Acceptable Use Policies
Acceptable use policies were born in the early days of IT, as the capabilities of computer systems grew enough to include the potential for misuse. Acceptable use policies differ widely but they share a few common characteristics:
- Are created by the IT team or network managers.
- Outline permissions and restrictions for network usage.
- Define what users can and cannot do.
- Are developed with specific technologies, data, content or usage in mind.
- Place responsibility on the organization, IT team or network manager to maintain and update.
As the pace of technology has increased, IT teams could no longer stay one step ahead of the latest developments. At the same time, users increasingly demanded the ability to use their own devices to access the same tools and content in the workplace they can at home.
The “bring your own technology” (BYOT) trend that resulted has taken the organization’s most valuable data and dispersed it across a wide variety of highly portable connected devices—managed by the users themselves—that can be easily stolen, lost or compromised.
Responsible Use Policies
As a result, the integrity of the organization’s IT infrastructure and data can’t just be the responsibility of the
IT team anymore: Everyone has a role to play. To reflect that change, the acceptable use policies of the past have transformed into the responsible use policies of today. Responsible use policies also have some common characteristics:
- Are created by a cross-functional team that includes IT, legal, human resources and others.
- Offer guidance about resource usage.
- Give the users freedom to use resources in a responsible manner.
- Apply to current and future technologies, devices, applications or content.
- Place responsibility on the individual user to help maintain integrity of the network, the user’s devices, and any applications and data on them.
What Avnet is Doing
Avnet’s Global Information Security Policy (GISP) reflects this evolution from an acceptable use policy to one that embraces responsible use characteristics. This document is reviewed and revised annually to reflect the latest changes in technology, usage models, legislation and regulations worldwide, then translated into 15 languages. As a result, every Avnet employee can clearly understand the role they play as a responsible user of Avnet IT resources.