Corporate Acceptable Use Policy - Case Study Example

Corporate Acceptable Use Policy Overview AT&T Inc. is a leading American global telecommunication services and holding company. AT&T is considered as a leading provider of telecommunication services not only in the United States but also all over the world. The products and the services delivered by the company comprise wireless communication, broadband and internet services, telecommunication tools, directory advertising and managed networking. The four major services that the company strictly focuses on include business, broadband, consumer and wireless services (Reuters, 2012). The paper intends to discuss the purpose of Acceptable Use Policy (AUP) developed by AT&T for its employees. The Purpose of an Acceptable Use Policy An Acceptable Use Policy is a collection of particular rules and policies which are implemented by the network and websites managers in order to enact certain restrictions regarding the utilization of available websites and networks. Most of the times, AT&T is found to be committed towards obeying the government rules and regulations regarding the utilization of online sources, e-mail transmission and text messaging. The company always focuses on protecting the AT&T’s network and its online sources without getting interferences from the hands of the other users. In order to fulfill these overall objectives, AT&T implements AUP in every facet of its service operations. Through the utilization of Internet Protocol (IP) services, customers agree to follow the AUP of the company in order to uphold the companies’ responsibility towards the customers. AUP of AT&T offers easy internet access, hosting services and also delivers internet or wireless data network to its end-users (AT&T Intellectual Property, 2012). Confidentiality, Integrity and Availability (CIA) are three basic attributes of Information Security. In order to maintain confidentiality, AT&T has designed its Identification (ID) process in such a way so that the users are bound to access protected internet sites within AT&T service accounts. Through ‘AT&T access ID’ users can create account with their names and individually selected password that facilitate them an easy access regarding any of the internet sites. According to the terms and conditions of AT&T, if users or employees can create access ID then it is not only beneficial for the company to maintain its confidentiality but also for the users to protect their personal account from the hands of the other users. Regarding privacy, the company is fully committed that they will protect users’ privacy and safeguard their personal information in an efficient manner (AT&T Intellectual Property, 2012). . AUP of AT&T provides strong integrity by which the company’s employees are liable to maintain proper utilization of network services. According to AUP, employees must uphold integrity in order to avoid hacking and misuse of product resources by which the company may secure its network system. As per the AUP rules, employees should make proper use and have limited access to the company’s resources and must provide services at right time by which AT&T can maintain integrity towards its network security. In addition, AUP directs that the company’s system administrator should have a proper access to system files in order to maintain integrity of computer network system (AT&T Intellectual Property, 2012). With regard to AUP, employees must not disclose the private information, software and system files regarding the company’s network services to any third party. AUP provides restrictions to the employees that they should not misuse the availability of the company’s essential resources. Moreover, the employees should not share the essential information regarding the company’s services with their relatives and friends by which it can protect its availability of resources from the hands of the third party users (AT&T Intellectual Property, 2012). Recommendations for Improving AUP In order to improve AUP, AT&T should maintain and follow certain legal rules as well as policies of government regarding its services delivery. AT&T may develop its own service software in order to provide more secure connection to the users by which it can effectively maintain its integrity and confidentiality regarding its service network. In addition, the company should impose certain restrictions regarding the utilization of software to the employees by which it would only provide the legal rights to the higher authorities for limited access of software. Moreover, the company should impose legal trademarks upon its products and services so that competitors might not easily imitate them. Through these methods, the company can improve its AUP and secure its products and network services. Methods to Ensure Compliance with the AUP to Mitigate Risk Exposure and Minimize Liability and AT&T’s Approach In order to comply with AUP policies, AT&T strictly prohibits the utilization of IP services in order to avoid interfaces, illegal and misuse of its computer systems and network services. In this context, the company strictly follows the guidelines of AUP, through which it maintains its privacy commitments very seriously. AT&T will not disclose users’ information to anyone for any reason. AT&T effectively maintains its privacy policy through the proper registration of the users. In order to maintain privacy, the company always focuses on the aspect that the users should provide accurate, relevant and complete information at the time of registration (AT&T Intellectual Property, 2012). . Moreover, AT&T generates various types of personal feedbacks from the end-users regarding the utilization of products and services in order to ensure that its service information is protected from the hand of third party users. The company accumulates four types of information such as billing information, website usage, contact information and technical information in order to make secure its services and users’ access. Through this kind of information, the company makes secure its product information, network services and system files. Moreover, it always monitors and evaluates users’ location information through wireless network in order to analyze whether or not users are maintaining proper access of network services. In addition, the company provides services only to those users who have proper registration with the AT&T policies regarding the wireless communication, internet services and digital TV networks (NSW Department of Finance and Services, 2012). Methods for Increasing the Awareness of the AUP, and the Other Policies within the Organization An organization such as AT&T should increase internet security and its usage among the staff of information system department. Moreover, the organization should enhance awareness regarding privacy which ought to be maintained by every level of employee. Every organization should organize awareness creating activities about the operational procedures, proper usage of internet and effective strategies to maintain privacy of system files. In order to increase awareness regarding the AUP guidelines, an organization such as AT &T should certainly impose restrictions or penalties regarding the privacy so that employees and other staff do not disclose any type of system files, software and information to the third parties. In addition, the company should frequently evaluate its services in order to avoid illegal utilization of its network systems and also make users aware so that they always utilize password protected internet sites. AT&T might use certain technologies for increasing the security awareness such as web-based instructions, e-mail messages, videos and newsletters (San Francisco State University, 2012; NSW Department of Finance and Services, 2012). References AT&T Intellectual Property. (2012). AT&T privacy policy. Retrieved from http://www.att.com/gen/privacy-policy?pid=2506 AT&T Intellectual Property. (2012). AT&T terms of use. Retrieved from http://www.att.com/gen/general?pid=11561 AT&T Intellectual Property. (2012). AT&T Acceptable Use Policy. Retrieved from http://www.corp.att.com/aup/ AT&T Intellectual Property. (2012). AT&T Acceptable Use Policy ("AUP"). Retrieved from http://www.att.com/gen/webhosting?pid=10336 NSW Department of Finance and Services. (2012). Acceptable Use Policy. Retrieved from http://www.services.nsw.gov.au/sites/default/files/files/policy_docs/DSTA_Acceptable_Use_Policyv3.pdf Reuters. (2012). AT&T Inc: Full description. Retrieved from http://in.reuters.com/finance/stocks/companyProfile?symbol=T.N San Francisco State University. (2012). Acceptable Use Policy. Retrieved from http://doit.sfsu.edu/information-technology-resources-acceptable-use-policy#main Read More