Jump to Section
What Is an Acceptable Use Policy?
An acceptable use policy, also called an AUP, is an agreement between two or more parties that outlines the appropriate use of access to a corporate network or the internet. The typical agreement is between the organization providing network access (such as a company or education institution) and the users of that network (like employees or students). This document describes what users may and may not do when accessing this network.
An AUP is useful for businesses and educational facilities that provide internet access to employees, students, guests, or customers. Before they are granted access to the network, they must agree to these terms and conditions. Likewise, when you sign up with an internet service provider, they usually have you sign an AUP that requires you to follow a certain set of stipulations.
What Is Covered in an Acceptable Use Policy?
Companies and other facilities use an AUP to protect their networks from bad players. The purpose of an AUD is to ensure everyone is only using internet access for appropriate tasks. Limiting what users can do can help these internet providers uphold the law and protect other users from cybersecurity threats. Here are a few stipulations you may find in an AUP:
- Avoid violating the law while using the service
- Do not attempt to hack the security of the network or users on the network
- Do not attempt to send spam or junk mail
- Do not attempt to crash a website's server with spam or mass emails
- Report any suspicious behavior you may see on the network
Why Is an Acceptable Use Policy Important?
If your business provides internet access, then you need an AUP for these reasons:
Preventing Cybersecurity Threats
Businesses and institutions want to have some sort of control over what activity takes place on their networks. Limiting what users can browse, download, and search on the internet is all a part of keeping a safe network. If a student or employee were to open a suspicious attachment or visit unsecured websites, they could make your network vulnerable to hackers and viruses.
Ensure Users are Avoiding Illegal Activity
An AUP can help ensure users are following the law. For instance, an AUP may strictly prohibit users from pirating music, movies, or other files. It may outline that if a user is violating these rules they will face consequences. Consequences may range from suspension to information being turned over to law enforcement depending on the violation and the organization’s policies. Having users break the law on your network can become a liability for your business, which is why outlining these prohibited activities in your AUP is so essential.
Focus on Productivity
Schools may also use an AUP to ensure their students are focusing on classwork rather than looking up things for fun on the web. Also, when young people are using the internet, schools need to make parameters to protect children from any inappropriate websites. Businesses can use it to ensure their employees are working on their tasks rather than browsing social media or tending to personal communications.
What to Consider When Creating an Acceptable Use Policy
When creating an AUP for your business, you need to consider these key factors:
Acceptable Internet Use
Employers should have an internet use policy to ensure their employees are staying on task during working hours. The level of freedom your team gets should depend on the type of work they do. For instance, creative teams may need a larger scope of access to be able to check out social media trends and pop culture. Other teams may need access to the news or local reports to do their job right.
When deciding what's allowed, remember that your employees want to be treated like adults. An overly restrictive AUP may hinder their work and make them feel that you can't trust them. Depending on the organization’s needs and policies, many businesses choose to restrict the following type of websites:
- Social media
- Streaming
- Shopping
- News
- Personal email/communications
- Pornography
- Gambling
- Illegal activity
Cybersecurity
Protecting sensitive information is at the heart of most AUPs. It's crucial that you outline which at-risk behaviors employees should avoid when using your network. A data breach could cost your business and employees a lot of time and money, so use your AUP to outline these common security policies:
- Keep all passwords private, and change them regularly
- Do not use public Wi-Fi on company devices
- Never open email attachments or links that you are not expecting. When something appears suspicious, contact the IT department
- Sign up for two-factor authentication
- Social media is only allowed for business purposes
Private Information
Employees need to be able to send confidential information to one another securely. In your AUP, outline how employees can safely send, view, and store company data. If there happens to be a data breach, an AUP can also tell employees how to handle such a situation. Outline how to report an incident, who to report it to, and any other important protocols for when an employee is experiencing a network issue.
Guest Users
Many businesses have a separate network for their guests. When a guest logs on, they usually have to sign an AUP. In this document, it's wise to make your policies even stricter for those who are not employees. Make sure guests cannot access internal files or information.
Image via Unsplash by Daria Nepriakhina
How Employers Can Better Enforce Their Acceptable Use Policies
It's one thing to get users to agree to your terms and conditions, and it's another to make sure they are actually following them. Use these tips to get your employees to respect and adhere to your AUP:
Make Your Policies Known
More often than not, users skim over an AUP without actually absorbing what is included in the agreement. That's why you should also include the terms of your AUP in your employee handbook. Along with this, you should also make the policies common knowledge for all employees. You could do this during the onboarding process or have an annual review of your AUP.
Create a Plan for Correcting Issues
When employees know there are actual consequences for violating your AUP, they are more likely to follow your parameters. Have a clear policy on what management will do if an employee is caught misusing the network. If you do learn that a user is breaking the terms of your AUP, you need to enact these consequences consistently. If you give people a free pass all of the time, employees are unlikely to take your AUP seriously.
Use Straightforward Language and Formatting
Rather than using confusing legal jargon, write your AUP in terms that employees can understand. A contract lawyer has the skills to help you create an easy-to-comprehend document that still covers all of your bases. Along with the actual wording, also make sure it's in a legible format. Make different sections per topic. Bullet points and short phrases are much easier to read through than long paragraphs.
Test Your Employees' Knowledge
After employees read through the policy, test their knowledge of the document. Letting them know they will have to take a short quiz ahead of time will motivate them to understand the entire AUP. Be willing to explain any part of the AUP so your employees can feel confident about the information in there.
Having an AUP is an integral part of protecting your network, avoiding illegal activity, and ensuring your employees are staying on task. When it's time to create or update your AUP, we have the expertise to help you get started.
Need help with an Acceptable Use Policy?
Meet some of our Acceptable Use Policy Lawyers
Michael B.
Michael has extensive experience advising companies from start-ups to established publicly-traded companies . He has represented businesses in a wide array of fields IT consulting, software solutions, web design/ development, financial services, SaaS, data storage, and others. Areas of expertise include contract drafting and negotiation, terms of use, business structuring and funding, company and employee policies, general transactional issues as well as licensing and regulatory compliance. His prior experience before entering private practice includes negotiating sales contracts for a Fortune 500 healthcare company, as well as regulatory compliance contracts for a publicly traded dental manufacturer. Mr. Brennan firmly believes that every business deserves a lawyer that is both responsive and dependable, and he strives to provide that type of service to every client.
Nicholas V.
I am a solo practitioner with offices in Denver, Colorado and Austin, Texas with a focus on general business and real estate contracts.
Faryal A.
Ms. Ayub is an attorney licensed to practice in Texas. Before moving to the US, she has a number of years of experience in contract review, analysis and drafting. Ms. Ayub is available to help you with your legal problems, as well as filling LLC and other business entity formation documents. To know more about her practice, please visit https://ayublawfirmpllc.com/.
Moss S.
Over 30 years of experience practicing commercial real estate and complex business litigation law.
November 17, 2021
Harrison K.
Harrison Kordestani is an executive with over twenty-five years experience in entertainment and media, energy, technologies, and start-ups. Mr. Kordestani has also developed a specialized legal and strategic consulting practice representing select entertainment, oil and gas, mortgage lending, and technology start-up clientele. He is also deeply passionate about new technologies and has also actively worked in building companies in the video-on-demand, wearable tech, information of things, demand prediction and app-marketing spaces. As an attorney, Mr. Kordestani's focus has been on transactional drafting and negotiation and providing ongoing legal counsel, corporate compliance, and contract interpretation to numerous private individuals as well as companies in varied fields.
November 18, 2021
Abraham W.
Abraham's practice focuses on counseling emerging group companies in the technology and other commercial agreements, and assisting equity financings (specifically venture capital).
November 22, 2021
Dave Y.
I am available for data privacy and cybersecurity projects. I am CIPP/US certified through the IAPP. I have also taken coursework focused on the GDPR through the London School of Economics. In my past career I was an intelligence officer. I am well acquainted with information security best practices and I have experience developing and implementing administrative controls for classified information and PII. I have worked extensively overseas and I am comfortable integrating with remote teams. Feel free to reach out any time if you have any additional questions on my areas of expertise or professional background.
Find the best lawyer for your project
Browse Lawyers NowInternet
Acceptable Use Policy
Florida
Why do I need an acceptable use policy?
I am being told I need an Acceptable Use Policy for our company. I want to understand why I need one.
Forest H.
A well written AUP will provide your employees, staff, and users with clear guidelines regarding what they can use company resources for and what is inappropriate. There may be conduct that blatantly crosses the line, such as using the company logistics software to break the law, but an AUP will also address those circumstances that are less clear, such as using internal messaging to ask a co-worker out on a date or to pass along inappropriate comments. It should also address potential security and data privacy breaches that may result from using poor oversight of company databases, introducing insecure devices to the network, or visiting potentially compromised websites and responding to phishing emails.
Acceptable Use Policy
California
When do I need an Acceptable Use Policy?
We are an online business and someone mentioned we may need to get an AUP in place for employees.
No attorney answers yet - be the first to answer>Quick, user friendly and one of the better ways I've come across to get ahold of lawyers willing to take new clients.
View Trustpilot ReviewNeed help with an Acceptable Use Policy?
Business lawyers by top cities
- Austin Business Lawyers
- Boston Business Lawyers
- Chicago Business Lawyers
- Dallas Business Lawyers
- Denver Business Lawyers
- Houston Business Lawyers
- Los Angeles Business Lawyers
- New York Business Lawyers
- Phoenix Business Lawyers
- San Diego Business Lawyers
- Tampa Business Lawyers
Acceptable Use Policy lawyers by city
- Austin Acceptable Use Policy Lawyers
- Boston Acceptable Use Policy Lawyers
- Chicago Acceptable Use Policy Lawyers
- Dallas Acceptable Use Policy Lawyers
- Denver Acceptable Use Policy Lawyers
- Houston Acceptable Use Policy Lawyers
- Los Angeles Acceptable Use Policy Lawyers
- New York Acceptable Use Policy Lawyers
- Phoenix Acceptable Use Policy Lawyers
- San Diego Acceptable Use Policy Lawyers
- Tampa Acceptable Use Policy Lawyers
ContractsCounsel User
contract for web hosting
Location: Washington
Turnaround: Less than a week
Service: Drafting
Doc Type: Acceptable Use Policy
Number of Bids: 7
Bid Range: $249 - $1,365
ContractsCounsel User