|
|
Advanced
How To Guides
Internal IT Security Policy and Procedures
Sample Policy Document
3
Internet AND EMAIL
3.1 General
-
All staff have a responsibility to use the Internet in a professional, ethical and lawful manner. Users
must regard Internet access as a privilege, which
can be revoked.
-
Users should exercise caution when making payments
over the Internet , as the security of credit card
details cannot be guaranteed. "Company Name"
will accept no liability for losses arising through
the transmission of personal or financial information
(e.g. Credit Card numbers) over the Internet .
-
Users must not use "Company Name's" Internet facilities to download, display, generate and/or
pass on to others material whether in text, pictures
or any other form, which would be regarded as offensive.
It is important to note that what constitutes offensive
material is not one for the sender to determine
- it is the effect on anyone viewing the material
that is considered important. In law, possession
of some material is deemed to be a serious criminal
offence, whether in the workplace or otherwise.
-
All access to the Internet from "Company Name's"
network will be via an approved channel that will
be secured by a firewall.
-
Users must not deliberately perform acts that waste
computer resources or unfairly monopolise resources
to the exclusion of others. These acts include,
but are not limited to, sending mass mailings or
chain letters, spending excessive amounts of time
on the Internet , failing to exit from websites,
engaging in online chat groups, uploading or downloading
large files, accessing streaming audio and/or video
files, or otherwise creating unnecessary loads on
network traffic associated with non-business-related
uses of the Internet .
-
Users must not use the same passwords for login
to Internet websites as they do internally for "Company
Name" systems.
- "Company
Name" reserves the right to review, audit,
intercept, access and disclose all access to the
Internet . This includes emails sent and received
in addition to websites visited and files downloaded
from the Internet .
3.2
Email
-
Email users must exercise caution with any external
attachments other than those received from a trusted
source, as these attachments may contain a computer
virus.
-
Users must not represent themselves as another individual
in electronic communications.
-
Email users must be aware of the risks associated
using email to send confidential or commercially
sensitive information.
-
Users must ensure that documents attached to emails
are not copyright protected.
-
Email messages must be appropriate and professional.
-
As email is a form of publishing and covered by
relevant publishing Acts, libellous and defamatory
material is not permitted.
-
Users should be aware of their obligations under
the Data Protection Act and must not use email for
transmitting data of a personal nature related to
a third party.
-
If any person receives email, which they deem to
be inappropriate, offensive or illegal, they must
inform their "Relevant Manager". Immediate
reporting of incidents facilitates more successful
identification of the source and other details.
-
All emails that are sent externally must carry a
standard "Company Name" disclaimer. Users
must not attach their own disclaimers to emails.
|
|
