Internet Acceptable Usage Policy: Arguments & Perils

Organisations are now aware of the need to control employee usage of the Internet. An Internet acceptable usage policy contains guidelines for employees indicating both acceptable and unacceptable Internet usages, with the intention of controlling employee behaviours and actions which contribute to the incidence and severity of the organisation’s Internet risks. This paper explores the arguments for an organisational Internet acceptable usage policy, while cautioning about the ineffectiveness of such policy as a solitary Internet security management measure. A case study illustrates the need for these types of policies as well as for supporting infrastructure, within organisations.

[1]  Ulrich Kohl,et al.  From Social Requirements to Technical Solutions - Bridging the Gap with User-Oriented Data Security , 1995 .

[2]  Edward A. Cavazos,et al.  Cyberspace and the Law: Your Rights and Duties in the On-Line World, Edward Cavazos and Gavino Morin. 1994. MIT Press, Cambridge, MA. 220 pages. ISBN: 0-262-53123-2. $19.95 , 1994 .

[3]  S. U. Hartmann Comprehensive Information Technology Security: A New Approach to Respond Ethical and Social Issues S , 1995 .

[4]  Paula M. C. Swatman,et al.  Effective Internet Acceptable Usage Policy for Organisations , 1997 .

[5]  R. Yin Yin, Robert K., Case Study Research: Design and Methods, 2nd ed. Newbury Park, CA: Sage, 1994. , 1994 .

[6]  Blaise Cronin,et al.  The internet and competitive intelligence: A survey of current practice , 1994 .

[7]  Charles Cresson Wood,et al.  Writing infosec policies , 1995, Computers & security.

[8]  Barbara Fraser,et al.  Site Security Handbook , 1997, RFC.

[9]  Gregory R. Doddrell Information security and the Internet , 1995, Inf. Manag. Comput. Secur..

[10]  Lisa R. Klein,et al.  The Internet and International Marketing , 1996 .

[11]  Sharman Lichtenstein,et al.  Developing Internet security policy for organizations , 1997, Proceedings of the Thirtieth Hawaii International Conference on System Sciences.

[12]  Louise Yngström,et al.  A Holistic Approach to IT Security , 1995 .

[13]  Frederick B. Cohen,et al.  Protection and Security on the Information Superhighway , 1995 .

[14]  William Cheswick,et al.  Firewalls and Internet Security , 1994 .

[15]  Young,et al.  The Ernst & Young International Information Security Survey 1995 , 1996, Inf. Manag. Comput. Secur..

[16]  Douglas W. Brockway Knowledge technologies and business alignment , 1996, Inf. Manag. Comput. Secur..

[17]  Stephen D. Crocker,et al.  Guidelines for the Secure Operation of the Internet , 1991, RFC.

[18]  John C. Condon,et al.  An Introduction to Intercultural Communication , 1985 .

[19]  Kai Rannenberg Recent Development in Information Technology Security Evaluation - The Need for Evaluation Criteria for Multilateral Security , 1993, Security and Control of Information Technology in Society.

[20]  Thomas D. Wilson,et al.  Business use of the World-Wide Web , 1996, Inf. Res..

[21]  K. L Nance,et al.  Ethical Information Security in a Cross-Cultural Environment , 1995 .

[22]  T. Bonoma Case Research in Marketing: Opportunities, Problems, and a Process , 1985 .

[23]  Sharman Lichtenstein Internet acceptable usage policy , 1996 .

[24]  Arie Segev,et al.  Leveraging Electronic Commerce for Competitive Advantage: A Business Value Framework , 1996 .

[25]  Walter L. Abell,et al.  Business use of the internet in New Zealand : an exploratory study , 1996 .

[26]  Anne Lohrli Chapman and Hall , 1985 .

[27]  Richard G. Mathieu,et al.  Data integrity and the Internet: implications for management , 1996, Internet Res..

[28]  Izak Benbasat,et al.  The Case Research Strategy in Studies of Information Systems , 1987, MIS Q..