What is an acceptable use policy?

An acceptable use policy is a document that contains rules and policies that someone must agree and follow before joining a network, organization, or something that is similar.  Most businesses or institutes for educational purposes require employees or prospective students to sign an acceptable use policy before being accepted to the team.  Because of the information technology (known as the IT) perspective, an acceptable use policy makes it clear what someone can and can’t do when using forms of technology and other resources.  This is the rule regardless of whether the technology has been already provided or if it is personal.  One of the main rewards of the acceptable use policy is that it states what are acceptable and unacceptable rules and standards of behavior for employees or students.  If these rules are not met, employees will be subject to consequences.  Some rewards for the acceptable use policy include informing employees of the rules right away, protecting against legal action, limiting the personal use of an organization’s sources, assisting with cost control, and protecting one’s own reputation when faced with problems.


Elements surrounding Acceptable Use Policy

One thing that is similar to acceptable use policy are Internet Service Providers.  These are used to require people to sign an acceptable use policy.  This connects to the service legal agreement between the internet service provider and whoever the customer may be.

There are around nine key elements surrounding the acceptable use policy:

  1. Not using the service in any violation of the law
  2. Not trying to disrupt the information of any computer network, such as utilization of the internet
  3. Not posting commercial messages to usenet groups without prior approval
  4. Not sending junk emails or spam to people who do not want to receive them
  5. Not attempting to letter bomb
  6. Not attempting to steal intellectual property
  7. Requiring users to report an attempt to break into their account
  8. Being aware that consequences will be made if the acceptable use policy is in any way violated
  9. Knowing that the acceptable use policy relates to information technology and periodic audits

It is important to note that acceptable use policy is used in a variety of ways. Here are a few examples of how they are used:

  1. Social Media: Acceptable Use Policy sets standards on how people should use social media sites and what also should not be said about the businesses and companies.
  2. Internet Use: Policies typically go over if an organization’s computer systems can be used only for businesses.  They are not allowed for personal usage, such as gaming, emails, gambling, texting, or any non-related work activities.
  3. Cybersecurity: An acceptable use policy shows the rules that are related to an organization’s information technology policy.  These are rules about restricted information, access to data such as passwords, emails, public Wi-Fi services, and more.
  4. Non-Employee users: There are policies set on how non-employees utilize company information systems and other network resources.
  5. Accessing private or confidential information: Audience Use Policies prevent users from unauthorized access or usage to private information that has not been approved.
  6. Bring Your Own Device.  Many organizations allow or require employees to use their own devices for business related purposes.  In Bringing Your Own Devices, Acceptable Use Policies is essential for stopping security problems and misunderstandings regarding how the devices are to be used properly.


There are various practices and policies in order to know and figure out how acceptable use policies are followed properly.  Signing an acceptable use policy could be mandatory for employee contracts.  It mainly occurs during the employee onboarding process with the employees already a part of the organization.  However, it is important for employees to remember and be aware of their responsibilities to understand and comply with the standards in the acceptable use policy.  There are many factors that help with this.  One of the factors includes working with the company legal department in order to make sure the acceptable use policy addresses problems appropriately.  A second factor includes having written policies avoiding jargon and confusion within the writings.  A third factor is having classes in order to instruct the rules of the acceptable use policy.  A fourth factor is making sure employees’ knowledge is tested appropriately.  A final factor is going back to appropriate language.

Reviewing Acceptable Use Policies

An acceptable agreement policy is an agreement between two or more parties to a computer network security community.  This community shows their intent to follow a list of behaviors and standards regarding technology and software.  The rules are typically created and established by an owner of a company, whether it be a website, online network, website or another type of community.  An acceptable use policy is made in order to reduce the probability of legal action by businesses, schools, and other communities.  Because of all this, an acceptable use policy provides expectations for proper behavior.

Acceptable use policy documents are similar to End-user License Agreement texts that are discovered on all software applications.  Despite this, there are still some differences.  Acceptable use policies stress the importance of proper etiquette for their users.

Connection to IT Security

Acceptable use policy relates to computer security in a number of ways.  This includes managing passwords, online intellectual property, and software licenses.  International etiquette is also mentioned and related.  They also deal with the excessive usage of system resources, and an example is unnecessary traffic due to video games and other activities.

Acceptable Use Policies’ Intended Subjects

Acceptable Use Policies, as mentioned, are helpful when it comes to new members joining an organization, establishment, or network.  Because of this, acceptable use policies discuss how important what kind of behavior is allowed and what is not regarding the usage of a company’s IT system.  It is also important that acceptable use policies are used to protect people from becoming a bad influence.  These are used in various institutions.  These policies and rules often relate to business interests.  And again, users have to agree to the terms in all of these policies.  Acceptable use policies also have to be short and sweet.


More information regarding acceptable use policies is that they are a huge part of the monitoring procedure, which can be an effective factor in identifying abusers among employees in a particular organization.  It is also important to remember that monitoring the Internet and emails is considered legal if the employer has told his employees.


Regarding schools, it can be noted that a district’s monitoring of student internet usage can show all of what the student has searched and done using the District’s Internet system.  Monitoring of the District’s Internet System could show that the student has broken the policy.  Individual searches and inspections can also be done by the district and even the law.  There is even more information about acceptable use policies when it comes to the internet.  Acceptable use policies dive into many network monitoring strategies.  One of the first strategies is scanning server logs to find if the user has been to any inappropriate or non-related work websites.  Another one is through scanning emails.  A third one regards disk space on shared network drives.  A final one is installing filter softwares which could block other websites.


Expanding even more, policies that involve discrimination of races or religion and email archiving are stipulated by laws and other regulations.  Some of these laws include sexual harassment or smoking in areas not permitted and considered unethical.  It is important to know that all of these can be shown in acceptable use policies.  Other pieces of advice include making honesty the best it can possibly be.  Another piece of advice can include identifying particular figures in an organization.  We have to make sure to avoid various biases in this and all acceptable use policies.  Favoritism has to be thrown out of the picture as well.  Basically, acceptable use means being respectful to those who have computer rights and showing honesty and integrity to facilities and other organizations.


Regarding the range and amount of coverage in acceptable use policies, it can vary in a number of ways.  This can apply to users, regions, systems, departments, software or data that is employed or connected to the owner’s network and computer systems.  It is important to be aware of the scope of the policy.  First off, this policy applies to Internet access only.  It does not dive into the requirements, standards, and procedures for the development for information sites on the Internet.  There are many Departmental Internet Users in this policy.  The first is full or part time employees of the Department of the Interior.  The second is volunteers who are authorized to use the Departmental resources to access the Internet.  The third is Departmental contractors who are authorized to use facilities and equipment that is owned by the government.  This policy also distinguishes between Internet access during normal working hours and those that are personal.  As mentioned, the policy applies to Internet Access within the government facilities and all their equipment.


Above is the most important information in the policy.  All of those requirements are what users most follow through with.  There will also come a list with activities and other things that are not allowed.  It is important to remember that the most important part of an acceptable use policy is respect and ethics.  Because of this, acceptable use policies rely solely on good behavior.  One of the parts of policy is enforceability.  The acceptable use policy statement is very clear about the laws the acceptable use policy wants to follow.  Most people view this policy as being enforced at all times.  Besides this, there is another part of policy.  The second part is known as standards.  There are various standards where the policy is watched in order for the rules to be consistent.  The standards here should be made and aware of instantly.  Users are expected to be well aware of this.  The third part of policy is known as the code of conduct (violations of policy) and sanctions.  This means that any act of dishonesty, inappropriate behavior or anything similar will result in an automatic consequence and a way to make it write and to fix it.  This can also mean behaviors that create and distribute material that is considered obscene, offensive, indecent, causing inconvenience, annoyance, or anxiety to its staff and others.  A huge example that is common is known as cyberbullying.  

Students are not to engage in any forms of cyberbullying considered by the District.  Examples of cyberbullying can include threatening or harming another person, assaults that are verbal known as name-calling, manipulation, and online messaging.  Social cruelty is also a big example here.  Basically anything that makes someone feel uncomfortable on the internet should be considered a form of cyberbullying.  Another key example is posting information that is considered private.  Forms of retaliation are also considered inappropriate.  Other important information to be aware about is unsolicited communications, privacy and personal rights, user-generated content services, security, inappropriate content, and disclaimers.


If there are violations of these policies, sanctions will be brought into play.  Sanctions that can be created include temporary or permanent removal of content, suspensions, or even losing your job if the violator is an employee.  It is also important to remember that access to the Internet is a privilege and should not be abused.  It is not a right.  We also have to remember that acceptable use policies include many forms of communication, such as text, photographs, illustrations, and all recordings.

Final Thoughts

Based on this information, an acceptable use policy is one that has many components.  An acceptable use policy also has many standards to follow, and it is important that we remember all of them.  An acceptable use policy should state who is in charge and the owner, get rid of and delete any inappropriate forms of behavior, make this strictly business and not include side information, clearly state the components, and be considerate of remarks from others.