You have just been hired as the Security Manager of a medium-sized Financial Services company employing 250 people in New Hampshire, and have been asked to write two new security policies for this company. The first one is an e-mail policy for employees concentrating on personal use of company resources. The second policy is that of WIFI and Internet use within the company. There are many resources available on the web so researching these topics and policies should be easy. The most difficult part of this exercise will be determining how strict or how lenient you want to make these policies for this particular company. You are asked to create two separate policies on use of EMAIL and a WIFI/INTERNET USE within the company. Be specific in your terms and conditions of use. Consider these items to be included in your policies (as applicable). 1. Overview 2. Purpose 3. Scope 4. Policy 5. Policy Compliance 6. Related Standards, Policies and Processes 7. Definitions and Terms Purchase the answer to view it Purchase the answer to view it

Title: E-mail and Wi-Fi/Internet Use Policies for XYZ Financial Services Company

1.0 Overview
The purpose of this document is to outline the policies and guidelines for the use of e-mail and Wi-Fi/Internet within XYZ Financial Services Company. These policies aim to establish a safe and secure environment for all employees while using company resources.

2.0 Purpose
The purpose of the e-mail policy is to define the acceptable use of company-provided e-mail accounts and ensure that employees utilize these resources solely for professional purposes. The Wi-Fi/Internet use policy aims to regulate the appropriate use of the company’s network and access to the internet, ensuring that all activities are in compliance with legal and ethical standards.

3.0 Scope
These policies are applicable to all employees, contractors, and authorized personnel who have access to the company’s e-mail system and network infrastructure. Non-compliance with these policies may result in disciplinary action, including termination of employment.

4.0 Policy

4.1 E-mail Policy

4.1.1 Personal Use
Employees are prohibited from using company-provided e-mail accounts for personal purposes. This includes, but is not limited to, personal communication, personal financial transactions, and non-work-related subscriptions or memberships. Any personal use of company e-mail accounts should be kept to a minimum and should not interfere with an employee’s work responsibilities.

4.1.2 Confidentiality and Security
Employees must exercise caution when sending sensitive or confidential information via e-mail. Confidential information should be encrypted when necessary and transmitted only to authorized recipients.

4.1.3 Prohibited Content
Employees should refrain from sending or distributing any content that is illegal, offensive, discriminatory, or violates the company’s policies on harassment or discrimination. This includes but is not limited to content that is defamatory, pornographic, or infringes on intellectual property rights.

4.1.4 Monitoring
The company reserves the right to monitor and review all e-mail communications sent or received on company-provided e-mail accounts. Such monitoring may occur for various reasons, including but not limited to ensuring compliance with company policies, detecting any malicious activities, or investigating any suspected violations of laws or regulations.

4.2 Wi-Fi/Internet Use Policy

4.2.1 Access and Usage
Employees are granted access to the company’s Wi-Fi network solely for work-related purposes. Any unauthorized use of the company’s network or internet connection is strictly prohibited. Employees should refrain from visiting unauthorized websites, engaging in file-sharing activities, or downloading unauthorized software or files.

4.2.2 Security
Employees must ensure the security of the company’s network by using strong and unique passwords, avoiding sharing passwords, and promptly reporting any suspicious activities or security threats.

4.2.3 Prohibited Activities
Employees must not engage in any activities that may compromise the company’s network or the security of its systems. This includes but is not limited to hacking, attempting unauthorized access, spreading malware or viruses, or engaging in any form of cyberbullying or harassment.

4.2.4 Monitoring
The company reserves the right to monitor and review the internet activity of employees using the company’s network. This may be done to ensure compliance with policies, detect any misuse of resources, or investigate any suspected illegal or unethical activities.

5.0 Policy Compliance
All employees are expected to fully comply with the e-mail and Wi-Fi/Internet use policies. Failure to adhere to these policies may result in disciplinary action, including termination of employment.

6.0 Related Standards, Policies, and Processes
These policies should be read in conjunction with other relevant company policies, including but not limited to the Acceptable Use Policy, Information Security Policy, and Code of Conduct.

7.0 Definitions and Terms
– Company-provided e-mail account: An e-mail account issued to an employee by the company for work-related communication.
– Authorized personnel: Individuals who have been granted access to the company’s e-mail system and network infrastructure.
– Encryption: The process of converting information into a secure code to prevent unauthorized access.
– Malicious activities: Any actions that are intended to harm the company’s network, systems, or data.
– Cyberbullying: The use of electronic communication to harass, intimidate, or threaten others.