Policies with Privacy: Ten Ways of Securing Your IT Network: Computer Networks Are Subject to a Number of Threats from outside as Well as within. David Taylor Suggests Some Guidelines for Devising Usage Policies That Also Respect Staff Privacy

By Taylor, David | Journal of Banking and Financial Services, June-July 2004 | Go to article overview

Policies with Privacy: Ten Ways of Securing Your IT Network: Computer Networks Are Subject to a Number of Threats from outside as Well as within. David Taylor Suggests Some Guidelines for Devising Usage Policies That Also Respect Staff Privacy


Taylor, David, Journal of Banking and Financial Services


Any good IT security policy should contain two parts, one dealing with preventing external threats and the other with internal risks by defining appropriate use of the network.

In terms of external threats, there are plenty of products available to deal with these risks, such as firewalls, anti-virus software, email filters and intrusion detection. These are put in place by IT staff and are undetected by the user.

However, appropriate use of the network inside a company is a management issue. Implementing an Acceptable Use Policy (AUP) governing empoyee behaviour requires tact and diplomacy.

At the very least, having an AUP in place can protect your company from liability if you can show that any inappropriate activities were undertaken in violation of that policy.

More likely, however, a logical and well-defined AUP will reduce bandwidth consumption, maximise staff productivity and reduce the prospect of legal issues.

The following ten points provide a common-sense approach to developing and implementing an AUP that will be fair, clear and enforceable.

1. Identify your risks

What are the risks from inappropriate use? Do you have information that should be restricted? Do you send or receive a lot of large attachments and files? Are there potentially offensive attachments making the rounds? These might be non-issues. Or they could be costing your company thousands of dollars a month.

A good way of identifying such risks is by using monitoring or reporting tools. Many vendors of firewall and internet security products allow an evaluation period for potential customers, which can be highly useful. However, it is important to ensure that staff are told their activities could be monitored, lest they view such activity as an invasion of privacy.

2. Learn from others

There are many types of security policies to choose from, so it's important to see what similar organisations are doing. You can browse online, or buy a book. A useful tome is Information Security Policies Made Easy by Charles Cresson Wood, which has over 1200 policies already written and ready to customise.

Also, don't forget to talk to the sales reps from the various security product vendors. They are always happy to provide information.

3. Ensure the policy conforms to legal requirements

Depending on your type of data, jurisdiction and location, you may be required to conform to certain minimum privacy standards, especially if you hold personal information. Having a viable security policy documented and in place is one way of mitigating any liabilities you might incur in the event of a security breach.

4. The level of security should equal the level of risk

Don't be overzealous. Too much security can be as bad as too little. …

The rest of this article is only available to active members of Questia

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

(Einhorn 25)

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Note: primary sources have slightly different requirements for citation. Please see these guidelines for more information.

Cited article

Policies with Privacy: Ten Ways of Securing Your IT Network: Computer Networks Are Subject to a Number of Threats from outside as Well as within. David Taylor Suggests Some Guidelines for Devising Usage Policies That Also Respect Staff Privacy
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen
Items saved from this article
  • Highlights & Notes
  • Citations
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    Buy instant access to save your work.

    Already a member? Log in now.

    Search by... Author
    Show... All Results Primary Sources Peer-reviewed

    Oops!

    An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.