Home

acceptableuse

An acceptable use policy (AUP) is a document that outlines the permissible and prohibited uses of a network, system, or online service. It specifies the responsibilities of users and the obligations of the organization providing the resource, with the aim of protecting safety, security, privacy, and legal compliance while enabling legitimate activity.

Scope and applicability are usually defined by the policy. AUPs commonly apply to employees, students, customers,

Typical provisions describe acceptable activities, such as legitimate work, research, and approved communications, and clarify prohibited

Enforcement and compliance procedures are normally included. An AUP may specify monitoring practices, consequences for violations

guests,
and
contractors
who
access
organizational
networks
or
services.
They
may
be
part
of
terms
of
service
or
issued
as
a
standalone
policy.
The
policy
may
cover
diverse
resources,
including
networks,
servers,
email,
file
storage,
software,
and
collaboration
tools,
and
may
address
personal
devices
connected
to
the
system
(bring-your-own-device
policies).
actions,
such
as
illegal
activity,
unauthorized
access
or
disclosure,
distribution
of
malware,
spamming,
infringement
of
intellectual
property,
excessive
or
disruptive
usage,
and
attempts
to
evade
security
measures.
Policies
often
set
expectations
for
safeguarding
credentials,
reporting
security
incidents
or
policy
violations,
and
respecting
user
privacy
where
appropriate.
(warnings,
suspension,
termination,
or
legal
action),
and
the
process
for
appeals
or
remediation.
The
document
is
often
complemented
by
related
policies,
such
as
privacy,
security,
and
code
of
conduct,
and
may
be
updated
to
reflect
new
risks,
technologies,
or
legal
requirements.