Acceptable Use Policy AUP

USARNORTH Acceptable Use Policy (AUP) (15 Dec 05) 1. I have the responsibility to safeguard the information contained on all Department of Defense information systems (IS) or networks from unauthorized or inadvertent modification, disclosure, destruction, denial of service, and use. 2. Access to these networks is for official and authorized use as set forth in DOD 5500.7-R, (Joint Ethics Regulation), AR 25-1 (Army Knowledge Management and Information Technology), and AR 25-2 (Information Assurance). 3. I understand that, IAW AR 380-53, use of any Government owned computer constitutes consent to monitoring for security purposes and to ensure that my use is authorized. I understand that I have no expectation of privacy while using or accessing Government ISs or resources and that access to Government resources is a revocable privilege. I further understand that any information captured during monitoring may be used for administrative or disciplinary actions or for criminal prosecution. 4. As a Government computer user, the following minimum security rules and requirements apply: a. I will not be not permitted access to any Government owned IS unless I am in compliance with the personnel security requirements set forth in DOD 5200.2R, AR 380-67, and AR 25-2. b. I have completed the computer user security awareness-training module prior to receiving system access, and I will participate in any other required training programs directed by AR 25-2. c. I will protect my passwords IAW AR 25-2. Passwords will consist of at least 10 characters with 2 of each of the following: uppercase letters, lowercase letters, numbers, and special characters. Passwords will not consist of common names, User IDs, call signs, birthdays, phone numbers, military acronyms, or dictionary-based words. Inactive accounts that have not been logged in to after 45 days will be removed from the system. d. I will not reveal my password to anyone nor will I store it on any IS or storage media or keep it in written form. e. I understand that I am the only authorized user of this account and am responsible for any and all activity that occurs while logged in under my assigned User ID and password. If I feel my password has been compromised, I will report it to my IASO immediately. f. I will use only authorized hardware and software. I will not remove or relocate my computer without permission from the Fifth U.S. Army (ARNORTH) G6. I will not download, install or use any personally owned or public domain hardware, software, shareware or freeware on a Government owned computer. g. I will perform virus-checking procedures before copying, downloading, or accessing information from any website, attachment, system, diskette, compact disk, thumb drive, or other removable device. h. I will not attempt to access or process data exceeding the authorized classification level for the IS to which I am assigned, nor for which I do not have a “need to know.” I understand that computers connected to the NIPRNet are NOT authorized for processing classified information. Under no circumstances will I interchange external media (i.e., CDs, floppy disks, or any other type media) between classified (SIPRNet) and unclassified (NIPRNet) systems. i. I will not alter, change, configure, or use operating systems or programs, except as specifically authorized. j. I will not introduce executable code (i.e., .exe, .com, .vbs, or .bat files) without authorization, nor will I write malicious code. k. I will safeguard and mark with the appropriate classification level all information created, copied, stored, or disseminated from the IS and will not disseminate it to anyone without a specific need to know. l. I will not utilize any Government owned IS for commercial or financial gain or illegal activities. m. I will only authorize computer maintenance by technicians authorized by Fifth U.S. Army (ARNORTH) G6. n. I will use screen locks to prevent unauthorized access to IS during periods of temporary non-use and will log off if departing the area and at the end of the duty day. o. I will report any suspicious output, files, shortcuts, links, or system problems to the Fifth U.S. Army (ARNORTH) G6 Help Desk and will cease using the system immediately. p. If I observe anything on the system I am using that indicates inadequate security, I will notify my IASO. q. I will address any questions regarding policy, acceptable use, and my responsibilities to my IASO or IAM. 5. I understand that DOD policy states that Federal Government communication systems and equipment (including Government owned telephones, facsimile machines, electronic mail, internet systems, and commercial systems), when use of such systems and equipment is paid for by the Federal Government, will be for “official use” and “authorized purposes” only. a. The following are examples of unauthorized and unacceptable uses of an Army IS:  The intentional introduction of a virus, worm, or a Trojan horse on any computer or network  The intentional breaking into, damage, defacing, or destruction of any hardware or software system belonging to another person, activity, agency, or entity  Accessing sites that may be deemed unethical (i.e., sites containing profanity or sites promoting bias, hate groups, terrorist groups, or groups advocating the overthrow of the U.S. Government)  Accessing internet sites oriented to pornographic, obscene, or sexually-based material  Accessing gambling related sites  Accessing, downloading, or copying file-sharing, Peer-to-Peer (P2P) software or any other copyright protected software, literature or music  Connecting any personal automation equipment to any Government computer or network  Creating, downloading, storing, copying, transmitting, or broadcasting chain, hoax, Spam or “letter-bomb” emails  Using Internet “chat” services other than AKO  Broadcasting unsubstantiated virus warnings from sources other than system administrators  Broadcasting e-mail messages to large groups of e-mail users (entire organizations) instead of targeting smaller specifically interested populations  Using Government ISs or networks for unofficial advertising, soliciting, selling, or operating a personal business  Employing for personal use applications using streaming data, audio (CD, MP3) and video (DVD); unlicensed software; games; Web altering tools/software; password crackers, hacking tools; and, other software that may cause harm to Government computers and telecommunications systems b. AR 25-1 permits some authorized personal uses of Army ISs provided they do not adversely affect the performance of official duties by the employee or the employee’s organization and they are of reasonable duration and frequency. Whenever possible, these activities should be conducted during personal time, such as during lunch, breaks, and other off-duty periods. Some examples of authorized personal uses are:  checking in with spouse or minor children;  scheduling doctor, auto or home repair appointments;  brief Internet searches or e-mailing directions to visiting relatives. 6. IAW para 1-1j, AR 25-2, I understand that I may be subject to disciplinary action for any violation or abuse of access privileges. 7. Acknowledgement. I have read the above requirements regarding use of U.S. Government ISs, and I understand my responsibilities regarding use of these systems and the information contained in them. _________________________________ Last Name, First Name, MI _________________________________ Signature _______________ Rank/Grade ____________________ Division/Branch/Section ______________________ Date _______________________ Tel: