Would your company be more secure if all employees knew about and followed the Acceptable Use Policy?
The Acceptable Use Policy (AUP) is a cornerstone of IT security. The AUP defines how a company’s IT resources can be used. Most companies require all employees to read and sign the AUP, typically when the employee first hires on and annually thereafter.
The problem is that this is a perfunctory exercise at best. Most companies do not have a good mechanism for catching employees who violate the AUP. As a result, employees’ awareness of and level of commitment to the AUP is typically very low. In such an environment, is it no wonder that most employees feel that security is unimportant and that taking risks with IT data is acceptable.
ForeScout CounterACT lets you take a proactive stance on your AUP and provide a real sense of user participation in your security program. For example, if your organization’s AUP states that instant messaging (IM) should not be utilized, ForeScout CounterACT can be used to enforce this policy. If an employee installs IM on their company-issued computer, CounterACT can detect this, can notify the employee of the AUP violation, and can direct the employee to the intranet page where the company’s AUP is stored. Education is swift and timely. And the message is given that the organization takes security very seriously.
ForeScout CounterACT is typically purchased for network access control, but this example shows that the product is a whole lot more powerful than just NAC.
Tags: Acceptable Use Policy, AUP, CounterACT, ForeScout, NAC, P2P, peer-to-peer, Security, Security Breaches