Policies are rules set forth by your company on what your people can do and what they are absolutely prohibited from doing in the workplace. Policies are made for all areas of corporate life, but they are especially important for identifying how your employees can use your company’s technology, including your corporate network and computers. There are computer policies that are standard for each company, but there are also different policies based on a company’s unique and specific needs. Which means we don’t recommend having your HR Director just download a set of generic policies from the internet and implement them the following day. Yes, NSGi will give you a solid place to start, However, we highly recommend you review and update the policies below to better suit your network security needs.
- An “Acceptable use” policy provides the criteria for giving an employee the use of a computer and informing them of its acceptable uses. The policy must be clear that employees are provided access to a computer, and this resource has to be used for their employment duties.
- Internet use policy provides the criteria for giving an employee access to the Internet, and should clearly state that corporate technology must not be used for personal reasons, such as shopping, social media, browsing inappropriate sites and more. Some companies allow and state in their policy that a certain percentage of the employees time during work hours may be used for personal online interests. We believe that this is a slippery slope and can create unintended consequences. How do you prove or disprove the time spent on personal Internet usage, as it may be subjective? Additionally, employees increase the risk of infection and intrusion through this type of non-work related activity.
- Email account policy provides the criteria for giving an employee an email account; identifying the limitations and use of the account; precautions they must take to ensure they don’t send confidential information or click on potential malware and ransomware; as well as notices of account monitoring by management.
- User account policy provides the criteria for giving an employee a network account and identifying the limitations and use of their account. Your HR Director should have a direct line of communication with your dedicated IT support team to request new accounts and the disabling or termination of past user accounts.
- Remote access policy provides the criteria for offering an employee remote access to the network, which enables them to work from home, and while traveling. This policy must also state the process for requesting remote access, who is authorized to approve each request, and the process and security protocols required to implement the remote access securely.
- Information protection policy defines confidential data, HIPAA data, and PII (personally identifiable information), depending on your industry. This policy needs to stress that each type of data has its own requirements and legal consequences for violations.
- Firewall management policy is specific to network technicians. It identifies who suggests and approves the rules configured in the firewall, and the process they must follow to implement the firewall rules. Many IT technicians are told by third-party vendors that they must open ports on the firewall to allow access to the vendor’s on site server. That’s why there must be a clause within this policy to identify and weigh the security risks and ramifications.
Protect Your Corporate Network with Our IT Support Company in NJ
We cannot stress this enough: computer policies should be exclusive to each company and must be well thought out. Yes, there are many policies that other corporations use, which may also be useful for yours, but they should be reviewed and updated as needed. If you need help reviewing and implementing new computer policies for your team, please give Network Security Group a call today. One of the first things we do for new clients is perform a comprehensive assessment of your network, in order to make the best security recommendations possible. This often includes instilling new computer policies and end user awareness training for all of your employees, thus ensuring everyone is using company computers, safely and securely.
To learn more about NSGi’s managed IT services and how our user awareness training can help protect your business network, visit our website at https://www.nsgi.com/