Acceptable Use Policies – Flashcards
Unlock all answers in this set
Unlock answersquestion
Acceptable Use Policy
answer
A policy which most IT users have to sign or otherwise agree to before accessing a given IT system such as in the workplace or in school. They are intended to ensure safe practices and appropriate behavour.
question
Security
answer
The AUP would stress: the need for complex passwords, which are changed at agreed intervals: not leaving computers logged in unattended.
question
Appropriateness
answer
The AUP would stress: that Internet access not be used to seek, view or share inappropriate adult images and other content using the accounts and equipment belonging to or brought into the organisation. It would also prohibit bullying or harassment of other users.
question
Time-wasting (productivity)
answer
The AUP would stress that using social media or otherwise engaging in non-work related materials be conducted outside working hours (if permitted at all).
question
Legal
answer
The AUP would stress that users must not use the organisation's resources to contravene any laws, for example related to copyright, computer misuse (including hacking), privacy or harassment.
question
Good-practice
answer
The AUP would stress that users must not: install unapproved software on company/school equipment; use devices in a way that might lead to damage or loss. It may also recommend they perform back ups in accordance with company/school policy.
question
Data Protection
answer
When we use computers, we leave a trail of data on our hard drives, in emails and elsewhere. According to the Data Protection Act:
• Data should be backed up regularly, with a proper plan for how data will be retained (and for how long)
• Hardware or software firewalls should be used to protect connections to and from the Internet
• Hard drives from redundant servers and workstations should be retained to protect data or wiped using an approved data scrambling utility. If disposed of, it must be through a certified company.
• Data should be backed up when it is changed and full backups performed at least once per week or, for servers, daily.