IT Security PolicyFew would disagree that the Internet has become a critical tool for many organisations, to the point that if the system is down serious disruption to the working day can result. The use of the Internet has to be controlled for it achieve its potential for the organisation.

The Internet offers the greatest opportunity for misuse and abuse than any other IT system and particular attention must be paid to the way in which it is used. All Internet content carries a risk.

A major issue facing organisations today is the lost productivity due to employees surfing the Internet for non-work related purposes. Time spent on this activity is time that has not been spent driving the organisation forward. Organisations pay for their employees time and have a right to expect it to be spent on organisation related activities

Another issue facing organisations is that unwanted content can put the organisation on the wrong side of the law. Pornographic, racist or sexist material that is download is highly inappropriate. If downloaded using the organisations systems, the finger of blame can point at the organisation.

As more employees make use of the Internet in an organsiations time, the greater is the need for organisations to govern their employees activities. This can be achieved by developing an Internet acceptable use security policy.

A good acceptable use security policy protects an organsiation against inadvertent or intentional information security breaches, wasted IT resources or legal liability. There are a lot of risks associated with using the Internet ranging from libel to sexual harrassment. As well as implementing a security policyit is also advisable to invest in suitable virus scanning software and content scanning or blocking software to help enforce the policy.

An Internet acceptable use security policy is available to download below. The acceptable use security policy consists of a list of Do's and Do Not's for employee use of the Internet. This security policy is from the 1990's.