Jump to Section
Need help with an Acceptable Use Policy?
What Is an Acceptable Use Policy?
An acceptable use policy, also called an AUP, is an agreement between two or more parties that outlines the appropriate use of access to a corporate network or the internet. This document describes what users may and may not do when accessing this network.
An AUP is useful for businesses and educational facilities that provide internet access to employees or students. Before they are granted access to the network, they must agree to these terms and conditions. Likewise, when you sign up with an internet service provider, they usually have you sign an AUP that requires you to follow a certain set of stipulations.
What Is Covered in an Acceptable Use Policy?
Companies and other facilities use an AUP to protect their networks from bad players. The purpose of an AUD is to ensure everyone is only using internet access for appropriate tasks. Limiting what users can do can help these internet providers uphold the law and protect other users from cybersecurity threats. Here are a few stipulations you may find in an AUP:
- Avoid violating the law while using the service
- Do not attempt to hack the security of the network or users on the network
- Do not attempt to send spam or junk mail
- Do not attempt to crash a website's server with spam or mass emails
- Report any suspicious behavior you may see on the network
Why Is an Acceptable Use Policy Important?
If your business provides internet access, then you need an AUP for these reasons:
Preventing Cybersecurity Threats
Businesses and institutions want to have some sort of control over what activity takes place on their networks. Limiting what users can browse, download, and search on the internet is all a part of keeping a safe network . If a student or employee were to open a suspicious attachment or visit unsecured websites, they could make your network vulnerable to hackers and viruses.
Ensure Users are Avoiding Illegal Activity
An AUP can help ensure users are following the law. For instance, an AUP may strictly prohibit users from pirating music, movies, or other files. It may outline that if a user is violating these rules, they will be banned from the network. Having users break the law on your network can become a liability for your business, which is why outlining these prohibited activities in your AUP is so essential.
Focus on Productivity
Schools may also use an AUP to ensure their students are focusing on classwork rather than looking up things for fun on the web. Also, when young people are using the internet, schools need to make parameters to protect children from any inappropriate websites. Businesses can use it to ensure their employees are working on their tasks rather than browsing social media or tending to personal communications.
What to Consider When Creating an Acceptable Use Policy
When creating an AUP for your business, you need to consider these key factors:
Acceptable Internet Use
Employers should have an internet use policy to ensure their employees are staying on task during working hours. The level of freedom your team gets should depend on the type of work they do. For instance, creative teams may need a larger scope of access to be able to check out social media trends and pop culture. Other teams may need access to the news or local reports to do their job right.
When deciding what's allowed, remember that your employees want to be treated like adults. An overly restrictive AUP may hinder their work and make them feel that you can't trust them. Many businesses choose to restrict the following type of websites:
- Social media
- Personal email/communications
- Illegal activity
Protecting sensitive information is at the heart of most AUPs. It's crucial that you outline which at-risk behaviors employees should avoid when using your network. A data breach could cost your business and employees a lot of time and money, so use your AUP to outline these common security policies:
- Keep all passwords private, and change them regularly
- Do not use public Wi-Fi on company devices
- Never open email attachments or links that you are not expecting. When something appears suspicious, contact the IT department
- Sign up for two-factor authentication
- Social media is only allowed for business purposes
Employees need to be able to send confidential information to one another securely. In your AUP, outline how employees can safely send, view, and store company data. If there happens to be a data breach, an AUP can also tell employees how to handle such a situation. Outline how to report an incident, who to report it to, and any other important protocols for when an employee is experiencing a network issue.
Many businesses have a separate network for their guests. When a guest logs on, they usually have to sign an AUP. In this document, it's wise to make your policies even stricter for those who are not employees. Make sure guests cannot access internal files or information.
Image via Unsplash by Daria Nepriakhina
How Employers Can Better Enforce Their Acceptable Use Policies
It's one thing to get users to agree to your terms and conditions, and it's another to make sure they are actually following them. Use these tips to get your employees to respect and adhere to your AUP:
Make Your Policies Known
More often than not, users skim over an AUP without actually absorbing what is included in the agreement. That's why you should also include the terms of your AUP in your employee handbook. Along with this, you should also make the policies common knowledge for all employees. You could do this during the onboarding process or have an annual review of your AUP.
Create a Plan for Correcting Issues
When employees know there are actual consequences for violating your AUP, they are more likely to follow your parameters. Have a clear policy on what management will do if an employee is caught misusing the network. If you do learn that a user is breaking the terms of your AUP, you need to enact these consequences consistently. If you give people a free pass all of the time, employees are unlikely to take your AUP seriously.
Use Straightforward Language and Formatting
Rather than using confusing legal jargon, write your AUP in terms that employees can understand. A contract lawyer has the skills to help you create an easy-to-comprehend document that still covers all of your bases. Along with the actual wording, also make sure it's in a legible format. Make different sections per topic. Bullet points and short phrases are much easier to read through than long paragraphs.
Test Your Employees' Knowledge
After employees read through the policy, test their knowledge of the document. Letting them know they will have to take a short quiz ahead of time will motivate them to understand the entire AUP. Be willing to explain any part of the AUP so your employees can feel confident about the information in there.
Having an AUP is an integral part of protecting your network, avoiding illegal activity, and ensuring your employees are staying on task. When it's time to create or update your AUP, we have the expertise to help you get started.
Meet some of our Acceptable Use Policy Lawyers
Attorney Greg Corbin is the founder and principal of Signal Law in Denver, Colorado. A top-rated trial and transactional lawyer with more than seven years of total legal experience, Mr. Corbin provides exceptional counsel and support to clients across the greater Denver metro and surrounding areas who have legal needs involving any of the following: business and corporate law; contracts and agreements; incorporations, partnerships and other entity formation and dissolution services; and ongoing business counsel for emerging and expanding commercial enterprises. Utilizing the latest in cost-saving technologies and advanced automation, Mr. Corbin has established his practice as a modern law firm ready for the future, and he strives to provide the highest level of representation to his clients and help them achieve their goals and the favorable outcomes they seek as efficiently and cost-effectively as possible. He has gained a reputation for his innovative solutions as well as his transparent pricing structure and responsiveness when dealing with his clients. In recognition of his outstanding professionalism and service, Mr. Corbin has earned consistent top rankings and endorsements from his peers as being among the top lawyers in his region for business law and transactions. A 2008 graduate of Kansas State University, Mr. Corbin obtained his Juris Doctor from Boston University School of Law in 2013. The Massachusetts Bar Association admitted him to practice that same year, and the Colorado State Bar Association admitted him in 2015. Mr. Corbin is an active member of the Denver Bar Association and the Colorado State Bar Association, among his other professional affiliations, and he supports his local community through his involvement with Project Worthmore and Biking for Baseball, where he serves on the boards of directors.
The Law Office of David Watson, LLC provides comprehensive and individualized estate-planning services for all stages and phases of life. I listen to your goals and priorities and offer a range of estate-planning services, including trusts, wills, living wills, durable powers of attorney, and other plans to meet your goals. And for convenience and transparency, many estate-planning services are provided at a flat rate.
Experienced contracts and business attorney with years of experience advising entrepreneurs and small businesses. Currently act as general counsel to multiple companies with millions in annual revenue. My specialty is creative legal problem solving with solutions tailored to your business.
My career interests are to practice Transactional Corporate Law, including Business Start Up, and Mergers and Acquisitions, as well as Real Estate Law, Estate Planning Law, and Intellectual Property Law. I am currently licensed in Arizona and Pennsylvania, after having moved to Phoenix in September 2019. I am currently General Counsel for a bioengineering company. I handle everything from their Mergers & Acquisitions, Private Placement Memorandums, and Articles of Amendment to Intellectual Property Assignments, to Employment Law and Beach of Contract settlements. I have 4 years experience handling commercial breach of contract cases working with Burton Neil & Associates, P.C. I have experience with Intellectual Property infringement after having worked for Ryley Carlock & Applewhite. I have also recently gained experience with Estate Planning law, drafting numerous Estate Planning documents for people such as Wills, Powers of Attorney, Healthcare Directives, and Trusts. I am looking to further gain legal experience in these fields of law as well as expand my legal experience assisting business start ups, mergers and acquisitions and also trademark registration and licensing.
Atilla Z. Baksay is a Colorado-based attorney practicing transactional and corporate law as well as securities regulation. Atilla represents clients in the negotiation and drafting of transactional (e.g. master service, purchase and sale, license, IP, and SaaS agreements) and corporate (e.g. restricted stock transfers, stock options plans, convertible notes/SAFE/SAFT agreements, bylaws/operating agreements, loan agreements, personal guarantees, and security agreements) contracts, in-house documents (e.g. employment policies, separation agreements, employment/independent contractor/consultant agreements, NDAs, brokerage relationship policies, and office policy memoranda), and digital policies (e.g. terms of service, privacy policies, CCPA notices, and GDPR notices). Atilla also reviews, and issues legal opinions concerning, the security status of digital currencies and assets. Following law school, Atilla practiced international trade law at the Executive Office of the President, Office of the United States Trade Representative, where his practice spanned economic sanctions enacted against goods originating in the People’s Republic of China valued at $500 billion. Afterwards, Atilla joined a Colorado law firm practicing civil litigation, where the majority of his practice comprised of construction defect suits. Today, Atilla's practice spans all corporate matters for clients in Colorado and the District of Columbia.
After graduating from The University of Chicago Law School in 2002, Clara spent eight years in private practice representing clients in complex commercial real estate, merger and acquisition, branding, and other transactional matters. Clara then worked as in-house counsel to a large financial services company, handling intellectual property, vendor contracts, technology, privacy, cybersecurity, licensing, marketing, and otherwise supporting general operations. She opened her own practice in September of 2017 and represents hedge funds, financial services companies, and technology companies in a range of transactional matters.
I love contracts - and especially technology-related contracts written in PLAIN ENGLISH! I've worked extensively with intellectual property contracts, and specifically with IT contracts (SaaS, Master Subscriptions Agreements, Terms of Service, Privacy Policies, License Agreements, etc.), and I have built my own technology solutions that help to quickly and thoroughly draft, review and customize complex contracts.