...policy, ending with an AUP describing said policy. The first company’s AUP that will be analyzed is Iowa Network Service’s AUP (http://support.netins.net/AUP.shtml). In it, subjects such as what costumer’s are not allowed to do with the services are detailed, such as forbidding the use of illicit material, and using the services provided for criminal activity. It also details a “Remote Service Support” in which netINS can help customers with their problems, provided they have been given proper permission and said technician is qualified. Also included is a policy for idle connections, which will be disconnected in the event they are idle for 20 minutes. The second company to be compared is Tellurian Network’s AUP (http://www.tellurian.com/usagepolicy.asp). TN promises to never sell customer information to third parties to prevent the spread of spam emails, something it considers extremely damaging to the internet’s integrity. A “No-Busy Signal” policy is a major part of the company’s AUP, in which they assure the costumer that they will order more phone lines as capacity reaches max, though they do include that there are rare situations where busy signals are to be expected depending on various hypothetical events. Finally, in the event their services are used to commit a DOS attack, TN will terminate their services, and are not obligated to send out a notice to the offending costumer. Finally, there’s Verizon’s AUP (http://www.verizonbusiness.com/terms/aup/). Security takes...
Words: 501 - Pages: 3
...accountability that go into an acceptable use policy for the user domain. Within the user domain is the access of LAN to Wan, web surfing, and internet. LAN to Wan is the activities between LAN to Wan and firewalls, routers, intrusion, detection, and workstations. Web surfing determines what a user can do on company time with company resources. Internet is when the user has access to the internet what types of controls should the organization have on the certain internet sites being accessed. Although they all sort of are the same they are very much different (Cordero, 2013). For the Lan to Wan AUP will go hand in hand with the roles and tasks parts of the user domain. Users would be given access to certain systems, applications, and data depending on their access rights. The AUP is like a rulebook that employees need to follow when using an organization’s IT assets and if they are violated it could be grounds for termination. The AUP will set grounds on employees to understand that they are responsible for any and all actions on an organization’s IT assets. In particular to organizations that have databases with sensitive information may also require a criminal background check before granting access. This all prevents risks, threats, and vulnerability that could compromise an organization’s system, applications, and/or data. Lan and Wan AUP helps in preventing users from destroying the firewalls and protection programs from leaking sensitive information and/or hackers from...
Words: 771 - Pages: 4
...of the company network including filtering policies for network traffic through an AUP. Acceptable use policy (AUP) would start with the User Domain. The user domain is the employee within an organization who is granted access to the information system for the organization. There are roles and tasks, responsibility, and accountability that go into an acceptable use policy for the user domain. Within the user domain, access to the LAN to WAN, web surfing, and internet could be used help gather information between customers and employees. LAN to WAN is the activities between LAN to Wan and firewalls, routers, intrusion, detection, and workstations. Web surfing determines what a user can obtain on company time with company resources. Internet, is when the user has access to the internet with the types of controls the organization has on the certain internet sites being accessed. Although LAN to WAN, web surfing, and internet have some of the same characteristics, they also have different specific IT infrastructures it affects. . For the LAN to Wan AUP, it will goes with the roles and task parts of the user domain. Users would be given access to certain systems, applications, and data depending on their access rights. The AUP is a more of a rulebook for employees to follow when using the organization’s IT assets. If the AUP is violated, it could be grounds for termination from the company. The AUP will set rules for employees to understand that they are responsible for any and all...
Words: 1029 - Pages: 5
... I. Introduction An Acceptable Use Policy (AUP) is an organization-wide policy that defines what is allowed and what is not allowed regarding use of Information Technology (IT) assets by employees. The following policy is to be followed by all employees of Richman Investments, authorized individuals, vendors, and contractors who use any information technology (IT), electronic, or communication devices owned and/or provided by Richman Investments for the purpose of assisting them with their job-related duties. Access to the Internet is a privilege and all employees must adhere to the policies regarding computer, email, and Internet usage. Violation of these policies will result in disciplinary and/or legal action that may include counseling, revocation of company devices, termination of the employee, and legal action. II. Roles and Responsibilities Every employee must acknowledge that they have received a copy of the AUP and confirm that they have a complete understanding and agree to abide by the rules set forth in the AUP. Receipt and signing of the AUP will occur at Employee Orientation, and in the event of changes to the policy, a revised AUP must be signed. III. Policy Directives A. Acceptable Use Management Requirements A Standard Operating Procedure (SOP) will be established to support the development and maintenance of this AUP. Richman Investments’ management team is responsible for keeping the AUP up to current standards and ensuring that new...
Words: 747 - Pages: 3
...been a Microsoft® Certified Professional since 1999, and a Microsoft® Certified Small Business Specialist for over a year. I ran my own company, Lyons Den Computer Services, Inc., from 1992-2007. I exclusively serviced businesses with 3-25 workstation and servers. I recently started a new position where I am working with even larger organizations, with over 100 computers per location. One thing most of these companies have in common is a great dependence on technologies such as the internet, email and network connections to the world. Unfortunately, another thing they have in common is a lack of understanding of the depth of security concerns they create by taking advantage of these technologies. One of the largest security holes is often not a missing piece of hardware or software, but a missing piece of documentation that should be in place to protect their investment in all their equipment, personnel and good company name. I am referring to an Acceptable Use Policy for their network and Internet usage. Purpose I intend to show company management just how important this document can be, and why they need one, as well as the importance of keeping it updated. I will show examples of problems a lack of policy can create, and show why there is really no “one size fits all” boilerplate policy they can just copy. The company’s culture should have an influence on the policy. Scope I intend to cover the main reasons an Acceptable Use Policy in justified and necessary. I will also...
Words: 2455 - Pages: 10
...Delores Patton Intro to Security 1-27-14 Unit 5 Assignment 2 Define and Acceptable Use Policy(AUP) An acceptable use policy (AUP) is the policy that companies used to ensure that a user must agree to follow in order to be provided with access to a network or to the Internet. LAN-to- WAN is when the network system links to a wide area network and internet. Security Administrators should monitor what users are accessing on the network, setup firewalls, apply antiviruses to identify unknown files and emails, disable pinging, probing, and port scanning on all exterior devices, and denial of outbound traffic using source IP addresses. Web Surfing is accessing the internet using different web browsers. As a Security Administrator, you should apply domain-name content filtering at the internet entry/access point. By doing this, employees might not be able to surf certain web sites on the internet. The advantage of not having access to the internet is that it could prevent the network from getting viruses and the employees will only be allowed to use the company accounts to send out emails to customers. The disadvantage of this is what if an employee is trying to assist a customer by answering a question that they need to access the internet to answer. As Richman Investment employees, guidelines to usage of email are covered under email usage policy. The following traffic is not allowed: No peer-to-peer file sharing or externally reachable file transfer protocol...
Words: 379 - Pages: 2
...Acceptable Use Policy (AUP) The three companies I compared policies with were; SANS, Sopho, and Pinterest. In regards to SANS institute and Sopho they were alike in several ways first of all the AUP was from a employee / company comparison, such as not sharing id's, passwords, company's copyright information etc…They also shared Pirated software not licensed by the company is prohibited. My third choice Pinterest is more of a social site and some of the policies are different because even though your accessing the companies site to post images, opinions etc…they still have AUP in place to restrict users from posting pornographic images, creates a risk of harm, loss, physical or mental injury, emotional distress, death, disability, disfigurement, or physical or mental illness to yourself, to any other person, or to any animal. Researching different companies policies gave me a broader understanding on how to tailor the AUP to better suit the company, in other words they are not all the same. You need to create on a case by case bases. My AUP definition for Richman Investments Acceptable Use and Unacceptable use are as follows; The following activities are, in general, prohibited. Employees may be exempted from these restrictions during the course of their legitimate job responsibilities (e.g., systems administration staff may have a need to disable the network access of a host if that host is disrupting production services). Richman Investments...
Words: 619 - Pages: 3
...An acceptable use policy (AUP) is a policy that a user must agree to follow in order to be provided with access to a network or to the Internet. It is common oractice for many businesses and educational facilities to require that employees or students sign an acceptable use policy before being granted a network ID. When you sign up with an Internet Service provider (ISPs) such as Verizon, you will usually be presented with an AUP. Which states that you agree to adhere to such stipulations such as: * Not using the service as part of violating the law * Not attempting to break the security of any computer or user * Not posting commercial messages to internet groups without prior permission * Not attempting to send junk e-mail or spam to anyone who doesn’t want to receive it * Not attempting to mail bomb a site with mass amounts of email in order to flood their server Many Alabama K-12 educators Use the instructional resources found via shared educational tools, such as school and division-wide computer networks and the Internet. The increased use of such resources requires administrators, teachers, library media specialists, students, and parents take steps to insure that are used responsibility for K-12 instruction. In response to these concerns, schools or school districts are required To establish guidelines for the appropriate use of computer networks. The University of Pennsylvania has an established AUP it defines the boundaries...
Words: 367 - Pages: 2
... It255 Unit 4 Aup In: Computers and Technology It255 Unit 4 Aup Acceptable Use Policy The acceptable use policy is a set of rules that a corporation, organization or internet service providers, provide to their employees about the use of computers, networks and associated resources. These rules would state that not only just employees but users as well should not access the system areas where they are not authorized to, they would be held accountable for what all they do, they should only use to computer that was issued to them for purposes assigned to them, etc. These rules basically state that the computers are not to be used improperly or illegally during or after work hours at job sites. Verizon wireless “acceptable use policy” states that there should be no illegal use of their personal internet meaning that their services should only be used for lawful purposes only. This includes any unauthorized actions to illegal sites or violation of control laws. Their email use is prohibited for users to use illegally. NO commercial advertising or informational announcements are allowed. AT&T “acceptable use policy” prohibits any use of their services in any way illegally, unlawful, or harmful in any way to their company or any other company. Their AUP also doesn’t want any unauthorized access to pornography sites, inappropriate interaction with minors or threatening of material or contents. AT&T email services are not to be used for inappropriate emails or messages. Cox...
Words: 334 - Pages: 2
...Introduction Richman Investments is at all times committed to complying with the laws and regulations governing use of the Internet, e-mail transmission and text messaging and preserving for all of its Employee’s the ability to use RICHMAN INVESTMENTS 's network and the Internet without interference or harassment from other users. The Richman Investments AUP ("AUP") is designed to help achieve these goals. By using IP Service(s), as defined below, Employee(s) agrees to comply with this Acceptable Use Policy and to remain responsible for its users. Richman Investments reserves the right to change or modify the terms of the AUP at any time, effective when posted on Richman Investments web site at www. Richman Investments .com/aup. Employees’ use of the IP Service(s) after changes to the AUP are posted shall constitute acceptance of any changed or additional terms. Scope of the AUP The AUP applies to the Richman Investments services that provide (or include) access to the Internet, including hosting services (software applications and hardware), or are provided over the Internet or wireless data networks (collectively "IP Services"). Prohibited Activities General Prohibitions: RICHMAN INVESTMENTS prohibits use of the IP Services in any way that is unlawful, harmful to or interferes with use of RICHMAN INVESTMENTS’s network or systems, or the network of any other provider, interferes with the use or enjoyment of services received by others, infringes intellectual property...
Words: 2687 - Pages: 11
...The LAN-to-WAN domain is used to provide internet access for an entire organization and is actually the entry point of the Wide Area Network (WAN). This domain is the IT infrastructure where all the data moves in and out of the organization (Mansfield, 2010). There are many risks and threats that are associated with this domain since an attack can come from inside the network or try entering the network from an outside source. As an Information Systems Security Officer for a medium sized technology firm that has two sites, one in Virginia, and another in California, I am charged with the task of implementing the proper security controls for the organization’s LAN-to-WAN domain as well as propose a series of hardware and software controls which will provide security for these domain. The LAN-to-WAN domain is responsible for receiving a lot of traffic through it and it is therefore vulnerable to numerous risks, threats and other vulnerabilities. The threats from people can emerge from badly configured equipment or those that are not correctly...
Words: 1164 - Pages: 5
... An acceptable use policy (AUP) is a policy that a user must agree to follow in order to be provided with access to a network or to the Internet. It is common oractice for many businesses and educational facilities to require that employees or students sign an acceptable use policy before being granted a network ID. When you sign up with an Internet Service provider (ISPs) such as Verizon, you will usually be presented with an AUP. Which states that you agree to adhere to such stipulations such as: * Not using the service as part of violating the law * Not attempting to break the security of any computer or user * Not posting commercial messages to internet groups without prior permission * Not attempting to send junk e-mail or spam to anyone who doesn’t want to receive it * Not attempting to mail bomb a site with mass amounts of email in order to flood their server Many Alabama K-12 educators Use the instructional resources found via shared educational tools, such as school and division-wide computer networks and the Internet. The increased use of such resources requires administrators, teachers, library media specialists, students, and parents take steps to insure that are used responsibility for K-12 instruction. In response to these concerns, schools or school districts are required To establish guidelines for the appropriate use of computer networks. The University of Pennsylvania has an established AUP it defines the boundaries of ...
Words: 311 - Pages: 2
...Lab 2 and Assessment 2 Unit 2 Crystal McLey Kaplan University Lab 2 The three most common risk/threats/vulnerabilities that are commonly found in the user domain are: The “domain enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges” (CVE, 2013), If the domain user logs into the domain with a space at the end of the domain name it will cause an error and wont accurately download a system policy (CVE, 2013), and the domain user or admin have a guessable password in Windows NT (CVE, 2013). In the first article it discusses the use of USB devices in the workplace. USB’s are used for transporting data from one computer to another. These allow for business requirements to be reached at a faster pace but they also pose a number of security challenges. Those challenges may be “disgruntled workers, careless users and malicious individuals” (Couture, 2009, p. 6). Ways to migrate this issue is by gluing shut the ports, disable USB ports in BIOS, prevent users from installing a USB device by denying permission on files called usbstor.pnf and usbstor.inf, making USB ports read only, disable USB ports in Group Policy, or disable Autorun (Couture, 2009, p. 11). In the second article it discusses the vulnerabilities of the BIOS. The BIOS performs power up test amongst the hardware components and memory and without this program the computer wouldn’t know what to do after it was turned on. The BIOS can be accessed by the use of backdoor passwords...
Words: 1760 - Pages: 8
...Unit 4 Assignment 2: Acceptable Use Policy (AUP) Definition AT&T: Spam/E-mail/Usenet Abuse: Violation of the CAN-SPAM Act of 2003, or any other applicable law regulating e-mail services, constitutes a violation of this AUP. Spam/E-mail or Usenet abuse is prohibited using IP Services. Examples of Spam/E-mail or Usenet abuse include but are not limited to the following activities: * sending multiple unsolicited electronic mail messages or "mail-bombing" - to one or more recipient; * sending unsolicited commercial e-mail, or unsolicited electronic messages directed primarily at the advertising or promotion of products or services; * sending unsolicited electronic messages with petitions for signatures or requests for charitable donations, or sending any chain mail related materials; * sending bulk electronic messages without identifying, within the message, a reasonable means of opting out from receiving additional messages from the sender; * sending electronic messages, files or other transmissions that exceed contracted for capacity or that create the potential for disruption of the AT&T network or of the networks with which AT&T interconnects, by virtue of quantity, size or otherwise; * using another site's mail server to relay mail without the express permission of that site; * using another computer, without authorization, to send multiple e-mail messages or to retransmit e-mail messages for the purpose of misleading recipients as to...
Words: 1017 - Pages: 5
...Use Policy or AUP is a written policy and an agreement that defines what is allowed and not allowed to be used by employees regarding the use of internet. Here at Richman Investment are giving you, the employees the details and what the policy entails. The use of the Internet is a privilege, not a right, and inappropriate use will result in a cancellation of those privileges. The purpose of the internet resources is to help employees in the performance of their job related functions and not for personal usage. Each employee that is given privileges will have to comply with the company’s policy. Internet usage should be conducted for the company business only. Internet use creates the possibility of virus attacks or allowing any unauthorized people to get into our system with the potential of accessing company’s confidential information. The use of personal internet must be limited and only to be used for web based emails only with the approval of your Supervisor or Manager. Under no circumstances may Company network to be used on Social networking such as Facebook, or video viewing such as you tube, pornographic, or any unethical use. These websites will be restricted and prohibited for viewing. Doing so can lead to disciplinary action up to and including termination of employment. Like the internet, email should also be for Company purposes only. Any employees are not allowed to send personal emails using Company email. Use Company...
Words: 576 - Pages: 3
