Acceptable-Use-of-Information-Technology-Resources-Policy

[Virtual Presenter] Welcome to our training video. Today, we will be discussing an important topic that affects all individuals in the organization - our information technology policy. This policy is in place to ensure the appropriate and secure use of our IT resources by our workforce. As technology is constantly evolving, it is essential for our organization to have a clear and effective policy to protect our company. The first slide introduces this policy and provides important information such as the IT standard, updates, and the policy issuer and owner. Let's now move on to the purpose and benefits of this policy. It is crucial for our organization to have the participation and support of our workforce in order to use our IT resources appropriately and securely. Failure to do so can expose us to potential risks, including virus attacks and legal issues. The authority of this policy lies with [Organization Information]. This policy applies to all users of any system's information or physical infrastructure within the organization. It is the responsibility of each user to read and understand this policy and abide by it. It is also important for users to be familiar with our organization's Information Security Policy and its associated standards. Next, we will briefly discuss the information statement on this slide. It is important to note that, except for any privileged or confidential information recognized by law, there is no legitimate expectation of privacy when using our IT resources. This means that our activities may be monitored, intercepted, recorded, and used by our organization. In conclusion, it is crucial for us all to follow this policy to ensure the appropriate and secure use of our IT resources. Thank you for watching this first slide of our presentation. Stay tuned for the next one where we will go into more detail about our policy. Thank you for your attention and we will see you in the next slide..

[Audio] In this training video, we will be discussing the organization's information technology policies, specifically focusing on slide number 2 out of 6. This slide emphasizes the importance of ensuring appropriate and secure use of IT resources by the organization's workforce. The policy requires all users to comply with its guidelines and procedures, including not disclosing IT resources without prior notice to authorized individuals. To enforce this, periodic monitoring of all systems, including email, text messaging, and computer systems, will be conducted. Users will also be notified with a warning banner text when accessing the organization's IT resources, reminding them that unauthorized use is not allowed. The organization has the right to impose restrictions, such as blocking access to non-business related websites or limiting the attachment of personal devices. Prior approval must be obtained for those using personal devices to access the organization's applications and resources. It is important to comply with organizational policies, as well as any applicable license agreements and laws, including intellectual property laws. It is our responsibility to protect the confidentiality, integrity, and availability of information through necessary baseline information security controls. We must also safeguard the organization's information and resources from unauthorized use or disclosure. Thank you for listening to this section on acceptable use and its importance in maintaining IT resource security. The training will continue with more slides on organizational information technology policies..

[Audio] Our presentation will cover the importance of having a clear and comprehensive IT policy in place for our organization. This includes the proper and secure use of all IT resources by our staff. Our policy outlines the unacceptable use of these resources, including the unauthorized use or disclosure of personal, private, sensitive, and/or confidential information, as well as organization information and resources. It is prohibited to distribute, transmit, post, or store any electronic communications, material, or correspondence that is threatening, obscene, harassing, pornographic, offensive, defamatory, discriminatory, inflammatory, illegal, or intentionally false or inaccurate. Additionally, attempting to represent the organization in matters unrelated to official authorized job duties or responsibilities is not allowed. This includes connecting unapproved devices to our network, connecting our IT resources to unauthorized networks, and using wireless networks while physically connected to our wired network. Our staff is also not permitted to install, download, or run software that has not been approved through appropriate security, legal, and/or IT review, in accordance with our organizational policies. Any use of commercial email systems must receive prior management approval, as there is a risk of malware being distributed through these services. Use of our IT resources for unauthorized solicitations or advertisements for non-organizational purposes, such as religious, political, or not-for-profit entities, is strictly prohibited. Lastly, providing unauthorized access to third parties, including family and friends, is not allowed. Our IT resources are to be used solely for official organizational purposes and not for personal or commercial reasons. Thank you for paying attention to our important IT policy and guidelines..

[Audio] Today's presentation will be discussing an organization's information technology policy and its purpose of ensuring appropriate and secure use of IT resources by its workforce. We will be talking about occasional and incidental personal use of IT resources on slide number 4, which is permitted as long as it is consistent with the organization's policy and does not interfere with one's responsibilities and duties. It is important to use good judgment when it comes to personal use, as the organization can revoke or limit this privilege at any time. Moving on to slide number 4.3, we will discuss individual accountability and responsibility in protecting against unauthorized activities on IT resources and organization information. This includes locking computer screens when stepping away and safeguarding credentials from unauthorized disclosure. These credentials must be kept confidential and not shared with others. Slide number 4.4 covers restrictions on the transmission and storage of information off-site. Users are not allowed to transmit restricted information to or from personal email accounts unless explicitly authorized. It is also important to not store such information on personal devices or with third-party file storage services that have not been approved. Devices containing organizational information must be attended at all times or securely stored when not in use to prevent any potential breaches or unauthorized access. Our discussion of slide number 4 is now complete. It is crucial for all employees to adhere to these policies and guidelines to ensure the safe and appropriate use of IT resources within the organization. Thank you for listening and stay tuned for the remaining slides in this presentation..

[Audio] This training video focuses on Information Technology Policies. It emphasizes the importance of a well-defined IT policy in any organization to ensure appropriate and secure use of IT resources by employees. Slide number five discusses the role of the Public Information Officer (PIO) in granting access to social media sites. Access is granted after demonstrating a business need and approval of service agreements by the Counsel's Office. The PIO's final approval will determine the scope of the approved activity, including identifying approved users. It is important to note that the use of organizational email addresses on public social media sites is prohibited, unless specifically authorized. If employees access social media on their own time using personal resources, they must adhere to professional, responsible, and secure conduct when referencing the organization and its staff. Within their official duties, the PIO or their designee must review and approve content before it is posted on public social media sites on behalf of the organization. This approval is not required for technical support forums that have already been approved by a supervisor and do not contain sensitive information about the organization's IT infrastructure. Additionally, PIO approval is not needed for postings on private, organization-approved social media collaboration sites. It is essential to treat accounts used to manage the organization's social media presence as privileged and for official use only. They should not be used for personal reasons. It is also crucial to follow information security standards and have unique passwords for privileged accounts. Thank you for watching, and we hope this information has helped you understand the organization's IT policy and guidelines for social media use..

[Audio] We have now reached the end of our presentation. Thank you for taking the time to go through our organization's information technology policy. The purpose of this policy is to ensure that our workforce uses IT resources in an appropriate and secure manner. It is important to note that the views and opinions expressed are solely those of the author and do not necessarily reflect those of the organization. Our employees must remember that they are not allowed to use their personal social media accounts for official business, unless given specific authorization by the organization. We also strongly discourage the use of the same passwords for personal social media accounts and organizational devices and IT resources. This is to prevent unauthorized access to our resources in case a password is compromised. We expect all of our employees to comply with this policy, along with our other enterprise policies and standards. Please be aware that these policies and standards are subject to change and may be amended at any time. If compliance with this policy is not possible or technically feasible, or if a deviation is necessary to support a business function, entities can request an exception through the Chief Information Security Officer's exception process. For further clarification, please refer to the definitions of key terms in section 6.0 of this policy. If you have any inquiries or requests for future enhancements, please contact the policy owner at the address listed in section 7.0. We would like to remind you that this policy will be reviewed at least once a year to ensure its relevance. Any changes made will be documented and listed in the revision history in section 8.0. We hope that you found this presentation informative and helpful. Thank you again for your attention and please do not hesitate to reach out to us if you have any further questions..