Security Network Policy Enforcement
Hello -
I'm interested in finding out what other IT managers/admins are doing to enforce Network security policies when an employee violates a policy. For example; if our policy states not to use internet for personal usage and an employees is caught, what then? Do you give a warning? What is the response process that is recommended. My goal is to educate user as much as possible regarding the threats and vulnerabilities of our network, but they must play their part. I would evaluate each violation and then take displanary action. I just want some advice how to create a response process according to best practices. I appreciate your help.
I'm interested in finding out what other IT managers/admins are doing to enforce Network security policies when an employee violates a policy. For example; if our policy states not to use internet for personal usage and an employees is caught, what then? Do you give a warning? What is the response process that is recommended. My goal is to educate user as much as possible regarding the threats and vulnerabilities of our network, but they must play their part. I would evaluate each violation and then take displanary action. I just want some advice how to create a response process according to best practices. I appreciate your help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Then you should work this out with your HR.
"If termination is listed in the security policy, then warning is a discretion that can be executed by the HR authorised representative." - From an auditor point of view.
Hope this helps,
William Lee CISA
Hong Kong
"If termination is listed in the security policy, then warning is a discretion that can be executed by the HR authorised representative." - From an auditor point of view.
Hope this helps,
William Lee CISA
Hong Kong
ASKER
Do you know where I can find examples of disciplinary actions? We are a health care practice.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Violations of these policies can lead to revocation of system privileges and/or disciplinary action including termination.