,

Do you know your acceptable use policy?

acceptable use policy

Human error is the leading cause of data breaches. In response, the Information Commissioner’s Office (ICO) has produced a handy toolkit to help employees understand the importance of information security.

By sharing some of the tips included in this, we hope to raise awareness of the importance of this issue. And help organisations across the UK improve their data protection processes.

Tip: Is this acceptable use? Make sure you’ve read your internal policy

 

What is an acceptable use policy?

Recently, there have been changes to the rules covering the use of technology. So, it’s more important than ever that employees understand their data protection responsibilities.

An acceptable use policy (AUP) helps to make sure that everyone knows what is and isn’t acceptable when it comes to using digital technology. As such, an AUP should cover things like:

  • Use of email and web for personal purposes
  • The types of sites that are forbidden
  • Use of video/audio streaming
  • Restrictions on downloading files
  • Policies for sending bulk emails. For example, making sure staff use the bcc function, so email addresses are not disclosed
  • Guidance on logging off or locking devices when not in use
  • Guidance on physically storing mobile devices to minimise loss by theft.

The AUP should also set out the process and potential consequences for any infringements.

Quick tips

  • Employers must understand the importance of data protection
  • Employers should make sure that an AUP is in place to ensure the safe processing of information. Both in and out of the office
  • In many cases, data breaches can be avoided by staff abiding by the AUP. But it is up to employers to make sure that all staff receive regular data protection training, This will make sure they understand the potential consequences of breaching data protection laws
  • An AUP should be updated regularly to make sure it complies with advancements in data protection legislation
  • Robust reporting measures and processes should be established to respond to any breaches of the AUP.

Not just hackers

Cybercriminals are not the only cause of data breaches. For more advice on how to keep your data safe, follow our #NotJustHackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses. Or give us a call to discuss your case in more depth.