If your organisation's Information Security Policies do not explicitly state what is deemed acceptable, it may be hard, or impossible to invoke any form of disciplinary action against those involved. Your Information Security Policy must be clear about this.
- The following examples of Internet access not only detract from business efficiency, some can even result in legal and criminal proceedings, which will almost certainly damage the organisation.
- Downloading of pornographic material from Web sites
- Playing games and using 'Chat Rooms'.
- Subscribing and contributing to News Groups using the corporate Internet address and signature.
- Sending and receiving personal correspondence by e-mail, the volume and content of which is deemed as excessive and / or inappropriate.
- Excessive 'surfing' of Web sites during business hours for personal reasons.
- Retrieval and distribution to other staff of offensive 'joke of the day' e-mails .
- The use and abusive of office equipment for the storage and printing of inappropriate material e.g. large pictures / images.
- Ensure that staff are aware of the Policy relating to Acceptable Internet Use.
- Enforce the policy by using appropriate technology tools which restrict access only to those selected web sites and connections which are considered relevant to business activity. Caution! See Respecting Privacy in the Workplace.
- Consider applying disciplinary procedures as appropriate. Caution! See Respecting Privacy in the Workplace.