Question

What do you feel the main benefit of an AUP is and how could it help prevent information security breaches at an organization? List two "must haves" to include if you are creating an AUP from scratch.

Answer 1

AUP stands for Acceptable Use Policy which is a set of rules that govern how an individual is supposed to use a corporate's network or Internet. It is also used by schools to control how a student uses there resources.
It's main benefit is that it is used to ensure safe and responsible use of the computer system by all those who have accepted the AUP, and thereby prevents misuse of the network.

To any organization, it is vital to prevent security breaches and a good AUP comes handy in preventing such breaches by those who are using the computer, or network of the organization e.g. the employees of a company or the students of a school. If the access to all the data is restricted to the users, then the possibility of a breach is much reduced. So, it is a good idea to provide access to only the data which is relevant to the individual working with the computer. A AUP can be used to prevent the user from accessing the data which he or she is not supposed to gain access to. Moreover, it can also be used to restrict an user to share critical or sensitive information to other devices from the computers of an organization.

Creating a AUP from the scratch is not easy and it is important to ensure that it is full proof in order to use the AUP to prevent security breaches. As such there are several things which are a "must have" for a AUP.Two of them are:

1. Acceptable and Unacceptable Use: This contains the detailed information as to what all are considered as acceptable use and what are unacceptable use of the computer environment. This also provides a guideline of what the boundaries of usage are.
2. Breech: It describes what the consequences of a breach will be.