Best Practices Committee announces Acceptable Use Policy of IT Assets

By Remco KappertPortrait_Remco_origineel__1_.jpg

The Best Practices Committee is not only working on improving the manual for the next version, it is also working to produce
documents that support system integrators in improving their business. For example, the committee is currently developing documentation for

  • Panel building
  • Configuration management
  • Quality

In the meantime, the committee has recently published the Acceptable Use Policy of IT Assets to help members address the issue
of cybersecurity.

CSIA members can find the policy here.

You will be interested in this policy if you have questions like:

  • How do I protect my company against cybersecurity incidents?
  • How do I protect my (or my clients') confidential information from being disclosed?
  • What do I teach my employees about cybersecurity?

My experience with policies like this is that it only tells employees what not to do. The result is that employees get creative and start using workarounds that are even more unsafe. That is why text blocks are added in the policy template to inform employees about the best way to work in a certain situation.

Subjects that are covered in the policy are:

  • General rules
  • Use of IT assets
  • Use of external IT assets and services
  • Internet use
  • Email use
  • Use of usernames and passwords
  • Mobile communication devices
  • Personal use
  • Use of VPN connections
  • External access
  • Usage of social media
  • BYOD policy
  • Monitoring
  • Liability and sanctions
  • Disputes

This document should be used as a template for creating your own policy. It is voluntarily donated by other system integrators, both CSIA certified and non-certified. It reflects the current knowledge of this group of companies.

Within the CSIA community, there is more knowledge available, and cybercrime is changing quickly. If you start working with this policy, the Committee has a kind request. Please share your improvements with the committee so that it can continuously improve the policy.

After all, that is the true CSIA motto: You share one idea and receive ten in return.

Remco Kappert is Integration Manager at EKB in the Netherlands, where he is responsible for operational excellence, personnel safety programs and project manager for internal software implementations. He has also been a member of the CSIA Best Practices Committee since version 3. EKB is a CSIA certified system integrator with five branches and 200 employees.