The topic for research is Information Security Policies.
Sections of these policies include
- Internet Acceptable Usage Policy
- eMail Acceptable Use Policy
- Malicious Software Protection Policy
- Network Security Policy
- Physical and Environmental Security Policy
- Information Security Awareness Policy
- Data Classifification Policy
Select one of these sections to research and fifind 4 relevant papers which assist someone developing a policy.
In their general definition, acceptable use policies are written documents stipulating out both the restrictions and practices regarding the usage of organization technology. They describe various activities which employees are allowed and others restricted to do using the organization networks, systems as well as computers. Drawing from that perspective, therefore, an email acceptable use policy can be defined as the set of employees’ responsibilities while using email within the organization premises.
Different authors have contributed differently to enable the understanding of email acceptable use policy and that has enabled the readers to understand this policy from a different perspective. This paper scrutinizes four journal articles about email acceptable use policy and which are:
- Decision Support and Business Intelligence Systems.
- Salmonid habitat modeling studies and their contribution to the development of an ecologically acceptable release policy for Kielder Reservoir, North?east England.
- Analysis of end-user security behaviors.
- Organizational behavior: Understanding and managing life at work.
In this paper, the main aim of Turban, Sharda, and Delen was to enlighten people on how adoption of email acceptable use policy by employees of an organization could protect such an organization from unnecessary liabilities. Turban and his fellow researchers had their eye mainly on the current trends in cybersecurity where any activity online should be taken seriously as it may haunt a business venture in the future. The first step Turban and his fellow researchers proposed in regard to adopting this policy in an organization setting were to enlighten the organization employees on what the policy was all about. In this step, they could make sure that employees understand what they can do and what not allowed to do in regard to email usage within the organization setting. After reading and signing the email policy, employees would prove that they were aware of and agreed to what the policy entailed. So, if any inappropriate email according to the policy was to be sent, the individual employee who sent the email would be held responsible for the damages or suits caused by such an email and not the whole organization.
Considering the current trends in cyberbullying and how cybersecurity laws have been tightened to curb the practice, this article is of much help to both the already established business organizations as well as the startups. This is because a violation of cybersecurity laws either through cyberbullying or other forms may haunt or highly cost the organization progress just by a mistake done by a single employee.
Gibbins and Acomley in this article aimed at enlightening the readers on what Email Acceptable Use Policy entailed in an organization. In their article, they defined email acceptable use policy as a written document which outlined both the allowed practices as well as the restrictions to employee’s mail access and usage using organization computers, systems, and networks. They considered trends in cybersecurity as the main reason behind the adoption of email acceptable use policy by many organizations.
In their description, they presented mail service as a great platform for business organizations since it could act as a communication channel as well as an advertising media. For these two reasons and others, they considered blocking the platform within the organization network as unwise. On the other hand, they scrutinized the expected risks out of unregulated email usage within the organization setting and concluded that email acceptable use policy was enough to mitigate those risks.
They gave a list of some of the email usage trends which were supposed to be restricted by the policy. Among them were: sending emails with offensive content. Some of the offensive content they considered in this point was insults and threats to either other people, group of people or even organizations. They pointed out that the practice could easily attract suits if the victims approached the matter through the law. Such could, therefore, attract high penalties which could be directed towards the organization as a whole if the email acceptable use policy had not been enacted.
Keenly looking at this article, it is very clear that Gibbins and Acomley achieved the main aim of their article. This is because the article sufficiently explained the policy in a detailed manner that could be understood by even the novice readers without any basics in organization policies.
In this article, Stanton, Stam, Mastrangelo, and Jolton centered their concern on explaining why business organizations needed to implement email acceptable use policies in the current times like never before. The first thing they considered was the policy’s ability to keep the organization productive and efficient. They set it clearly that email acceptable use policy gave organization recourse in a case where an employee violated the policy resulting in negative impacts on productivity.
In addition to that, they outlined that an email acceptable use policy would make organization operations more efficient through email archiving. In this instance, they gave an example of a situation where the organization faces accusation in the court of law by either an individual, group of people or even another organization in regard to an order violation which was carried out using an email under the organization network. Email acceptable use policy which allows message archiving will allow easy access to older messages.
To sort such issues, messages will, therefore, be audited to affirm the claims and single out the concerned person if the claims are found to be valid. Also, if emails are used exclusively for organization business purposes, the organization doesn’t have to go through individual messages to extract those important for the business. Finally, it gives management the rights of monitoring messages to make sure employees don’t engage in activities which are detrimental to organization well-being.
Stanton, Stam, Mastrangelo, and Jolton had their concern addressed clearly by ironing out all their main points and which would easily convince any business organization go the way of email acceptable policy especially for sustainability purposes
In this article, Johns and Saks addressed both what Email Acceptable Use Policy entailed in an organization and its significance in regard to protecting organizations from unnecessary liabilities. They defined email acceptable use policy as a written document which outlined both the allowed practices as well as the restrictions to employee’s mail access and usage using organization computers, systems and networks Johns and Saks mainly considered the current trends in cybersecurity where any activity online should be taken seriously as it may haunt a business venture in future.
The first step Johns and Saks proposed in regard to adopting this policy in an organization setting was to enlighten the organization employees on what the policy was all about. In this step, they could make sure that employees understand what they can do and what not allowed. After reading and signing the email policy, employees would prove that they were aware of and agreed to what the policy entailed. So, if any inappropriate email according to the policy was to be sent, the individual employee who sent the email would be held responsible for the damages or suits caused by such an email and not the whole organization.
Comparing the four articles
The four articles have several aspects which are common in the manner email acceptable use policy has been addressed. First of all, contrary to what is expected in many policies, this policy has not witnessed any opposition in regard to its impacts on the organization operations in the four articles scrutinized in this paper. Secondly, the four articles have emphasized on its usefulness within a business organization, although in different perspectives and that is an indication that the policy should be considered by any business organization in this era of economic fluctuations.
Gibbins, C.N. and Acornley, R.M., 2000. Salmonid habitat modeling studies and their contribution to the development of an ecologically acceptable release policy for Kielder Reservoir, North?east England. Regulated Rivers: Research & Management, 16(3), pp.203-224.
Johns, G. and Saks, A.M., 2001. Organizational behavior: Understanding and managing life at work.
Stanton, J.M., Stam, K.R., Mastrangelo, P. and Jolton, J., 2005. Analysis of end-user security behaviors. Computers & security, 24(2), pp.124-133.
Turban, E., Sharda, R. and Delen, D., 2010. Decision Support and Business Intelligence Systems (required). Google Scholar.