Home page logo
/

basics logo Security Basics mailing list archives

RE: e-mail policies
From: Mark Burgess <markb () pbdh com>
Date: Wed, 26 Feb 2003 12:10:28 -0800

Isn't all discipline selective? Upper levels of management don't come under
the same scrutiny and rules that the lower levels are required to live
under. The VPs won't be fired for chatting with their kids at college using
IM though they would drop one of their underlings in a heartbeat for the
same thing.

I understand what you are saying but does your HR and Legal agree with the
"occasional use" stance? My client's HR and Legal folks understood that the
people were going to use the systems personally but they required the
"absolutely no personal use" clauses just so they did have a tool available
for selective use. Be sure that you somehow define "occasional use", as it
will be difficult to terminate for just cause if you have not.

Well, if the company really believes that occasional use is ok, then why would they want to terminate someone who is occasionally using the system for personal mail? If they have *good* reasons to terminate, then they should use those, not some selectively-enforced ultra-strict rule.


It is easy to
define "never" and show violation. The employee probably has other things
stacked against them at that point anyway

Presumably... otherwise they'd be doing a good job.


but your AUP won't be one of the
supports for the company's case, which is just why they want an AUP in the
first place.

The original poster was looking for ways to detect infidelity while retaining some sort of respect for privacy -- not for a tool that would help justify terminations.


--
Mark


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault