AUP Cyber Security

Realizing and adopting information security policies within your organization is an important step in ensuring that every department and employee understands their role in helping protect your company, customers, and employee data again security threats from outside and within (cyber security protection).

An Acceptable Use Policy or so-called AUP is a series of rules that define what end users may or may not do with their technology. Usually, this policy requires some kind of acknowledgment that the rules are well understood, including potential consequences of violation, before issuing any kind of log into the system. Acceptable use policies outline for example what is appropriate and what is inappropriate when it comes to using the organization’s network and the internet.

A well-defined and implement UAP policy not only outlines these rules but also explains the reason why they are implemented and important so that all the people within your organization will acknowledge them and not see the rules as arbitrary or unreasonable.

Feel free to use this editable UAP template in Word as a starting point to get your organization on the right track when it comes to full policy creation and adoption and customize it to fit your organization’s needs. This sample policy is not legal advice or a substitute for consultation with qualified legal counsel. Laws vary from country to country.

This sample includes:

• The definition and area of acceptable usage (Overview, purpose, and scope)
• Access management and authorization;
• Authentication and password protection;
• Computer Desktop policy and login/logout rules;
• Data security and protection;
• Email and messaging policies (Electronic Communication);
• Usage of social media;
• Hardware and software management;
• Internet Usage and Access policies;
• BYOD and mobile devices rules;
• Identification (Physical Security);
• Usage of removable storage/media (including USD devices);
• Security training and awareness policies for new employees;