IT Security PolicyEmail has become a critical communiction tool for organisations, if the system is down it causes serious disruption to the organisation. The use of email has to be managed for it to bring the maximum benefit to the organisation.

Email creates a large potential for misuse and abuse and its use must be controlled. All email content that is read and sent carries a risk.

The sending and receiving of personal email results in lost productivity for the organisation. Every minute spent on theses activities is time that has not been spent working for the organisation. Organisations have a right to expect time to be devoted to organsiation related behaviour.

Another issue facing organisations is that unwanted content can put the organisation on the wrong side of the law. Pornographic, racist or sexist material distributed internally or externally by email is highly inappropriate. If sent using the organisations systems, the finger of blame can point at the organisation.

Surveys show that employees would open email they suspect to be inappropriate and, even worse would circulate the offensive material to colleagues and friends. To help prevent this behaviour an email acceptable use security policy needs to be put in place. As well as implementing a security policy it is also advisable to invest in suitable virus scanning software and content scanning or blocking software to help enforce the policy.

A good acceptable use security policy protects an organsiation against malicious content, viruses and damaging and unauthorised emails.

A email acceptable use security policy is available to download below. The acceptable use security policy consists of a list of Do's and Do Not's for employee use of the Internet. This security policy is from the 1990's.