Unit 5 Assignment 2 Define an Acceptable Use Policy (Aup)

In: Computers and Technology

Submitted By SilentKill74
Words 339
Pages 2
Unit 5 Assignment 2: Define an Acceptable Use Policy (AUP)
Acceptable Use Policy
Richman Investments holds requirements for the usage of the company network including filtering policies for network traffic.
LAN – WAN is where the IT infrastructure links to a wide area network and internet.
For Security (Administrators and Managers)
- Security monitoring controls for intrusion
- Apply email server and attachment antivirus and email quadrating for unknown file types
- Disablement for ping, probing, and port scanning on all exterior IP devices
- Denying of outbound traffic using source IP addresses
- Apply file transfer monitoring, scanning and alarming for unknown file types
Web Surfing is the usage of the internet browsing a series of web browsers
For Security (Administrators and Managers)

- Apply domain-name content filtering at the internet entry/access point
- Employees may lose productivity while searching web for no work related material
Cons putting a limitation to web surfing may cause the employee to lack independence of finding information. What if they need to look up an answer to a customers’ question and has to find it on the web?
Pros not using the internet could prevent a wide variety of viruses and the company is only allowed to use their company accounts to send out emails to customers.
Guidelines to usage of email are covered under email usage policy
Richman Investment Employees:
Certain traffic is expressly forbidden:
- No peer-to-peer file sharing or externally reachable file transfer protocol (FTP) servers
- No downloading executable from known software sites
- No unauthorized redistribution of licensed or copy righted material
- No exporting internal software or technical material in violation of export control laws
- No introduction of malicious programs into networks or onto systems
- No port scanning or data…...

Similar Documents

Define an Acceptable Usage Policy(Aup)

...Unit 5 Assignment 2: Define an Acceptable Use Policy(AUP) LAN-WAN is where the IT Infrastructure links to a wide area network and internet. * Monitoring software and controls for possible intrusion * Apply a email server antivirus (also applies for attachments). * Disable port scanning and pinging for exterior devices. * Denial of outbound traffic using source IP addresses. * File transfer monitoring Web Surfing and the Usage of the internet * Apply a domain-name content filter at internet access points * Employees will possibly lose productivity while searching the web for non-work related material(Facebook, YouTube, etc). The possible cons of putting a limitation on web surfing is that employees may lack the tools necessary to find information. Certain filters would be applied to where everyone will not be able to use certain sites that may prove useful to them. For example if they receive a call from a customer regarding something they have no access to looking up. They will not be able to provide an answer to satisfy the consumer. One the other hand, it could prevent a loss of productivities from employees using social media sites such as Facebook, and Myspace. It could also help to prevent possible virus and malware infections. Usage of email are covered in the email usage policy Richman Inv. Employees: * No peer-to-peer file sharing or externally reachable file transfer protocol servers * No downloading executables from known......

Words: 337 - Pages: 2

Acceptable Use Policy

...Acceptable Use Policy System and Network Activities The following activities are strictly prohibited, with no exceptions: Email and Communications Activities 1. Sending unsolicited mail messages, including, without limitation, commercial advertising and informational announcements, is explicitly prohibited. A user shall not use another site's mail server to relay mail without the express permission of the site. 2. Any form of harassment via email, telephone or paging, whether through language, frequency, or size of messages. 3. Unauthorized use, or forging, of email header information. 4. Solicitation of email for any other email address, other than that of the poster's account, with the intent to harass or to collect replies. 5. Creating or forwarding "chain letters", "Ponzi" or other "pyramid" schemes of any type. 6. Use of unsolicited email originating from within networks of other Internet/Intranet/Extranet service providers on behalf of, or to advertise any service. 7. Posting the same or similar non-business-related messages to large numbers of Usenet newsgroups (newsgroup spam). 8. Violate any applicable law or regulation; or Encourage or enable any other individual to do any of the activities prohibited in this Acceptable Use Policy. 9. Blogging by employees, whether using Richman Investments property and systems or personal computer systems, is also subject to the terms and restrictions set forth in this Policy. 10. Richman Investments......

Words: 354 - Pages: 2

Acceptable Use Policy

...Investments ACCEPTABLE USE POLICY Information Security Policy Number 12345 Effective 10/15/2013` I. Introduction An Acceptable Use Policy (AUP) is an organization-wide policy that defines what is allowed and what is not allowed regarding use of Information Technology (IT) assets by employees. The following policy is to be followed by all employees of Richman Investments, authorized individuals, vendors, and contractors who use any information technology (IT), electronic, or communication devices owned and/or provided by Richman Investments for the purpose of assisting them with their job-related duties. Access to the Internet is a privilege and all employees must adhere to the policies regarding computer, email, and Internet usage. Violation of these policies will result in disciplinary and/or legal action that may include counseling, revocation of company devices, termination of the employee, and legal action. II. Roles and Responsibilities Every employee must acknowledge that they have received a copy of the AUP and confirm that they have a complete understanding and agree to abide by the rules set forth in the AUP. Receipt and signing of the AUP will occur at Employee Orientation, and in the event of changes to the policy, a revised AUP must be signed. III. Policy Directives A. Acceptable Use Management Requirements A Standard Operating Procedure (SOP) will be established to support the development and maintenance of this AUP. Richman......

Words: 747 - Pages: 3

Unit 4 Assignment 2: Acceptable Use Policy (Aup) Definition

...Impact of a Data Classification Standard | Unit 1 Assignment | Domain This Domain is where only one user will have entrance to it.   This can be configured to internal usage only.   By default, the IT department tries to sustain a certain level of Security for this, so that nobody can enter from the outside, only the IT Department may grant access privilege for Remote Access.   The User Domain will enforce an acceptable use policy (AUP) to define which user can and cannot do with any company data that he or she has access to.   Also, every user on the company is responsible for the safekeeping of the environment. 2. LAN Domain The Local Area Network Domain is a group of computers that are all connected to a single LAN domain. The LAN Domain is a collection of computers connected to each another or to a common medium. All LAN domains have data closets, physical elements of the LAN, and logical elements as designated by authorized personnel. It involves strong security and access controls. This domain can access company-wide systems, applications, and data from anyplace within the LAN. The LAN support group is in control of maintaining and securing the domain. The biggest threat to the LAN domain is an Un-authorized access to anything on the network. For example: LAN, the systems, and data. One thing we can do is require strict security protocols for this domain, such as disabling all external access ports for the workstation. This would cause a no......

Words: 358 - Pages: 2

Define an Acceptable Use Policy

... Purpose The purpose of this policy is to mitigate the improper use of company computer asset these rules are in place to protect the employee and Richman investments. Inappropriate use exposes Richman investments to risks including virus attacks, compromise of network systems and services, and legal issues. Scope To implement a new AUP policy to stop these problems from occurring they need to design an AUP to let user know what they can or can’t do on the system. And use the IT department to restrict access to removable devices. Policy General use and ownership 1. No introduction of malicious programs into networks or onto systems 2. No accessing unauthorized internal resources or information from external sources 3. No Port scanning or data interception on network 4. No Denying service or circumventing authentication to legitimate users 5. No Using programs ,scripts, or commands to interfere with other network users 6. No Accessing adult content from company resources Security and Proprietary Information 1. No peer to peer file sharing or externally reachable file transfer protocol( FTP) servers 2. No downloading executable from known software sites 3. No unauthorized redistribution of licensed or copyrighted material 4. No exporting internal software or technical material in violation of export control laws 5. No remote connections from systems failing to meet the minimum security requirements Unacceptable use The following activities are......

Words: 407 - Pages: 2

Unit 5 Assignment 2

...IS3340-WINDOWS SECURITY | Security Audit Procedure Guide | Unit 5 Assignment 3 | | [Type the author name] | 5/1/2014 | | This document outlines the required steps to follow, inorder to properly scan the necessary hardware (servers and workstations) in the Ken 7 Windows Limited Domain for security vulnerabilities. 1) Acquire and install MBSA •Download MBSA. Download MBSA from the MBSA home page, and then install it to the default directory. •Updates for MBSA. If both the computer you will be scanning and the computer with MBSA installed have Internet access, the latest security catalog (.cab file), authentication files, and WUA installer files will be automatically downloaded, if needed. If either the target computer or the computer with MBSA installed does not have Internet access, download the following files and place them in the C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\ directory on the computer that is performing the scan. 2) Scan computers Run MBSA and clear the Check for security updates check box when performing the scan. Using the Graphical Interface Tool The following procedure describes how to use the MBSA GUI tool. To use the MBSA GUI tool to scan for updates and patches 1. On the Programs menu, click Microsoft Baseline Security Analyzer. 2. Click Scan a computer. 3. Make sure that the following options are not selected, and then click Start scan. * Check for Windows......

Words: 487 - Pages: 2

Define an Acceptable Use Policy

...1.0 Introduction Richman Investments at all times is to establish acceptable and unacceptable use of electronic devices and network resources. All employees of Richman Investments must comply with the rules and regulations for use of the Internet, sending e-mail, entering to social media sites, and downloading attachments from internet. The Richman Investments AUP will help achieve these goals. 2.0 Scope Every supervisor, employee and temporary employee that works for Richman Investments must follow this policy as it is written. This policy also applies to all equipment affiliated with Richman Investments. 3.0 Policy 3.1 General As an employee of Richman Investments, you are responsible for the internet access. In ordnance with the policies set forth by Richman Investments resources may not be used for any unlawful or prohibited purpose. For extra security Richman Investments will monitor all systems, equipment, and network using the Audit Policy. Any devices that might interfere with the Richman Investments network will be immediately disconnected. Firewalls must be turn on at all times. Antivirus programs must be updated regularly. 3.2 Security 1. Every device connected to the Richman Investments network must comply with the Access Control Policy. All hard drives must be encrypted. 2. All employees of Richman Investments must keep their passwords secure and do not share accounts. Authorized users are responsible for the security of their...

Words: 620 - Pages: 3

Nt2580 Unit 4 Acceptable Use Policy Definition

...Unit 4 Assignment 1: Enhance and Existing IT Security Policy Framework Program Framework Policy 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman Investment's network from any host. These standards are designed to minimize the potential exposure to Richman Investment from damages which may result from unauthorized use of Richman Investment resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman Investment internal systems, etc. 2.0 Scope This policy applies to all Richman Investment employees, contractors, vendors and agents with any computer that is connected to Richman Investment’s Network. This policy applies to remote access connections used to do work on behalf of Richman Investment, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3.0 Policy 3.1 General 1. It is the responsibility of Richman Investment employees, contractors, vendors and agents with remote access privileges to <Company Name>'s corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman Investment. 2. General access to the Internet for recreational use by immediate household members through......

Words: 737 - Pages: 3

Cis 462 Wk 2 Case Study 1 Acceptable Use Policy

...CIS 462 WK 2 CASE STUDY 1 ACCEPTABLE USE POLICY To purchase this visit here: http://www.activitymode.com/product/cis-462-wk-2-case-study-1-acceptable-use-policy/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 462 WK 2 CASE STUDY 1 ACCEPTABLE USE POLICY CIS 462 WK 2 Case Study 1 - Acceptable Use Policy An Acceptable Use Policy (AUP) is a very important policy within organizations to define acceptable employee behavior when accessing company resources. Additionally, there are also legal implications within AUPs. Use an existing AUP that you are familiar with, such as from a current or previous workplace, or search on the Internet for an example AUP to complete this case study. Write a three to five (3-5) page paper in which you: 1. Describe the purpose of an Acceptable Use Policy you have selected and explain how the AUP helps provide confidentiality, integrity, and availability within the organization. 2. Critique the AUP you selected and provide recommendations for improving the AUP. 3. Explain methods that organizations can implement to help ensure compliance with the AUP, mitigate their risk exposure, and minimize liability. Describe how your selected AUP accomplishes these goals. More Details hidden... Activity mode aims to provide quality study notes and tutorials to the students of CIS 462 WK 2 Case Study 1 Acceptable Use Policy in order to ace their studies. CIS 462 WK 2 CASE STUDY 1 ACCEPTABLE USE POLICY To purchase this visit......

Words: 688 - Pages: 3

Purpose of an Acceptable Use Policy

...Purpose of an Acceptable Use Policy Name Institution Course Date Purpose of an Acceptable Use Policy Acceptable use policy is an official and legal document that binds the employees of Tata communications to understand that the information and data is the property of the organisations and there are a certain rules that should be abided by when using this information. It secures the rights of a company to enforce certain obligations over them to make sure that they do not indulge in unethical and unprofessional sharing of the information upon which they are working or can access. The acceptable use policy which is taken as an example for the purpose of this paper is of Tata communications, which is the telecommunication company in India. The policy aims to elucidate the guidelines and standards for the employees to make sure that the information privacy and security is not compromised by the employees and that they are well aware of how to use the information. Every new employee at the company is made to go through the acceptable use policy and sign it for future reference. This maintains the check over the usage and sharing pattern of the employees. Each and every point that is central or peripheral to the usage and sharing is mentioned clearly with enough examples and instances to remove any kind of confusion to the employees. Critique the AUP The AUP is very well written and communicated however, there are certain points that can be......

Words: 953 - Pages: 4

Acceptable Use Policy

...Acceptable Use Policy or AUP is a written policy and an agreement that defines what is allowed and not allowed to be used by employees regarding the use of internet. Here at Richman Investment are giving you, the employees the details and what the policy entails. The use of the Internet is a privilege, not a right, and inappropriate use will result in a cancellation of those privileges. The purpose of the internet resources is to help employees in the performance of their job related functions and not for personal usage. Each employee that is given privileges will have to comply with the company’s policy. Internet usage should be conducted for the company business only. Internet use creates the possibility of virus attacks or allowing any unauthorized people to get into our system with the potential of accessing company’s confidential information. The use of personal internet must be limited and only to be used for web based emails only with the approval of your Supervisor or Manager. Under no circumstances may Company network to be used on Social networking such as Facebook, or video viewing such as you tube, pornographic, or any unethical use. These websites will be restricted and prohibited for viewing. Doing so can lead to disciplinary action up to and including termination of employment. Like the internet, email should also be for Company purposes only. Any employees are not allowed to send personal emails using Company......

Words: 576 - Pages: 3

It255 Define an Acceptable Use Policy Essay

...IT255 Acceptable Use Policy (AUP) I have reviewed the list of forbidden traffic and came up with this acceptable use policy. Some ports (20&69) would be disabled denying file transfer if all traffic listed is forbidden. I propose the use of content filtering, file transfer monitoring, scanning and alarming for unknown file types from unknown or restricted sources. The restriction on downloading executables could be changed in the same fashion. Both of these guidelines could otherwise interfere with otherwise normal business practice and hinder the productivity of the company. The redistribution copyrighted material is restricted because the system administrator ensures all workstations have what they need. No exporting internal software or technical material in violation of export control laws. If a worker needs such software or material for a location that does not have it then they will be issued license for said use of such property. Workstations will run antivirus and malicious removal software. These programs will be update as new definitions and malicious code data are provided. The organizations data classification standard should address remote access. The company will deny outbound traffic using source IP addresses in access control lists. If remote access is allowed, encrypt where necessary. This will prevent any unauthorized access to internal resources or information from external sources. No unauthorized port scanning or probing on the company’s......

Words: 487 - Pages: 2

Acceptable Use Policy

...Internet Acceptable Use Policy (AUP) After careful consideration and research of some of the other policies listed by other companies such as AT&T, Widgets Inc, and Amazon Web Services; Richman Investments has come up with the following acceptable use policy (AUP). The following are not allowed at any time: 1. Making of unauthorized promises in e-mail. All emails should have a footer which states that the messages are from the sender only and do not represent the decisions or policies of Richman Investments. 2. Using company resources or web services to visit web sites which contain inappropriate material. This includes pornography, sexually oriented material, or sites which promote or depict discrimination, violence, or illegal activities. 3. Sending big attachments to multiple recipients in the organization. This can tie up the system during a busy point in the day which could end up keeping the company from making profitable decisions. 4. Sending jokes or humorous items on Richman Investments email system. These emails may not be considered funny to some, therefore will not be allowed by any. 5. Making statements concerning race, sexual orientation, disability, religion, or national origin. These statements could be seen as harassment by either the person receiving it or by other people that may see it. 6. Use of company email to support inappropriate activities. Checking a doctor’s appointment is fine, running a side-business is not. 7.......

Words: 360 - Pages: 2

Define an Acceptable Use Policy

...Chris Browning Unit5 assignment2 Acceptable Use Policy Richman Investments holds requirements for the usage of the company network including filtering policies for network traffic LAN – WAN is where the IT infrastructure links to a wide area network and internet. For Security (Administrators and Managers) * Security monitoring controls for intrusion * Apply email server and attachment antivirus and email quadrating for unknown file types * Disablement for ping, probing, and port scanning on all exterior IP devices * Denying of outbound traffic using source IP addresses * Apply file transfer monitoring, scanning and alarming for unknown file types Web Surfing is the usage of the internet browsing a series of web browsers For Security (Administrators and Managers) * Apply domain-name content filtering at the internet entry/access point * Employees may lose productivity while searching web for no work related material Cons putting a limitation to web surfing may cause the employee to lack independence of finding information. What if they need to look up an answer to a customers question and has to find it on the web? Pros not using the internet could prevent a wide variety of viruses and the company is only allowed to use their company accounts to send out emails to customers. Guidelines to usage of email are covered under email usage policy Richman Investment Employees: Certain traffic is expressly forbidden: * No......

Words: 341 - Pages: 2

Itt-It225 Homework: Unit 4 Assignment 2: Acceptable Use Policy (Aup) Definition

...in relations to the business. However, Richman Investments has a policy for the use of the internet whereby employees must ensure that they: A) Comply with current legislation B) Use the internet in an acceptable way C) Do not create risks for the computer by misusing the internet. Unacceptable behavior The following has been deemed as unacceptable use of the internet by employees. A) Visiting internet sites that contain obscene, hateful, porographic or otherwise illegal meterial. B) Using the computer to perpetrate any form of fraud, or software, film, or music piracy. C)Using the internet to send offensive or harassing material to other users. D) Downloading commercial software or any copyrighted materials belonging to third parties, unless this download is coverted or permitted under a commercial agreement or other such license. E) Hacking into unauthorised areas. F) Publishing defamatory and/or knowingly false material about Richman Investments, your colleagues and/or our customers on social networking sites, ‘blogs’, ‘wikis’ and any other online publishing format. G) Revealing confidential information about Richman Investments, in a personal online posting, upload or transmission 0 including financial information and information relating to our customers, business plans, policies, staff and/pr internal discussions. H) Undertaking deliberate......

Words: 477 - Pages: 2

Shinigamihime no Saikon - Baraen no Tokei Koushaku | Ocaleni / Salvation | Thám Tử Lừng Danh Conan chap 49