Acceptable Use of Information Technology Policy



Similar documents
Information Security and Electronic Communications Acceptable Use Policy (AUP)

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy

ICT Student Usage Policy

TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & POLICY AND CODE

Information Systems Acceptable Use Policy for Learners

St. Peter s C.E. Primary School Farnworth , Internet Security and Facsimile Policy

Dene Community School of Technology Staff Acceptable Use Policy

3. Electronic Mail ( )

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee

Electronic Communications Guidance for School Staff 2013/2014

Internet Use Policy and Code of Conduct

Conditions of Use. Communications and IT Facilities

Information & Communications Technology Usage Policy Olive AP Academy - Thurrock

ICT POLICY AND PROCEDURE

TECHNOLOGY USAGE POLICY

INTERNET, USE AND

YOUR AGENCY EMS Computer, Software, Network, and Internet Policy with Appropriateness of Use Guidelines

Electronic Communications and. Guidance note and template policy

Acceptable Use of ICT Policy For Staff

UNIVERSITY OF ST ANDREWS. POLICY November 2005

CCSS IT ACCEPTABLE USE POLICY Guidance for Staff and Pupils

ACCEPTABLE IT AND COMPUTER USE POLICY GUIDE FOR STAFF

Advice leaflet Internet and policies

Revelstoke Board of Education Policy Manual

Sheridan College Institute of Technology and Advanced Learning Telephone and Computer Information Access Policy

Recommendations. That the Cabinet approve the withdrawal of the existing policy and its replacement with the revised document.

Policy and Procedure for Internet Use Summer Youth Program Johnson County Community College

Acceptable Usage Guidelines. e-governance

How To Monitor The Internet In Idaho

WORTHING COLLEGE STUDENT IT SECURITY POLICY. October 2014

INTERNET AND POLICY

Online Communication Services - TAFE NSW Code of Expected User Behaviour

THE RICE MARKETING BOARD FOR THE STATE OF NEW SOUTH WALES RESPONSIBLE COMPUTING POLICY

Angard Acceptable Use Policy

ITU Computer Network, Internet Access & policy ( Network Access Policy )

INTERNET, AND COMPUTER USE POLICY.

UNESCO-IHE Code of Conduct regarding Information Technology (IT)

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

Acceptable Use of Information and Communication Systems Policy

Policy and Code of Conduct

Acceptable Use Policy

Information Services. Regulations for the Use of Information Technology (IT) Facilities at the University of Kent

Acceptable Use Policy

13. Acceptable Use Policy

USE OF INFORMATION TECHNOLOGY FACILITIES

Internet, Social Networking and Telephone Policy

Acceptable Use of Information. and Communication Systems Policy

Pulaski Technical College

EMPLOYEE COMPUTER USE POLICY

POLICY: INTERNET AND ELECTRONIC COMMUNICATION # 406. APPROVAL/REVISION EFFECTIVE REVIEW DATE: March 2, 2009 DATE: March 10, 1009 DATE: March 2014

ICT Acceptable Use Policy. August 2015

Data Protection Division Guidance Note Number 10/08

Human Resources Policy and Procedure Manual

Information Technology and Communications Policy

AVON OLD FARMS SCHOOL COMPUTER AND NETWORK ACCEPTABLE USE POLICY

LINCOLN UNIVERSITY. Approved by President and Active. 1. Purpose of Policy

E Safety Policy. 6 th March Annually. 26 th February 2014

How To Behave At A School

Redland Christian Migrant Association (RCMA) Internet Security and Safety Policy

Usage Policy Document Profile Box

Rocklin Unified School District Employee Authorized Network, Internet Usage, and Privacy Agreement

The City reserves the right to inspect any and all files stored in private areas of the network in order to assure compliance.

The Wellcome Trust Sanger Institute IT Acceptable Use Policy (AUP) Version 1.8

Electronic Messaging Policy. 1. Document Status. Security Classification. Level 4 - PUBLIC. Version 1.0. Approval. Review By June 2012

School policies and Security Risks

Computer Network & Internet Acceptable Usage Policy. Version 2.0

COMPUTER USAGE -

TERMS & CONDITIONS FOR INTERNET ACCESS. Service Provided by Fast Telecommunication Company W.L.L. (hereinafter referred to as FAST Telco )

TECHNOLOGY RESPONSIBLE USE Policy Code: 3225/4312/7320

LINCOLN COLLEGE INTERNET, , AND COMPUTER ACCEPTABLE USE POLICY

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services

Responsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy

Services Policy

2.2 If employees or Board Members wish to use mobile telephones or data devices provided by the Group for personal use they may opt to either:

Rules of the Road for Users of Smithsonian Computers and Networks

DIGITAL TECHNOLOGY POLICY St Example s School

The term Broadway Pet Stores refers we to the owner of the website whose registered office is 6-8 Muswell Hill Broadway, London, N10 3RT.

& Internet Policy

Berwick Academy Policy on E Safety

Broadband Acceptable Use Policy

Dauphin County Technical School

Information Technology Acceptable Use Policy

EASTNOR PAROCHIAL PRIMARY SCHOOL STAFF SOCIAL NETWORKING POLICY. Inspire and Achieve

Beaumont Public Library Computer Usage Policies

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:

The Bishop s Stortford High School Internet Use and Data Security Policy

Rules for the use of the IT facilities. Effective August 2015 Present

STRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS

ELECTRONIC COMMUNICATION & INFORMATION SYSTEMS POLICY

DCPS STUDENT SAFETY AND USE POLICY FOR INTERNET AND TECHNOLOGY

EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY

INFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes

Acceptable Use of ICT Policy. Staff Policy

Acceptable Use of Information Systems Standard. Guidance for all staff

State of Michigan Department of Technology, Management & Budget. Acceptable Use of Information Technology (former Ad Guide 1460.

BOARD OF EDUCATION POLICY

How to Monitor Employee Web Browsing and Legally

Internet Acceptable Use Policy

Policy No: 2-B8. Originally Released: Date for Review: 2016

Policies Concerning the use of Computers

Transcription:

Acceptable Use of Information Technology Policy Date created: January 2006 Updated Review date: April June 2008 Review date: Oct Dec 2009 Introduction VAW provides IT facilities for promoting its charitable objects. IT facilities provide access to a variety of services, which are either hosted by VAW or by external agencies, including the Internet. VAW recognises that IT is an important aspect of the work of its employees, and that appropriate use of IT facilities provides benefits for the organisation. The aim of this policy is to ensure that VAW staff, in using IT facilities, comply with and promote appropriate code of conduct and usage, existing VAW policies and regulations, and operate within the provisions set down in civil and criminal law. Scope of the Policy The policy applies to all staff of VAW, at all levels of seniority, and to all contractors and visitors who use VAW IT facilities. It applies to all IT facilities which are owned, leased or hired by VAW; all IT facilities used by staff either at the VAW premises or connected to the VAW networks; and all IT enabled communications entered into on behalf of VAW. Associated Regulations, Policies and Procedures Use of VAW IT facilities is subject to the following regulations: Data Protection Act 1998 The Copyright, Designs and Patents Act 198 The Copyright and Rights in Databases Regulations 1997 The Computer Misuse Act 1990 Regulation of Investigatory Powers Act 2000 Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (LBP Regulations) The Human Rights Act 1998, Article 8 The Obscene Publications Act 1959 The Protection of Children Act 1978 Disciplinary Procedure of VAW Diversity Policy of VAW

Security Use of certain facilities requires prior registration and the granting of a user code and/or an individual password. A personal user code and password are the property and responsibility of the individual to whom they are issued. Staff must not divulge such information to any other person, unless given specific authority by the relevant Line Manager, or where the role includes network/system supervisory responsibility. If the workstation of a member of staff is located in an area where members of the public or visitors to VAW can see the information on screen, the PC should not be left unattended whilst still logged into the network. A member of staff should log off as a user and log back on when returning to the workstation. This does not involve shutting down the PC. Selecting Good Passwords Rationale The object when choosing a password is to make it as difficult as possible for a hacker to make educated guesses about what you've chosen. This leaves them no alternative but a brute-force search, trying every possible combination of letters, numbers, and punctuation. A search of this sort, even conducted on a machine that could try one million passwords per second (most machines can try less than one hundred per second), would require, on the average, over one hundred years to complete. What Not to Use Don't use a password shorter than six characters. Don't use your login name in any form (as-is, reversed, capitalised, doubled, etc.). Don't use your first or last name in any form. Don't use your spouse or child's name. Don't use other information easily obtained about you. This includes registration plate numbers, telephone numbers, social security numbers, the brand of your car, the name of the street you live on, etc. Don't use a password of all digits, or all the same letter. This significantly decreases the search time for a hacker. Don't use a word contained in (English or foreign language) dictionaries, spelling lists, or other lists of words.

What to Use Do use a password with mixed-case alphabetic characters. Do use a password with non-alphabetic characters, e.g. digits or punctuation. Do use a password that is easy to remember, so you don't have to write it down. Do use a password that you can type quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by watching over your shoulder. Method to choose secure and easy to remember passwords Choose a line or two from a song or poem, and use the first letter of each word. For example, Alas poor Yorick I knew him well Horatio, becomes ApYIkhwH. Alternate between one consonant and one or two vowels, up to eight characters. This provides nonsense words that are usually pronounceable, and thus easily remembered. Examples include routboo, quadpop, and so on. Choose two short words and concatenate them together with a punctuation character between them. For example: dog;rain, book+mug, kid?goat. Access You must not attempt to access VAW systems, networks or databases unless legitimate authorisation has been granted. The granting of a user code and password will constitute authorisation for the use of relevant facilities. However, under no circumstances should you access network areas that you do not have authority to by virtue of your role or responsibilities, nor access password protected folders or files without permission from the authorised user. Occasionally, network security can break down and you can access areas unrelated to your work. You should report any apparent security issues to the Office Manager. You must not attempt to access the systems and networks of other establishments either within the United Kingdom or elsewhere, unless: The service required is a public or open access facility; or Authorisation has been obtained from the system/network service provider.

Usage The following usage is strictly prohibited: Using VAW computing facilities to deliberately produce, obtain, store, view, download or distribute images, text or sound files of an obscene, pornographic, offensive or abusive nature. Using VAW computing facilities to abuse, racially or sexually, or harass or bully anyone, whether or not employed by VAW. Using VAW computing facilities to access, view, print or distribute defamatory or knowingly untruthful information or material of an illegal nature. An unacceptable website may be inadvertently entered by clicking on a link, or by a "pop up". Should this happen to any employee, it must be reported immediately to the Chief Executive's office. Deliberately introducing any virus, worm, trojan horse or any other harmful or "nuisance" programme or file onto any system, or take deliberate action to circumvent any precautions taken by VAW to safeguard the security of its computer systems. Connecting any device into the network of VAW without prior agreement from the appropriate designated authority. Changing default settings on software, or downloading and installing new software to VAW computers without prior permission. Using VAW computing facilities for commercial gain, for work on behalf of others, or for private business use (unconnected with the legitimate activities of the member of staff), unless prior agreement has been made with the Line Manager for the facilities, and an appropriate charge for that use has been determined. Using VAW computing facilities to participate in gambling activities, chat rooms or on-line games. Using VAW computing facilities for personal instant messaging, except during the lunch break. Using your own floppy discs, CDs, etc. with VAW computing facilities. Personal use of IT facilities must not interfere with the normal course of day-to-day activities. Personal use is therefore recommended before and after work, and during the lunch hour. Carrying out personal financial transactions (e.g. using a credit or debit card), is at the employee s own risk. Receiving and forwarding humour is ill advised, as some humour may be oppressive in nature, or offensive to recipients (see 8.5).

The use of electronic mail (e-mail) The advantages of email usage E-mail can be a fast, consistent and cost-effective means of delivering messages and documents across long or short distances. Information can be shared quickly and it can reduce the need to print and distribute information by conventional means. Disadvantages of e-mail usage: If used inappropriately, a member of staff, or the colleagues may suffer from information overload syndrome, i.e. vital information is lost among many irrelevant messages. Inappropriate use of email can also stifle faceto-face communication, or abdicate responsibilities of communicating messages that should be done face-to-face. Because e-mails are quick to compile and despatch, they can be sent without appropriate thought being given to their content, resulting in a permanent record or communication, which the sender may later regret. Using e-mail at VAW E-mail systems are primarily for business use, but VAW acknowledges that staff may occasionally use the e-mail system for personal correspondence. In doing so, all staff are expected to adhere to the conduct outlined in this policy. Personal use must not interfere with the normal course of day-today work activities. E-mails should not be used as an alternative to face-to-face communication, or for urgent matters requiring a response, particularly as some members of staff may not check their inbox many times per day. You should be aware that e-mails might be accessible even when apparently deleted. E-mails are as permanent as memoranda or letters, carrying the same legal and contractual implications. E-mails may be used in a court of law as admissible evidence and, therefore, they must be treated in the same way, with the same care, as any other written material. The confidentiality of e-mail cannot be assured. You should exercise extreme caution in using e-mail to communicate confidential or sensitive matters. Should it be necessary to use e-mail to communicate confidential information, particularly outside of the VAW, you must obtain express permission to do so. For example, from the individual referred to, the originator, or an appropriate Line Manager. Use of the e-mail system to abuse, racially or sexually, or harass or bully anyone, whether or not they are members of VAW, is strictly prohibited.

Any incidents of this nature will be dealt with under the VAW Disciplinary Procedure, and may result in dismissal. The employee has a responsibility to draft all e-mails carefully, taking into account issues of discrimination, harassment, defamation, copyright infringement, and VAW representation. An employee must take care in ensuring that an e-mail is addressed correctly. Unnecessary copying to a range of recipients should be avoided. Sending large attachments (over 500kb) with emails should be avoided. Infringement Failure to observe any aspects of this policy may result in a recommendation that the infringement is pursued via the VAW Disciplinary Procedure, which may result in dismissal. Infringement by staff of certain regulations may result in penalties under civil or criminal law and such law may be invoked by the VAW. Where a member of staff is aware of an infringement of this policy, they should, in the first instance bring it to the attention of their Line Manager or the designated person within the Department. Monitoring VAW reserves the right to access, read and print out e-mails and to monitor usage of IT facilities in order to ensure their efficient and proper use. Such monitoring will give due consideration to personal privacy. Monitoring refers to such issues as ensuring proper compliance with regulatory procedures, providing evidence to establish facts during an investigation, preventing a crime, and enabling the effective operation of the VAW business process. Monitoring traffic This level of monitoring is carried out by software that can record the number of emails sent to various recipients over any period of time. The content or body of the email is not seen. Monitoring content Where VAW has reasonable grounds to believe that this policy is being breached, it may read the content of emails. When carrying out this level of monitoring, any personal information seen that does not breach this code

will be treated confidentially, and not disclosed to anyone by the person monitoring the email content. Accessing inbox As much of VAW business is conducted by email, there may be occasions (e.g. where a member of staff is off sick, on leave, etc.) where a message is needed in order to continue business activities. In the absence of an alternative, a person s password may be changed to enable access to specific email messages.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information