TechWhirl (TECHWR-L) is a resource for technical writing and technical communications professionals of all experience levels and in all industries to share their experiences and acquire information.
For two decades, technical communicators have turned to TechWhirl to ask and answer questions about the always-changing world of technical communications, such as tools, skills, career paths, methodologies, and emerging industries. The TechWhirl Archives and magazine, created for, by and about technical writers, offer a wealth of knowledge to everyone with an interest in any aspect of technical communications.
Dick Margulis wrote:
>
> Merv,
>
> This topic just came up today, coincidentally. If you are aiming for a comprehensive
> policy, you want to include an agreement/acknowledgment that all employees sign and
> that specifies proscribed behaviors.
>
> The range of behaviors you have to address includes, but is not limited to:
>
> What software it is permissible to install on a company-provided computer, along with
> related licensing issues
This should include some mechanism for getting approval of pieces of software you
need. The list cannot be static, defined in the policy. There must be a mechanism
for adding to it.
It should also deal with the question of who is authorised to download and install
open source software on which machines. Generally there is no licensing issue there,
but there may be security issues.
> What the limits are on personal business that can be conducted (okay to check your
> personal email account? execute brokerage trades? read the news? do the books for a
> charity? for your spouse's home business? print wedding invitations? print business
> cards for your own home business?)
>
> What the limits are on the use of the Internet for downloading and uploading (Napster?
> Porn? Hate literature?)
These may not belong in security policy, though they do belong somewhere.
> Personal responsibility for maintaining virus protection and not opening weird
> attachments
To some extent this can be dealt with at the server level, e.g. ussing "MIME defanger"
from www.roaringpenguin.com to remove dangerous attachments.
> Personal responsibility for machine maintenance (defrag, archiving, ...)
Not a security issue, I'd say.
> Use of the company network for sending unsolicited email for personal or business purposes
>
> Use of the company network for hacking into competitors' networks or conducting other
> illegal business activities
>
> Circulating chain letters,
Firing offenses, I'd say.
> bogus virus warnings,
Provide a channel to an admin to catch these. Make it very clear that "warnings" should
go only to that admin. Provide links to hoax reference sites:
> jokes (okay jokes, not-okay jokes) within or outside the company
I'd say political correctness does not belong in a security policy.
On the other hand, it may be appropriate to mention that anything sent from the
work address that might embarass the company should not be sent.
In some companies, you should also notify employees that mail sent from work is
archived on the server and what the policies are for access to that archive.
For example, in the event of complaints from recipients, the archive will be
checked and the employee disciplined if ...
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Develop HTML-Based Help with Macromedia Dreamweaver 4 ($100 STC Discount)
**WEST COAST LOCATIONS** San Jose (Mar 1-2), San Francisco (Apr 16-17) http://www.weisner.com/training/dreamweaver_help.htm or 800-646-9989.
Sponsored by ForeFront, Inc., maker of ForeHelp Help authoring tools
for print, WinHelp, HTML Help, JavaHelp, and cross-platform InterHelp
See www.forehelp.com for more information and free evaluation downloads
---
You are currently subscribed to techwr-l as: archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit http://www.raycomm.com/techwhirl/ for more resources and info.
