Beruflich Dokumente
Kultur Dokumente
These policies specify how users are able to connect to the internet, requires the approval from
the IT department to connect to the internet, and specifies the approved modes of connection.
This internet connection policy requires users to use the internet for business purposes
only, and to not visit sites that may be malicious and could compromise security. User’s internet
activity may be logged, monitored and activity on the network will be logged to a certain extent.
It specifies what will be used to prevent unauthorized internet usage, to log internet activity,
whether a proxy server will be used, and how the network will be protected.
Purpose:
This policy was designed to help prevent malicious threats from entering through easy
open doors through insecure connection points. It is to secure and protect the information that the
user inputs into device. These devices include computer devices, networks, and other electronic
information systems to accomplish goals and initiatives. It was designed to prevent unauthorized
and unprotected connections to the internet which may allow unsafe content to enter the network
Scope:
All employees, contractors, consultants, temporary, and other workers, including all
personnel affiliated with third parties that maintain a device with an internet connection must
adhere to this policy. This applies to all devices that connect to the network or reside onsite
Policy:
All connections to the internet or private network shall be authorized and approved by the
IT department. Most users will gain access to the internet via their office, and any additional
connections must be approved by the IT department. These additional connections may include,
1. Modem connection from an endpoint device which may all a connection to the network.
2. Any devices which have both a phone and network connection must be inspected and
3. Wireless access points and devices capable of wireless connection are not allowed unless
Additional internet connections not provided by the IT department must be evaluated and
1. The ability to prevent users from visiting any site that is not related to their goals,
1. Time of activity
2. Duration of activity
5. Whether the system will cache web pages on increase internet connection
3. The system will require a login ID or it will use the current network login to identify
users.
To prevent users from visiting inappropriate sites that are not approved for business,
the system used shall be ______. This same system will not require an additional login ID
and will use Active Directory to identify internet users. This system shall be able to log user
Policy Compliance:
Improper use of endpoint devices can bring in malicious software which may destroy the
integrity of the network, its systems, and the prevention of these events is critical to the security
of the organization. The IT department will verify compliance of this policy through various
methods, including but not limited to, monitoring, business tool reports, audits, and feedback to
the policy owner. Any exception to the policy must be approved by the IT department in
advance. All users that do not adhere to this policy may be subject to disciplinary action (such as
References
http://www.comptechdoc.org/independent/security/policies/internet-connection-
details of an internet connection policy that are needed. I used these details for the main
content of my policy.
Wireless Communication Policy. (2014, June 1). Retrieved December 7, 2015, from
https://www.sans.org/security-resources/policies/network-security/pdf/wireless-
into details as to why it exists, what purpose it serves, who it would affect, the policy
itself, and the consequences of not adhering to the policy. I used this to ensure that I
included as much detail as possible for my policy in addition to the format of the policy.
http://www.comptechdoc.org/independent/security/policies/wireless-policy.html This
contains an example of a wireless use policy. It goes into details of why it was created,
the purpose, who is affected, the risk of wireless use and how it would be assessed, all the
components of wireless, and how the policy would be enforced. I used this to have
another example of how policies are formatted and the amount of detail required for each