Академический Документы
Профессиональный Документы
Культура Документы
Introduction ...................... 2
2
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
Jon Lee
CEO
Clearswift
3
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
LEGAL TIP
4
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
5
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
3. Large Files
TECHNICAL TIP
Size and Parking of Large Files: Current
Select a content monitoring solution policy for size and parking of large files
that makes it easy to ‘park’ limits the sending and receiving of files
attachments that exceed your size exceeding 33mb. However if a file is over
limits. Users should then be 10mb it will be parked during the hours of
automatically alerted to the fact, so 0800 to 1900, after which it will be
they don’t waste time repeating the released.These sizes may be changed in
mistake and trying to track down the the future to reflect differing business
cause. demands.
PRACTICAL TIP
4. Legally binding emails
Monitoring bandwidth usage is
important for keeping an eye on the E-mail communication can be as legally
heaviest users and for planning binding as a verbal or paper/written
resource allocation. communication. Therefore care must be
taken when committing the Company to any
Consider whether any departments contractual or binding actions or statements,
are more likely to send large files for example agreeing to a price for a service
regularly. At Clearswift, we create in an e-mail, or quoting a price for a product.
TECHNICAL TIP
policy supplements for specific
departments – and set our 5. Copyrighted material
Your monitoring tool should be able
MIMEsweeper filters accordingly (It to analyze content to stop
helps to have granular policy If any copyright material is to be used in an
copyrighted material, embargoed e-mail a user must ensure that they have
management!) financials or even unauthorized price the copyright owner’s written permission to
quotes from leaving the business. use the material for the intended purpose
and that it is correctly referenced. If a user is
With MIMEsweeper, you can in doubt as to whether usage is permitted
decompose an email to identify any they should contact their line manager to
hidden materials and use the lexical discuss the matter further.
analysis, patterns or fingerprinted
information to identify policy 6. Inappropeiate emails
breaches. Based on the information
gathered by the content analysis Users must report any instances of
engine MIMEsweeper then inappropriate or offensive e-mails they
nominates different managers to be receive or become aware of to their line
alerted to different kinds of breaches. manager immediately, except where users
For instance, you could alert the are subject to Supplementary Guidelines,
sales manager to any price quote which cover technical or marketing
being sent out. activities.
6
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
7. Duty of care
PRACTICAL TIP
All users have a duty of care to the
Signatures can be used to help Company. Therefore if a user is aware of
differentiate company email from any breaches of this Policy they must refer
personal messages. This can be the matter to the Regional IT Manager, their
extremely important in compliance Line Manager or the Regional HR
cases. representative immediately.
8. Signature policy
7
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
8
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
MIMEsweeper handles internal email “This internal email has been scanned by
from the same management console MIMEsweeper for Exchange, in accordance
as the gateway filters ensuring with the latest E-mail, Internet and Personal
consistent, centrally deployed policy. Computer Acceptable Use Policy, for
Just add Exchange manager to the Security Breaches, Compliance, Loss of
MIMEsweeper for SMTP product. Reputation, Business Performance and
Legal Liability.”
9
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
14. Profanity
TECHNICAL TIP
Profanity refers to any words or list of words
Can your content monitoring solution that may give cause for offence. Clearswift
monitor profanity in many is actively scanning and monitoring e-mail
languages? for profanity, if this is detected you may
receive the following information message:
Also, you may not want to expose
your IT staff to profanity abuses – it’s Inbound:
not really their job. MIMEsweeper “An e-mail intended for you has been
lets you choose the department classified as containing profanity and may
alerted to each type of breach. So therefore be in breach of the Company’s
The HR department might be better e-mail policy. The e-mail has been sent by
able to deal with illegal or profane <sender> and on the subject of <subject
content. header>.
10
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
11
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
12
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
21. Spamming
13
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
14
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
1. Internet access
15
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
3. Blogs
PRACTICAL TIP
TECHNICAL TIP
16
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
5. Downloading Software
TECHNICAL TIP
Extreme care must be exercised when
MIMEsweeper can tell employees considering downloading any information
why access to a particular website from the Internet. The following questions
has been blocked, referring them must be considered by a User:
back to the policy they signed.
Do I have the express permission of the
owner of the information/graphics
/software to download and use it as I
wish? Downloading without the owner’s
PRACTICAL TIP permission will amount to copyright
infringement.
A policy on Freeware and Shareware
is important. They’re a major source Do I need a software license to
of security problems, especially use/download the software? If a license
spyware and adware. Of course, is necessary for business purposes
your most educated users, like the IT users must contact the IT Department to
department, may need to download gain approval before installing and
shareware – make sure your policy accepting any license terms. Users have
and filtering technology allows for a duty of care and should not evaluate
this. or install software on Corporate systems
unless they have ensured that the
license terms are complied with.
Unlicensed software could create a
liability for the company.
17
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
1. Profanity
TECHNICAL TIP
Clearswift is actively scanning and
Viruses often hide in popular file monitoring access to the Internet for
types, waiting to be downloaded profanity, if this is detected you may receive
from the web. Scanning for known the following information message:
viruses is important, but so is filtering
the entire file to detect unknown “The URL you have requested has been
artifacts with all the hallmarks of blocked by MIMEsweeper for Web because
malicious code. it contravenes the company Web Policy with
regard to profanity.
If you feel this page shouldn't be subject to
this policy, or is essential for work, then
please contact IT support.”
4. Registering on
PRACTICAL TIP
18
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
5. Monitoring
PRACTICAL TIP
Clearswift monitors and scans all internet
Many policies we’ve seen don’t access via browser access (including
cover the use of wireless networks, personal emails via web browsers) this is
PCs and laptops. As you can see, carried out either randomly or where the
the right policy here can prevent a lot Company considers there is a valid reason
of the problems that later crop up in for doing so, this may include but is not
web or email use. limited to, the following:
19
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
20
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
1. Laptop backup
4. System configuration
PRACTICAL TIP
Users must not alter or interfere with the
Lexical analysis templates allow you system configuration, which includes
to easily control the unauthorized configuration of hardware, software, the
dissemination of PII (Personally network and peripherals except in the
Identifiable Information) and comply course of business and after approval from
with PCI regulations. the IT department.
5. System covers
11. Passwords
22
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
17. IT administration
23
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
24
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
25
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
1. Remote Access
2. Secure access
26
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
5. Personal networks
6. Teleworking
7. Non-standard hardware
27
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
1. Confidential data
TECHNICAL TIP
All data related to Clearswift employees is
considered confidential, including but not
MIMEsweeper pattern matching can
limited to:
also be set to recognize specific data
to prevent unintentional and
Employee names, home addresses and
deliberate leaks of social security
personal contact details
numbers, customer data, credit card
numbers, etc.
Social security/National Insurance
numbers or similar
Banking details
Health records
2. Employee data
TECHNICAL TIP
28
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
4. Customer data
LEGAL TIP
All data related to Clearswift customers is
Check the local data protection laws considered confidential and is protected
wherever you do business to make by Data Protection legislations. The
sure your policy complies. company can be prosecuted and fined for
any breaches to these regulations.
Customer data includes but is not limited
to:
29
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
30
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
31
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.
A practical guide for creating an
Email & Internet Usage Policy
Contact Clearswift
United States Spain Australia
100 Marine Parkway, Suite 550 Cerro de los Gamos 1, Edif. 1 Ground Floor, 165 Walker Street, North Sydney,
Redwood City, CA 94065 28224 Pozuelo de Alarcón, Madrid New South Wales, 2060
Tel: +1 800 982 6109 | Fax: +1 888-888-6884 Tel: +34 91 7901219 / +34 91 7901220 | Fax: +34 91 7901112 Tel : +61 2 9424 1200 | Fax : +61 2 9424 1201
© 2007 Clearswift Ltd. All rights reserved. The Clearswift Logo and Clearswift product names including MIMEsweeper™, MAILsweeper™, e-Sweeper™, IMAGEmanager™, REMOTEmanager™, SECRETsweeper™, ENTERPRISEsuite™, ClearPoint™,
ClearSecure™, ClearEdge™, ClearBase™, ClearSurf™, DeepSecure™, Bastion™ II, X.400 Filter™, FlashPoint™, ClearDetect™, ClearSupport™, ClearLearning™ and SpamLogic™ are trademarks of Clearswift Ltd. All other trademarks are the property of
their respective owners. Clearswift Ltd. (registered number 3367495) is registered in Britain with registered offices at 1310, Waterside, Arlington Business Park, Theale, Reading, Berkshire RG7 4SA, England. 06-07
32
Clearswift Toolkit Series
© 2007 Clearswift Limited. All rights reserved.