Security Operations – Week #3 Lab

Prohibited Use


You are the Information Security Officer of Mahtmarg Manufacturing a small manufacturing company worth approximately $5 Million who provides fiber cable to local businesses, individual customers and to government organizations. In the course of the next eight weeks you will be creating your Information Security Plan (Issue-Specific Security Policy in Table 4-3 of the textbook) step by step using this scenario.

Your Task

Step 3: Develop the Prohibited Use section of your ISP

In this week’s Lab you will develop the section on Prohibited Use of your company’s information system (IS) in the Information Security Plan to include:

  • Prohibition of illegal conduct
  • System and Network Activity restrictions

o   Copyright infringement

o   Proprietary information disclosure

o   Unauthorized use for personal business

o   Malicious programs

o   Account disclosure

  • Email and Communication Activity restrictions

o   Unsolicited emails

o   Harassment

o   Chain letters

o   Spam

  • Blogging and Social Media Activity restrictions

o   Representation of the company on blogs or social media

o   Separation of personal and professional comments