Comprehensive Report: Internet Usage Policy, Security, and Guidelines

Verified

Added on 2020/03/04

AI Summary

This report provides a comprehensive analysis of Internet Usage Policies within organizations, focusing on security vulnerabilities and threats. It explores appropriate control measures to mitigate risks and discusses the importance of security policies in safeguarding organizational assets. The report delves into the guidelines, rules, and regulations that employees must adhere to for the organization's welfare. It examines the benefits of implementing an effective Internet Usage Policy, including improved productivity, protection against viruses and inappropriate content, and the prevention of data breaches. The methodology includes primary and secondary research, incorporating expert opinions and literature reviews to establish criteria and steps for developing and implementing an effective Internet Usage Policy. The report recommends guidelines for effective policy usage, emphasizing the need for adaptability, enforceability, and regular monitoring. It also highlights the importance of employee awareness and the use of web monitoring software to ensure compliance. The report concludes by underscoring the Internet Usage Policy's effectiveness in promoting secure, productive, and ethical internet use within a company, thereby protecting sensitive information and enhancing overall organizational performance. The report is a valuable resource for students on Desklib.

Research Report Template
Internet Usage Policy
Student Name
Student Number
E-mail Address
ABSTRACT
The main focus of this report is to analyze the security vulnerabilities and threats. This report
determines the appropriate control measures to minimize or eliminate the security risk. It
discusses about the security policy that is used by the organizations in order to protect
themselves from any security threats. The policy gives the guidelines, rules and regulations that
must be obeyed by the employees for the welfare of the organization. This report covers the
Internet Usage Policy of organizations and also sets a guideline for the effective usage of
Internet Usage Policy in an organization.
Keywords:
Internet Usage Policy
Benefits of Internet Usage Policy
Guidelines for effective usage of Internet Usage Policy
Security Policy

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

INTRODUCTION
Security policies can be defined as set of rules and regulations that is obeyed by organizations in
order to protect the organization from any type of harm. Every organization follows a set of
policies that can be used to protect the organization from security issues.
An Internet Usage Policy can be defined as a type of control. This policy controls what the
employees of an organization can access by using the internet. It also protects the users from
any content that would affect the users in a wrong way.
This report outlines the Internet Usage Policy in depth. This report clearly defines the guidelines
for the Internet Usage policy of organizations. It talks about the authorized and prohibited users.
This report also gives an effective guideline for usage of Internet in an organization.
LITERATURE REVIEW
Security Policy
Security policies are set of norms and regulations that are used for protecting information of an
individual, community or a company (Banuri et al. 2012). This policy lays down rules that are to
be obeyed by the employees of an organization. Every organization follows different security
policies as per their requirements. Violation of these rules and regulations leads to penalty. The
security policies are responsible for addressing the constraints on the conduct of the employees
of an organization (Alam and Zhang 2012). Security is a crucial factor in the present generation
of Internet. Every organization must obey it in order to protect itself from any kind of harm.
Internet Usage Policy
In this era of information and communication technology, every organization needs the access to
Internet for running the business. Internet Usage Policy is a set of guidelines that restricts the
access of internet for all the employees working in the organization (Bayuk et al. 2012). It makes
sure that the internet is used only for the purpose of business purpose. The following services
are allowed over the Internet in an organization:
 Sending files and documents for the use of business via File Transfer Protocol.
 Send or receive emails.
 Management has the control of allowing the employees to access certain services and
restrict the usage of other services.
Need of Internet Usage Policy
It has been seen that the unmonitored usage of internet in an organization affects the
organization in several ways:
 Productivity: Surfing different websites that are of no use to the business causes loss of
productivity (Berger 2014). Employees will get involved in unprofessional activities and
harm the business.
 Virus: Downloading unwanted files and documents affects the system with viruses. This
will harm the system resulting in loss of important data.

 Inappropriate content: Surfing inappropriate content over the internet causes serious
issues in the work environment. It hampers the ethics of the employees of a company.
 Transferring unencrypted business data causes serious insecurity to the business. If the
sensitive data of a business is lost then it will harm the business in several manners
(Cheng et al. 2013). The competitors can gain access to such information and outperform
the company.
The above mentioned issues require an organization to use the Internet Usage Policy.
Policy
 Resource Usage: Based on the job description and role of an employee, they will be
permitted to use the internet only for the purpose of business (Choyi and Vinokurov
2012). Change of unit of an employee to a non internet usage job will disallow the
employee form accessing the internet.
 Allowed Usage: acceptable use of internet will include certain activities like
communicating between employees for the purpose of work, downloading essential
software, reviewing vendor websites, finding technical information and to carry out
research.
 Personal Usage: Using the company’s internet for private use will lead to serious
troubles that can even cause termination of the employee (Gouflidis, Mayridis and Hu
2014). Users should store their personal data at their own risk. All companies create an
audit log that reflects the out-bound and in-bound addresses for the purpose of periodical
review.
 Prohibited Usage: Dissemination, storage and acquisition of data that is illegal and
inappropriate is prohibited (Ifinedo 2012). The company also prohibits the access to any
kind of political related information and fraudulent activities. Employees must be access
sensitive information related to the company and misuse it.
 Software License: Company adheres strictly to the license agreement that is provided
by the vendor.
 Public Information Review: Directories those are publicly writeable are reviewed and
also cleared every evening (Neisse, Steri and Baldini 2014). This also prevents the
anonymous information exchange.
 Periodical Review: To be sure about the compliance with all policies, there is a review
conducted on a monthly basis (Orr et al. 2012). Reviews are also conducted to check
the effectiveness of the usage.
Criteria for Internet Usage Policy
There are certain criteria that must be maintained in order to have a successful Internet usage
Policy. The policy must be adaptable to any kind of change in the company (Knaap and Ferrante
2012). It must be flexible to meet the goals of the organizations. The policy that is adopted must
always be enforceable (Ouedraogo, Bienner and Ghodous 2012). The policy should not be
hidden and must help the employees to remember about their activities and also the implications
if they break any rule.
Steps for developing an Internet Usage Policy

Certain steps need to be followed to carry out the development process in a company. They are
as follows:
 Initiation and establishment of the structure: First step should be to decide who will take
the responsibility of making the rules ( Pieters, Dimkov and Pavlovic 2013).
 Research and gather all information that is needed to form such a policy.
 A draft policy must be prepared.
 The policy must be circulated before implementing it.
 Ratification is needed by the board of management.
 Next step is to implement the policy.
 Monitoring is the most important step in the process and must be done on a periodical
manner.
 Evaluation of the effects of such policies must be carried out.
Benefits of the Internet Usage Policy
This policy has several advantages if they are monitored properly. Some the benefits are as
follows:
 It enables the employees to surf the Internet in a safe and secured manner.
 It makes sure that the employees are using the resources in a fair and legal manner
(Safa, Von and furnell 2016).
 The intellectual properties are protected from any kind of harm.
 It also protects the privacy (Sommestad et al. 2014).
METHODOLOGY
In order to carry out this report a secondary and primary research is done. The primary research
involves gaining knowledge from different experts. Data is collected by giving out questionnaires
to several participants and analysis of the answers provided by the participants. The secondary
research involves finding out information about several topics. The initial search was about
finding about security policy and its use. Then the details about Internet Usage Policy are learned
including the reasons for using such policies and the various types of Internet usage Policies
(Vance and Siponen 2012). Secondary research also includes finding and setting appropriate
guidelines for the effective usage of the Internet Usage Policy in an organization. Several criteria
for developing a good Internet Usage Policy is also found out via the secondary research
method. The organizations needs are found out and also the government polices that are
suitable for monitoring such internet usage as well as taking actions against any violation are
found out. The organization must be aligned the government rules and policies with the Internet
usage policy in order to protect the organization and improve its productivity. Research is also
carried out to find the benefits of the Internet usage Policy in a company in details.
KEY RECOMMENDATIONS

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Guidelines for the effective usage of the Internet Usage Policy based on the findings of
the literature review
The Internet Usage Policy should be applicable for all the employees working in an organization.
There should be certain terms and conditions for the usage of internet in an organization (Wall,
Palvia and Lowry 2013). Certain category or employees, depending on their roles and
responsibilities must be exempted from certain restrictions and usage.
 Only official messages must be communicated among the employees for the purpose of
the business operations.
 No personal usage should be allowed in order to enhance the productivity of the
business.
 The company information must be sent to the outsiders.
 The employees must be explained about the need of such policy so that they can
cooperate with the company.
 Access to any illegal data must be prohibited by the organization.
 A web monitoring software must be used to keep an eye of the activities of the users.
 If any employee is seen to violate the rules and regulations, then action must be taken
against them.
 Employees shall be allowed to use the internet for downloading files that are related to
the work and that agree with license of the vendor.
 The administration staffs should also follow certain rules and regulations and should not
access the details about any employee in the network.
 Certain websites must be blocked by the organization in order to protect the company
and its ethics.
CONCLUSION
This report concludes that the Internet Usage Policy is very effective for the proper functioning of
a company. A code of conduct is followed by obeying this policy of using the internet. Internet
usage in an organization must be restricted otherwise it hampers the productivity of the company
in a severe way. It also protects the sensitive information of the company. This report gives a
brief idea about the different internet usage policies like personal usage, resource usage and
prohibited usage. This report also gives guidelines for the effective use of the internet usage
policy in a company. This report also points out the benefits of using the internet usage policy in
a company. This report also gives a brief outline on the steps and criteria for developing an
internet usage policy.

REFERENCES
Banuri, H., Alam, M., Khan, S., Manzoor, J., Ali, B., Khan, Y., Yaseen, M., Tahir, M.N., Ali, T., Alam, Q.
and Zhang, X., 2012. An Android runtime security policy enforcement framework. Personal and
Ubiquitous Computing, 16(6), pp.631-641.
Bayuk, J.L., Healey, J., Rohmeyer, P., Sachs, M.H., Schmidt, J. and Weiss, J., 2012. Cyber security
policy guidebook. John Wiley & Sons.
Berger, T.U., 2014. Norms, Identity, and National Security. Security Studies: A Reader.
Cheng, L., Li, Y., Li, W., Holm, E. and Zhai, Q., 2013. Understanding the violation of IS security policy
in organizations: An integrated model based on social control and deterrence theory. Computers &
Security, 39, pp.447-459.
Choyi, V.K. and Vinokurov, D., Alcatel Lucent, 2012. System and method of network access security
policy management for multimodal device. U.S. Patent 8,191,106.
Gouglidis, A., Mavridis, I. and Hu, V.C., 2014. Security policy verification for multi-domains in cloud
systems. International Journal of Information Security, 13(2), pp.97-111.
Ifinedo, P., 2012. Understanding information systems security policy compliance: An integration of
the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1),
pp.83-95.
Knapp, K.J. and Ferrante, C.J., 2012. Policy awareness, enforcement and maintenance: Critical to
information security effectiveness in organizations. Journal of Management Policy and
Practice, 13(5), p.66.
Neisse, R., Steri, G. and Baldini, G., 2014, October. Enforcement of security policy rules for the
internet of things. In Wireless and Mobile Computing, Networking and Communications (WiMob),
2014 IEEE 10th International Conference on (pp. 165-172). IEEE.
Orr, D.B., Ptacek, T.H. and Song, D.J., Arbor Networks, Inc., 2012. Method and system for
authentication event security policy generation. U.S. Patent 8,146,160.
Ouedraogo, W.F., Biennier, F. and Ghodous, P., 2012, April. Adaptive Security Policy Model to Deploy
Business Process in Cloud Infrastructure. In CLOSER (pp. 287-290).
Pieters, W., Dimkov, T. and Pavlovic, D., 2013. Security policy alignment: A formal approach. IEEE
Systems Journal, 7(2), pp.275-287.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance model in
organizations. computers & security, 56, pp.70-82.
Sommestad, T., Hallberg, J., Lundholm, K. and Bengtsson, J., 2014. Variables influencing information
security policy compliance: a systematic review of quantitative studies. Information Management &
Computer Security, 22(1), pp.42-75.
Vance, A. and Siponen, M.T., 2012. IS security policy violations: a rational choice perspective. Journal
of Organizational and End User Computing (JOEUC), 24(1), pp.21-41.

Wall, J.D., Palvia, P. and Lowry, P.B., 2013. Control-related motivations and information security
policy compliance: The role of autonomy and efficacy. Journal of Information Privacy and
Security, 9(4), pp.52-79.