Many businesses have completed their transitions from working in-office to working from home because of the COVID-19 crisis. Now, more than ever, businesses need an acceptable use policy (AUP) in place. If you don’t have one, make it the next entry on your to-do list. It’s that important.
An AUP is an officially documented position that states company rules for governing network access, data consumption, and computer use. Your employees need to know what’s expected of them to help ensure a properly maintained network, limit exposure to cyber attacks, minimize the risk of corruption, and protect your reputation and financial outlook.
There are no set rules for creating an AUP as most companies prefer to create a plan that fits their type of business and specific needs. That said, most plans start by stating the requirements for their networks, devices, data, passwords, messaging, file storage/sharing, software, and cloud-based applications.
For example, you can require that your remote employees only use remote access with virtual private network (VPN) protection to log into your network. You can also set minimum password requirements, such as the number of characters, numbers, upper and lower case letters, symbols, etc. to be used.
Bring Your Own Device (BYOD) or Company-Issued Devices?
You should also establish different requirements for employees using company-issued devices and their own personal devices for network access.
For company-issued devices, make sure your staff knows they are only to be used for business purposes. Devices owned by the company usually carry the same security protections as in-office computers, so they are usually safer provided employees avoid downloading apps and other software platforms from unreliable sources.
For personally owned devices, the risk of network infection is greater. If your company allows these devices to be used for business purposes via remote access, make sure you deploy upgraded security solutions, such as antivirus programs, mobile management software, remote VPN access, data encryption, and more.
A Few More Considerations for a Solid AUP
Implement a code of conduct so your employees know what is and isn’t acceptable. Make sure they know code violations will not be tolerated. Some examples include downloading apps and other software onto company-owned devices, sharing sensitive customer or company information without proper authorization, visiting inappropriate websites, or using inappropriate language within business communication channels.
Depending on the type of business you are in, there may be a few compliance and legal issues your employees are required to follow, such as Health Insurance Portability and Accountability Act (HIPAA) standards for healthcare. If your company accepts credit card payments, you are required to follow the Gramm–Leach–Bliley (GLB) Act parameters and Payment Card Industry Data Security Standard (PCI DSS) compliance for keeping financial information secure.
If your company needs additional ideas or help in creating or upgrading your AUP, Networking Technologies is here to help. Our professional team of experts bring 20 years experience helping companies with their technology needs.
Contact us today.