and accounts. System level and user level passwords will be changed every three to six months.
2. All PCâ€™s, laptops and workstations must be secured with a password-protected screensaver with
the automatic activation feature set at 10 minutes or less, or by logging off (control-alt-delete for Win2K users) when the host will be unattended.
4. All systems (e.g. home computers, personal laptops, etc.) used by the employee that are connected to the COMPANY X Internet/Intranet/Extranet, whether owned by the employee or COMPANY X, shall be continually executing approved virus-scanning software with a current virus database.
5. Employees will use extreme caution when opening e-mail attachments received from unknown senders, which may contain viruses, email bombs, or Trojan horse code.
6. Employees using a computer from home that is connected to the COMPANY X network, including remote access, must take necessary steps to safeguard the data that is displayed on the screen. It is important to prevent information from being obtained by a non-COMPANY X employee who may be looking over an employeeâ€™s shoulders. This is known as â€œshoulder surfing.â€ This can be achieved through logging out of the network, logging out of the application, or locking your screen (ctrl+alt+del->lock workstation).
7. Users will make every effort to ensure the security of a laptop when in their possession, i.e., never leave a laptop unattended, or leave it in a vehicle.
Jenelle Kirton on
2/21/2008 8:25:49 AM