Unit 5 Assignment 2 Define an Acceptable Use Policy (Aup)

Unit 5 Assignment 2: Define an Acceptable Use Policy (AUP)

Acceptable Use Policy
Richman Investments holds requirements for the usage of the company
network including filtering policies for network traffic.
LAN WAN is where the IT infrastructure links to a wide area network and
internet.
For Security (Administrators and Managers)
- Security monitoring controls for intrusion
- Apply email server and attachment antivirus and email quadrating for
unknown file types
- Disablement for ping, probing, and port scanning on all exterior IP devices
- Denying of outbound traffic using source IP addresses
- Apply file transfer monitoring, scanning and alarming for unknown file
types
Web Surfing is the usage of the internet browsing a series of web browsers
For Security (Administrators and Managers)
- Apply domain-name content filtering at the internet entry/access point
- Employees may lose productivity while searching web for no work related
material
Cons putting a limitation to web surfing may cause the employee to lack
independence of finding information. What if they need to look up an
answer to a customers question and has to find it on the web?

Pros not using the internet could prevent a wide variety of viruses and the
company is only allowed to use their company accounts to send out emails
to customers.
Guidelines to usage of email are covered under email usage policy
Richman Investment Employees:
Certain traffic is expressly forbidden:
- No peer-to-peer file sharing or externally reachable file transfer protocol
(FTP) servers
- No downloading executable from known software sites
- No unauthorized redistribution of licensed or copy righted material
- No exporting internal software or technical material in violation of export
control laws
- No introduction of malicious programs into networks or onto systems
- No port scanning or data interception on the network
- No denying service or circumventing auathentication to legitimate users
- No using programs, scripts, or commands to interfere with other network
users
- No sending unsolicited email messages or junk mail to company
recipients
- No accessing adult content from company resources
- No remote connections from systems failing to meet minimum security
requirements