...CIS 462 WK 2 CASE STUDY 1 ACCEPTABLE USE POLICY To purchase this visit here: http://www.activitymode.com/product/cis-462-wk-2-case-study-1-acceptable-use-policy/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 462 WK 2 CASE STUDY 1 ACCEPTABLE USE POLICY CIS 462 WK 2 Case Study 1 - Acceptable Use Policy An Acceptable Use Policy (AUP) is a very important policy within organizations to define acceptable employee behavior when accessing company resources. Additionally, there are also legal implications within AUPs. Use an existing AUP that you are familiar with, such as from a current or previous workplace, or search on the Internet for an example AUP to complete this case study. Write a three to five (3-5) page paper in which you: 1. Describe the purpose of an Acceptable Use Policy you have selected and explain how the AUP helps provide confidentiality, integrity, and availability within the organization. 2. Critique the AUP you selected and provide recommendations for improving the AUP. 3. Explain methods that organizations can implement to help ensure compliance with the AUP, mitigate their risk exposure, and minimize liability. Describe how your selected AUP accomplishes these goals. More Details hidden... Activity mode aims to provide quality study notes and tutorials to the students of CIS 462 WK 2 Case Study 1 Acceptable Use Policy in order to ace their studies. CIS 462 WK 2 CASE STUDY 1 ACCEPTABLE USE POLICY To purchase this visit here: http://www.activitymode...
Words: 688 - Pages: 3
...description and scope of the contents of the policy. #Acceptable Use Policy This policy is used to establish a culture of trust and integrity amongst the employees and users of the network. The acceptable use policy should contain an overview, purpose, scope, general use & ownership and un-acceptable use sub-sections. Email Policy The policy defines standards for conducting communications within the corperate network email system. These standards minimize the potential exposure to the company from unsolicited email messages and attachments. The email policy should contain a purpose and enforcement sub-sections. Anti-Virus Policy The policy defines standards for protecting the company’s network from any threat related to maleware Identity Policy The policy defines rules and practices for protecting the corporate network from unauthorized access. The Identity policy identifies who each user is and what resources they are allowed to access. The identity policy should contain sub-sections on purpose, employee training, visitors (i.e.temps, contractors and consultants,) and prohibited practices. Password Policy Passwords are an important aspect of netwok security. They are the front line of protection for user accounts. The password policy should contain sub-sections on purpose, scope, policies, guidelines and enforcement. Encryption Policy This policy provides guidance so that encryption efforts will use only those algorithms that have received substantial...
Words: 476 - Pages: 2
...IS4550: Security Policies and Implementation Mr. Shane Stailey Edy Ngou Date: 09/20/2015 Lab week 1: Organization Wide Security management AUP worksheet ABC Credit Union Acceptable Use Policy Policy Statement The acceptable Use Policy is to ensure compliance with laws such as the Gramm-Leach-Bailey Act (GLBA) and the Federation trade commission (FTC). This policy is also to assist the Credit Union ensuring information technology (IT) security best practices with regard to it associates. Purpose / Objective The purpose of ABC Credit Union’s acceptable use policy is to define requirements for Credit Union acceptable use policies, and define the acceptable and unacceptable uses of computer equipment, internet / intranet / extranet related systems, and email by ABC Credit Union associates in the performance of their duties. This policy requires that all Credit Union electronic information systems be used for Credit Union business with minor exceptions. These rules are in place to protect the associates and ABC Credit Union. These objectives of this policy are: * To keep the business process in a high working order in order to achieve the maximum amount of profit gained. * To keep morale law, so that employees are constantly being replaced. Scope This policy applies to associates, contractors, consultants, and other workers at ABC Credit Union, including all personnel affiliated with third parties. Also this policy applies to all...
Words: 461 - Pages: 2
...Home Page » Computers and Technology It255 Unit 4 Aup In: Computers and Technology It255 Unit 4 Aup Acceptable Use Policy The acceptable use policy is a set of rules that a corporation, organization or internet service providers, provide to their employees about the use of computers, networks and associated resources. These rules would state that not only just employees but users as well should not access the system areas where they are not authorized to, they would be held accountable for what all they do, they should only use to computer that was issued to them for purposes assigned to them, etc. These rules basically state that the computers are not to be used improperly or illegally during or after work hours at job sites. Verizon wireless “acceptable use policy” states that there should be no illegal use of their personal internet meaning that their services should only be used for lawful purposes only. This includes any unauthorized actions to illegal sites or violation of control laws. Their email use is prohibited for users to use illegally. NO commercial advertising or informational announcements are allowed. AT&T “acceptable use policy” prohibits any use of their services in any way illegally, unlawful, or harmful in any way to their company or any other company. Their AUP also doesn’t want any unauthorized access to pornography sites, inappropriate interaction with minors or threatening of material or contents. AT&T email services are not to be used...
Words: 334 - Pages: 2
...Acceptable Use Policy The acceptable use policy is a set of rules that a corporation, organization or internet service providers, provide to their employees about the use of computers, networks and associated resources. These rules would state that not only just employees but users as well should not access the system areas where they are not authorized to, they would be held accountable for what all they do, they should only use to computer that was issued to them for purposes assigned to them, etc. These rules basically state that the computers are not to be used improperly or illegally during or after work hours at job sites. Verizon wireless “acceptable use policy” states that there should be no illegal use of their personal internet meaning that their services should only be used for lawful purposes only. This includes any unauthorized actions to illegal sites or violation of control laws. Their email use is prohibited for users to use illegally. NO commercial advertising or informational announcements are allowed. AT&T “acceptable use policy” prohibits any use of their services in any way illegally, unlawful, or harmful in any way to their company or any other company. Their AUP also doesn’t want any unauthorized access to pornography sites, inappropriate interaction with minors or threatening of material or contents. AT&T email services are not to be used for inappropriate emails or messages. Cox Communication email prohibits sending any unsolicited mail messages. Commercial...
Words: 430 - Pages: 2
...------------------------------------------------- Week 1 Laboratory Part 1: Craft an Organization-Wide Security Management Policy for Acceptable Use Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Define the scope of an acceptable use policy as it relates to the User Domain * Identify the key elements of acceptable use within an organization as part of an overall security management framework * Align an acceptable use policy with the organization’s goals for compliance * Mitigate the common risks and threats caused by users within the User Domain with the implementation of an acceptable use policy (AUP) * Draft an acceptable use policy (AUP) in accordance with the policy framework definition incorporating a policy statement, standards, procedures, and guidelines Part 1 – Craft an Organization-Wide Security Management Policy for Acceptable Use Worksheet Overview In this hands-on lab, you are to create an organization-wide acceptable use policy (AUP) that follows a recent compliance law for a mock organization. Here is your scenario: * Regional ABC Credit union/bank with multiple branches and locations thrrxampexoughout the region * Online banking and use of the Internet is a strength of your bank given limited human resources * The customer service department is the most critical business function/operation for the organization * The organization wants to...
Words: 639 - Pages: 3
...IS4550 Unit 1 Assignment 1 Internet-use policy for ABC Credit Union Purpose The purpose of this Acceptable Use Policy is to provide guidelines which will be applied in determining acceptable use of this Web site, and to notify you of the terms of this service. As a user of this service, you agree to comply with this policy, the stated acceptable uses and the terms of service. A signed Acceptable Use Policy must be signed by each faculty and staff. Online Conduct The intent of this policy is to make clear certain uses, which are and are not appropriate. ABC Credit Union will not monitor or judge all the content of information transmitted over this service, but will investigate complaints of possible inappropriate use. ABC Credit Union may at any time make determinations that particular uses are or are not appropriate with or without notice to you, according to the following guidelines. You must respect the privacy of others; for example: you shall not intentionally seek information on, obtain copies of, or modify files, other data, or passwords belonging to others, or represent themselves as another user unless explicitly authorized to do so by that user. You must respect the legal protection provided by copyright and license to programs and data. You must respect the integrity of computing and network systems; for example, you shall not intentionally develop or use programs that harass other users or infiltrate a computer, computing system or network and/or damage...
Words: 1035 - Pages: 5
...E-mail Acceptable Use Policy Purpose E-mail is a critical mechanism for business communications at Richman Investments. However, use of Richman Investments’ electronic mail systems and services are a privilege, not a right, and therefore must be used with respect and in accordance with the goals of Richman Investments. The objectives of this policy are to outline appropriate and inappropriate use of Richman Investments’ e-mail systems and services in order to minimize disruptions to services and activities, as well as comply with applicable policies and laws. Scope This policy applies to all e-mail systems and services owned by Richman Investments, all e-mail account users/holders at Richman Investments (both temporary and permanent), and all company e-mail records. Account Activation/Termination E-mail access at Richman Investments is controlled through individual accounts and passwords. Each user of Richman Investments’ e-mail system is required to read and sign a copy of this E-mail Acceptable Use Policy prior to receiving an e-mail access account and password. It is the responsibility of the employee to protect the confidentiality of their account and password information. All employees of Richman Investments will receive an e-mail account. E-mail accounts will be granted to third-party non-employees on a case-by-case basis. Possible non-employees that may be eligible for access include: • Contractors. • Employees. • Interns. Applications for these temporary...
Words: 1904 - Pages: 8
...Dallas Page July 17, 2015 Unit 4 Assignment 2 NT2580 Acceptable Use Policy Definition 1. Overview To protect the integrity, confidentiality and accessibility along with the safety of our clientele and employees it is necessary that a precise set of standards must be defined for anyone who utilizes the electronic devices to access information via the internet. Richman Investments is committed to protecting employees, partners and the company from illegal or destructive actions whether knowingly or unknowingly. Internet or Intranet related systems, including but not limited to the World Wide Web, storage media, operating systems, network accounts and electronic mail are intended to be used for business pertaining to Richman Investments. It is the responsibility of each electronic device user to know the guidelines of the Acceptable Use Policy and to adhere to the Acceptable Use Policy of Richman Investments. 2. Purpose To outline and give a clear precise definition of what is and what isn’t acceptable when using the property of Richman Investments. Property including but not limited to computers, internet service, email service, storage media, operating systems or network accounts. Inappropriate use of either of the aforementioned exposes Richman Investments to legal liability and/or risks of damage to company hardware and/or software. 3. Scope The Acceptable Use Policy applies to all employees, contractors, clients, visitors and partners to...
Words: 689 - Pages: 3
...Richman Investments ACCEPTABLE USE POLICY Information Security Policy Number 12345 Effective 10/15/2013` I. Introduction An Acceptable Use Policy (AUP) is an organization-wide policy that defines what is allowed and what is not allowed regarding use of Information Technology (IT) assets by employees. The following policy is to be followed by all employees of Richman Investments, authorized individuals, vendors, and contractors who use any information technology (IT), electronic, or communication devices owned and/or provided by Richman Investments for the purpose of assisting them with their job-related duties. Access to the Internet is a privilege and all employees must adhere to the policies regarding computer, email, and Internet usage. Violation of these policies will result in disciplinary and/or legal action that may include counseling, revocation of company devices, termination of the employee, and legal action. II. Roles and Responsibilities Every employee must acknowledge that they have received a copy of the AUP and confirm that they have a complete understanding and agree to abide by the rules set forth in the AUP. Receipt and signing of the AUP will occur at Employee Orientation, and in the event of changes to the policy, a revised AUP must be signed. III. Policy Directives A. Acceptable Use Management Requirements A Standard Operating Procedure (SOP) will be established to support the development and maintenance of this AUP. ...
Words: 747 - Pages: 3
...ABC Credit Union Organization-Wide Acceptable Use Policy Policy Statement This Acceptable Usage Policy covers the security and use of all ABC Credit Union’s information and IT equipment. It also includes the use of email, internet, voice and mobile IT equipment. This policy applies to all ABC Credit Union employees, contractors and agents. Purpose\Objectives The purpose of this policy is to provide a description of the acceptable use of our computer systems and internet service. The objectives of this policy are: * To keep the business process in a high working order in order to achieve the maximum amount of profit gained. * To keep morale low, so that employees are constantly being replaced. Work is not supposed to be fun. Scope The scope of the policy includes users, computers, storage media, and internet usage. Standards All computer systems will be imaged to the following standards: * No background pictures * No sounds * 800x600 screen resolution No employees will be granted administrator rights on their computer system in order to prevent any fun software from being downloaded. These standards are in place to provide the dullest work experience ever imagined and the IT department reserves the right to amend these standards at any time without notification. Internet Use Policy The internet will only be used for business purposes and not entertainment. Our company proxy server has been configured to block access to the following types...
Words: 319 - Pages: 2
...logs into the domain with a space at the end of the domain name it will cause an error and wont accurately download a system policy (CVE, 2013), and the domain user or admin have a guessable password in Windows NT (CVE, 2013). In the first article it discusses the use of USB devices in the workplace. USB’s are used for transporting data from one computer to another. These allow for business requirements to be reached at a faster pace but they also pose a number of security challenges. Those challenges may be “disgruntled workers, careless users and malicious individuals” (Couture, 2009, p. 6). Ways to migrate this issue is by gluing shut the ports, disable USB ports in BIOS, prevent users from installing a USB device by denying permission on files called usbstor.pnf and usbstor.inf, making USB ports read only, disable USB ports in Group Policy, or disable Autorun (Couture, 2009, p. 11). In the second article it discusses the vulnerabilities of the BIOS. The BIOS performs power up test amongst the hardware components and memory and without this program the computer wouldn’t know what to do after it was turned on. The BIOS can be accessed by the use of backdoor passwords, cracking the BIOS password, deleting the contents of the CMOS RAM by software and/or hardware (Allgeuer, 2001, p. 4). Ways to mitigate the risk of users accessing the BIOS is to use BIOS passwords to protect the BIOA configuration utility, for the more critical systems different BIOS password should be used...
Words: 1760 - Pages: 8
...Acceptable IT Usage Policy Acceptable IT Usage Policy Capgemini India The information contained within this document is the property of CAPGEMINI INDIA and is issued in confidence and must not be reproduced in whole or in part. Acceptable IT Usage Policy Document Control Revision History Date Version 8th June 2004 ISMS-Annex04/1.0 1.1 Author C. Rai – ISMS Manager C. Rai – ISMS Manager Description FIRST RELEASE Second Release – Revision of earlier release to adapt QMS guidelines on document controls and classification standard Control 3.9 – “network” was replaced with “network server” Addition of control 3.19 “Network access to temporary staff and visitors” under section 3 Addition of SECTION 8 “Mobile computing and Teleworking Policy” SECOND RELEASE Changes in software copyright compliance, Internet policy, maintaining information security, password policy. THIRD RELEASE Addition of acceptable use policy on Data Card / GPRS / Blackberry 15th Jan 05 28th Jan 05 1.2 C. Rai – ISMS Manager 12th Feb 05 1.3 CRAI – ISMS Manager 3rd March 05 2.0 CRAI – ISMS Manager Chandrashekhar Moharir – ISMS Team 27th September 2.1 05 4th Oct 06 18th 08 3.0 Cmoharir- ISMS team Dmalli- ISMS Team September 3.1 19th September 3.1 09 22nd April 2010 3.2 Company Confidential Kamal Seepana- ISMS No changes Team Daksha Malli Policy Revision Page 2 of 20 Printed copies are current on distribution date. Always refer to the electronic...
Words: 5081 - Pages: 21
...valuable resources. Richman Investments provides various computer resources to its employees for the purpose of assisting them in the performance of their job-related duties. State law permits incidental access to state resources for personal use. This policy clearly documents expectations for appropriate use of Richman Investments assets. This Acceptable Use Policy in conjunction with the corresponding standards is established to achieve the following: 1. To establish appropriate and acceptable practices regarding the use of information resources. 2. To ensure compliance with applicable State law and other rules and regulations regarding the management of information resources. 3. To educate individuals who may use information resources with respect to their responsibilities associated with computer resource use. This Acceptable Use Policy contains four policy directives. Part I – Acceptable Use Management, Part II – Ownership, Part III – Acceptable Use, and Part IV – Incidental Use. Together, these directives form the foundation of the Richman Investments Acceptable Use Program. Section 2 – Roles & Responsibilities 1. Richman Investments management will establish a periodic reporting requirement to measure the compliance and effectiveness of this policy. 2. Richman Investments management is responsible for implementing the requirements of this policy, or documenting non-compliance via the method described under exception handling. 3. Richman...
Words: 1330 - Pages: 6
...environment brought about by technology in the last five years. Use Table 1-1 and your own personal experiences to formulate your answer. 2. Discuss the tools and technologies for collaboration and teamwork that are available and how they provide value to an organization. 3. Discuss the personal and professional implications of so much individual data being gathered, stored, and sold. Should businesses be allowed to gather as much as they want? Should individuals have more control over their data that are gathered? 4. Describe the five technology drivers of the infrastructure evolution. Which do you think has been the most influential in helping us achieve the level of technology we enjoy today? 5. Use your imagination and come up with ideas of how your organization or company can use a wireless network. What current processes will you have to change to incorporate your idea? 6. Discuss the elements of a good security policy that every business should have. The elements of a good security policy that every business should cover are acceptable use, user authorization, and authorization management systems. The security policy should include statements ranking information risks, identify acceptable security goals, and identify mechanisms for achieving the goals. The policy should describe who generates and controls information, what existing security policies are in place to protect information, what level of risk is...
Words: 652 - Pages: 3