Addressing external threats is technology-oriented. While there are plenty of technologies available to reduce external network threats -- firewalls, antivirus software, intrusion-detection systems, e-mail filters and others -- these resources are mostly implemented by IT staff and are undetected by the user.
However, appropriate use of the network inside a company is a management issue. Implementing an acceptable use policy (AUP), which by definition regulates employee behavior, requires tact and diplomacy.
At the very least, having such a policy can protect you and your company from liability if you can show that any inappropriate activities were undertaken in violation of that policy. More likely, however, a logical and well-defined policy will reduce bandwidth consumption, maximize staff productivity and reduce the prospect of any legal issues in the future.
These 10 points, while certainly not comprehensive, provide a common-sense approach to developing and implementing an AUP that will be fair, clear and enforceable.
The link for this article located at ComputerWorld is no longer available.
