MODEL ACCEPTABLE USE POLICY
for
Corporate Internet Systems
Security and Proprietary Information
Information contained on Internet-related systems may be
classified as non-confidential, confidential, or proprietary (trade
secrets, specifications, customer lists, and research data are examples of
proprietary information) as defined by corporate confidentiality
guidelines. Employees are required to take all necessary steps to prevent
unauthorized access to this information. Employees are expected to:
1. Keep their passwords secure and unknown to all
other persons and refrain from sharing accounts. Authorized users are
responsible for the security of their passwords and accounts. Passwords
should be changed quarterly and should be at least 8 alphanumeric
characters. All default passwords must be changed and all guest or
anonymous accounts are prohibited. Authorized users should take steps to
prevent unauthorized access to their accounts by logging off when their
terminal will be unattended.
2. Use encryption and obtain proper authorization when
sending proprietary information via internal or external e-mail or when
sending confidential information via external e-mail. Encryption shall
not be used for the transmission of non-confidential information.
3. Use encryption of appropriate information only in
compliance with corporate encryption policy. No other encryption may be
used. All non-confidential internal communications shall be in clear
text.
4. Properly identify the security level of all
information stored or sent on Internet-related systems.
AUP Pages
Home | Corporation | Systems | Policy | Security | Copyright | Restrictions | Education | Miscellanea
Copyright © 1997
Ashe Lockhart | Martin Poteralski | Joey Senat | Mary Slaughter | Matt
Stevens | Jim Wright
