Building an Adoption Plan: Think Outside the Box (Part 1 of 2)Cisco Canada
You have made the leap…invested in collaboration solutions…the boxes have arrived and software secured. Now the question is how do I roll it out to my organization and my different line of business users to meet their unique needs?
Our collaboration portfolio has never been more flexible to accommodate the needs of a diverse and ever changing workforce. Whether you are an HR leader, field worker, sales executive or individual contributor, you can leverage the same collaboration investment to meet your distinct requirements. In this session, we will review these distinct requirements and showcase the appropriate collaboration use cases from both a horizontal line of business lens and a vertical lens.
Inclusive, Accessible Tech: Bias-Free Language in Code and Configurations - A...Nordic APIs
A presentation given by Adrienne Moherek, Developer Experience Technical Leader, Cisco, at our 2024 Austin API Summit, March 12-13.
Session Description: Heard of suss? You can suss out more information or you can find someone’s information to be suss. “Suss” shows the flexibility of language. It’s an ongoing process to change how we use certain words. It’s important to choose words carefully to convey the correct meaning and avoid harmful subtext or exclusion. Let’s explore some of the tools and triage methods that it takes from an engineering viewpoint to make bias-free choices. How can you ensure that biased words do not sneak into code, UI, docs, configurations, or our everyday language? First, let’s walk through how to take an inventory of assets from code to config files to API specifications to standards. Next, by placing those findings into categories, prioritize the work to substitute with inclusive alternatives. Let’s examine some examples using both API and code assets. Next is a demonstration of how to automate analyzing your source code or documentation with a linter, looking for patterns based on rules that are fed into the tool. What’s in the future for these efforts? Inclusive language should expand beyond English and North America efforts. To do so, let’s organize the work with automation tooling, as engineers do.
These guidelines are intended as an introductory guide to highlight core principles that must be considered when developing a communications strategy and campaigns including social media in the United Kingdom. For international activity, members are advised to review the guidelines and legal considerations of their respective countries.
The CIPR social media advisory (CIPRSM) panel would like to thank all those who contributed to updating these guidelines.
Building an Adoption Plan: Think Outside the Box (Part 1 of 2)Cisco Canada
You have made the leap…invested in collaboration solutions…the boxes have arrived and software secured. Now the question is how do I roll it out to my organization and my different line of business users to meet their unique needs?
Our collaboration portfolio has never been more flexible to accommodate the needs of a diverse and ever changing workforce. Whether you are an HR leader, field worker, sales executive or individual contributor, you can leverage the same collaboration investment to meet your distinct requirements. In this session, we will review these distinct requirements and showcase the appropriate collaboration use cases from both a horizontal line of business lens and a vertical lens.
Inclusive, Accessible Tech: Bias-Free Language in Code and Configurations - A...Nordic APIs
A presentation given by Adrienne Moherek, Developer Experience Technical Leader, Cisco, at our 2024 Austin API Summit, March 12-13.
Session Description: Heard of suss? You can suss out more information or you can find someone’s information to be suss. “Suss” shows the flexibility of language. It’s an ongoing process to change how we use certain words. It’s important to choose words carefully to convey the correct meaning and avoid harmful subtext or exclusion. Let’s explore some of the tools and triage methods that it takes from an engineering viewpoint to make bias-free choices. How can you ensure that biased words do not sneak into code, UI, docs, configurations, or our everyday language? First, let’s walk through how to take an inventory of assets from code to config files to API specifications to standards. Next, by placing those findings into categories, prioritize the work to substitute with inclusive alternatives. Let’s examine some examples using both API and code assets. Next is a demonstration of how to automate analyzing your source code or documentation with a linter, looking for patterns based on rules that are fed into the tool. What’s in the future for these efforts? Inclusive language should expand beyond English and North America efforts. To do so, let’s organize the work with automation tooling, as engineers do.
These guidelines are intended as an introductory guide to highlight core principles that must be considered when developing a communications strategy and campaigns including social media in the United Kingdom. For international activity, members are advised to review the guidelines and legal considerations of their respective countries.
The CIPR social media advisory (CIPRSM) panel would like to thank all those who contributed to updating these guidelines.
CIS333 – Assignments and Rubrics Assignment 1 Creating an.docxsleeperharwell
CIS333 – Assignments and Rubrics
Assignment 1: Creating and Communicating a Security Strategy
First Draft Due Week 4, worth 40 points
Final Due Week 6, worth 60 points
As an IT professional, you’ll often be required to communicate policies, standards, and practices in the
workplace. For this assignment, you’ll practice this important task by taking on the role of an IT
professional charged with creating a memo to communicate your company’s new security strategy.
The specific course learning outcomes associated with this assignment are:
• Analyze the importance of network architecture to security operations.
• Apply information security standards to real-world implementation.
• Communicate how problem-solving concepts are applied in a business environment.
• Use information resources to research issues in information systems security.
• Write clearly about network security topics using proper writing mechanics and business formats.
Preparation
1. Review the essential elements of a security strategy
A successful IT administration strategy requires the continuous enforcement of policies, standards, and
practices (procedures) within the organization. Review these elements to see how they compare:
Policy The general statements that direct the organization’s internal and external
communication and goals.
Standards Describe the requirements of a given activity related to the policy. They are more
detailed and specific than policies. In effect, standards are rules that evaluate the
quality of the activity. For example, standards define the structure of the password
and the numbers, letters, and special characters that must be used in order to
create a password.
Practices The written instructions that describe a series of steps to be followed during the
performance of a given activity. Practices must support and enhance the work
environment. Also referred to as procedures.
2. Describe the business environment
You are the IT professional in charge of security for a company that has recently opened within a
shopping mall. Describe the current IT environment at this business. You can draw details from a
company you work for now or for which you have worked in the past. You’ll need to get creative and
identify the details about this business that will influence the policies you’ll create. For example, does the
company allow cell phone email apps? Does the company allow web mail? If so, how will this affect the
mobile computing policy? Describe all the details about this business environment that will be necessary
to support your strategy.
CIS333 – Assignments and Rubrics
3. Research sample policies
Familiarize yourself with various templates and sample policies used in the IT field. Do not just copy
another company’s security policy, but rather learn from the best practices of other companies and apply
them to yours. Use these resources to help structure your policies:
● Information Security Policy Temp.
Social Media for Financial Services, Broker-Dealers and Financial Advisors. FINRA's 10 Commandments, 10-06. Case studies: Morgan Stanley, Charles Schwab, Citi. Principal approval and supervision. Archiving. Policies and training. Applying FINRA's guidelines.
Case Study: Compliance Considerations in Social Media Initiatives
Presented by: Koa Van (David) Chung, Senior Compliance Officer - Sales and Marketing Practices Compliance, Legal & Compliance Department, ING Investment Management – U.S.
All social media projects in the financial services industry rely heavily on the guidance of in-house compliance staff or outside law firms to provide direction and approval on what can or cannot be implemented based on existing government regulations. This discussion will provide you with some important regulatory considerations and compliance guidance when conceptualizing, designing and implementing your social media-related projects.
www.bdionline.com
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxmydrynan
CSIA 413: Cybersecurity Policy, Plans, and ProgramsProject #4: IT Audit Policy and Plans Company Background & Operating Environment
Red Clay Renovations is an internationally recognized, awarding winning firm that specializes in the renovation and rehabilitation of residential buildings and dwellings. The company specializes in updating homes using “smart home” and “Internet of Things” technologies while maintaining period correct architectural characteristics. Please refer to the company profile (file posted in Week 1 > Content > CSIA 413 Red Clay Renovations Company Profile.docx) for additional background information and information about the company’s operating environment.Policy Issue & Plan of Action
The corporate board was recently briefed by the Chief Information Officer concerning the company’s IT Security Program and how this program contributes to the company’s risk management strategy. During the briefing, the CIO presented assessment reports and audit findings from IT security audits. These audits focused upon the technical infrastructure and the effectiveness and efficiency of the company’s implementation of security controls. During the discussion period, members of the corporate board asked about audits of policy compliance and assessments as to the degree that employees were (a) aware of IT security policies and (b) complying with these policies. The Chief Information Officer was tasked with providing the following items to the board before its next quarterly meeting:
(a) Issue Specific Policy requiring an annual compliance audit for IT security policies as documented in the company’s Policy System
(b) Audit Plan for assessing employee awareness of and compliance with IT security policies
a. Are employees aware of the IT security policies in the Employee Handbook?
b. Do employees know their responsibilities under those policies?
(c) Audit Plan for assessing the IT security policy system
a. Do required policies exist?
b. Have they been updated within the past year?
c. Are the policies being reviewed and approved by the appropriate oversight authorities (managers, IT governance board, etc.)?
Your Task Assignment
As a staff member supporting the CISO, you have been asked to research this issue (auditing IT security policy compliance) and then prepare an “approval draft” for a compliance policy. You must also research and draft two separate audit plans (a) employee compliance and (b) policy system audit. The audit policy should not exceed two typed pages in length so you will need to be concise in your writing and only include the most important elements for the policy. Make sure that you include a requirement for an assessment report to be provided to company management and the corporate board of directors.
· For the employee compliance assessment, you must use an interview strategy which includes 10 or more multiple choice questions that can be used to construct a web-based survey of all employees. The questions should be split.
CIS333 – Assignments and Rubrics Assignment 1 Creatin.docxAASTHA76
CIS333 – Assignments and Rubrics
Assignment 1: Creating and Communicating a Security Strategy
First Draft Due Week 4
Final Due Week 6, worth 80 points
As an IT professional, you’ll often be required to communicate policies, standards, and practices in the
workplace. For this assignment, you’ll practice this important task by taking on the role of an IT
professional charged with creating a memo to communicate your company’s new security strategy.
The specific course learning outcomes associated with this assignment are:
• Analyze the importance of network architecture to security operations.
• Apply information security standards to real-world implementation.
• Communicate how problem-solving concepts are applied in a business environment.
• Use information resources to research issues in information systems security.
• Write clearly about network security topics using proper writing mechanics and business formats.
Preparation
1. Review the essential elements of a security strategy
A successful IT administration strategy requires the continuous enforcement of policies, standards, and
practices (procedures) within the organization. Review these elements to see how they compare:
Policy The general statements that direct the organization’s internal and external
communication and goals.
Standards Describe the requirements of a given activity related to the policy. They are more
detailed and specific than policies. In effect, standards are rules that evaluate the
quality of the activity. For example, standards define the structure of the password
and the numbers, letters, and special characters that must be used in order to
create a password.
Practices The written instructions that describe a series of steps to be followed during the
performance of a given activity. Practices must support and enhance the work
environment. Also referred to as procedures.
2. Describe the business environment
You are the IT professional in charge of security for a company that has recently opened within a
shopping mall. Describe the current IT environment at this business. You can draw details from a
company you work for now or for which you have worked in the past. You’ll need to get creative and
identify the details about this business that will influence the policies you’ll create. For example, does the
company allow cell phone email apps? Does the company allow web mail? If so, how will this affect the
mobile computing policy? Describe all the details about this business environment that will be necessary
to support your strategy.
CIS333 – Assignments and Rubrics
3. Research sample policies
Familiarize yourself with various templates and sample policies used in the IT field. Do not just copy
another company’s security policy, but rather learn from the best practices of other companies and apply
them to yours. Use these resources to help structure your policies:
● Information .
Project 1Create an application that displays payroll informatio.docxbriancrawford30935
Project 1:
Create an application that displays payroll information by:
a. Drawing the flowchart for this application.
b. Write the code by using Visual Basic programming language.
Design your application to have the following characteristics:
1. The application should allow the user to enter the following data for ten employees:
· Employee Id
· Number of hours worked
· Hourly pay rate
· Percentage to be withheld for state income tax
· Percentage to be withheld for federal income tax
· Percentage to be withheld for The Federal Insurance Contributions Act ( FICA)
2. The application should calculate and display the following data for each employee (in a one list Box or in multiple list Boxes:
· Gross pay (the number of hours worked multiplied by the hourly pay rate)
· State income tax withholdings (gross pay multiplied by state income tax percentage)
· Federal income tax withholdings (gross pay multiplied by federal income tax percentage)
· FICA withholdings (gross pay multiplied by FICA income tax percentage)
· Net pay (the gross pay minus state income tax, federal income tax, and FICA)
3. When the calculations are performed, be sure to check for the following error:
· If any employee’s state income tax plus federal tax plus FICA is greater than the employee’s gross pay, display an error message stating that the withholdings are too great
4. Make sure to clear all textboxes and labels before entering the information for the new employee
5. Provide ‘Exit’ button which is used to terminate project execution
6. Hitting the [Esc] key should produce the same effect as clicking the ‘Exit’ button
Note: Please, print the flowchart and the source code of your application. Also, I will see the execution of your application.
IT 549 Final Project Guidelines and Rubric
Overview
The final project for this course is the creation of a functional information assurance plan.
The effective management of information and protection of pertinent data is essential for leveraging the required knowledge to serve customers and
stakeholders on a continuous basis. Employing information assurance best practices will ensure a firm is able to eliminate hierarchical structures, become more
flat, and have greater customer touch points by leveraging the correct information at the right time. Successful firms will maintain an established information
assurance plan and posture that are reviewed on a weekly basis.
This assessment will consist of the creation of a functional information assurance plan. You will review a real-world business scenario in order to apply
information assurance research and incorporate industry best practices to your recommendations for specific strategic and tactical steps. These skills are crucial
for you to become a desired asset to organizations seeking industry professionals in the information assurance field.
The project is divided into four milestones, which will be submitted at various points throughout the co.
Your employees as your brand ambassadorsPetra Neiger
You employees can be your biggest brand assets, your social brand ambassadors. 8 case studies from Cisco on how we leverage our employees in social media and why.
1 question minimum 750 words and APA stylewell be focusing on.docxoswald1horne84988
1 question / minimum 750 words and APA style
we'll be focusing on the notion of human perception as both a biological construct and a design consideration. In what ways has HCI historically engaged perception in research and design trends? In what way is HCI now engaging our understanding of perception, and what are some of the major goals and directions for the combination of HCI and Perception?
Requirements:3 Discrete Examples/Arguments
1 Source Each Minimum
General Tips:Directly engage source, theory, and practice
Discuss method, application, understanding, and solution-orientationDiscuss historically, contemporaneously, and project into the future
2 question / minimum 750 words and APA style
the foundation of HCI/HCD research as it stems from human cognitive ability. The notion of how humans (users) think, perceive, and make decisions is critical to developing an understanding of how we can best design to fit their needs. In doing so, we must take into consideration a variety of individual differences, context-based choices on learning approaches, and how our understanding of memory and cognition suggest particular modes of design and insight for our development projects.
For your reflection this week, I want you to find 3 discrete examples of media/tech and break them down with regard to how they allow learning to occur, how they map interactions/tasks according to human cognition and learning models, how they use visual affordances to suggest more functional elements, and how (if at all) they encourage expertise development within their product/service. These examples can be anything from office software and video games to handheld devices and advanced machinery. Whatever you'd like.
Requirements:Minimum 5 uses of HCI terminology (evidence understanding of some cognitive concepts)
3 Different Cases
Give at least 3 different examples per case in your writing, distinctly discussing how they fit into the lecture content
General Tips:Directly engage source, theory, and practice
Discuss how new understandings of the human role and cognitive functions inform practice
Apply HCI understanding to observable design practice
WHAT BINDS WELL-FORMED IT SECURITY POLICIES together is a sense of shared beliefs, purpose, and urgency. Within your organization, you will achieve
that, in part, by establishing principles that create a shared vision, by empowering others to act, and by institutionalizing support processes. It’s important that the
implementation of IT security policies become second nature to the organization. That is, business processes should be designed with the controls needed to
implement and maintain security policies built in.
For example, consider the issue of emergency access to a server in the middle of the night. Gaining access may require going through a firecall system that will issue
an ID and password only when approval by the manager is obtained. In that way security policies are enforced and cannot be bypassed. .
Harrisburg UniversityISEM 547 IT PolicyOb.docxshericehewat
Harrisburg University
ISEM 547
IT Policy
Objectives
Why Policy?
Policy, Procedures, Guidelines
Writing IT Policy (Best Practices)
IT Policy Management
2
IT Policy
3
What is Policy, Procedures, Guidelines & Standards ?
Policy: are principles, rules, and protocols formulated or adopted by an organization to govern its actions.
The requirements outlined in policies, are used to control and guide important organizational decisions (e.g., managerial, financial, administrative, acquisitions, contractual, programmatic, operational, technical, etc.); within the boundaries set by them
Procedures are specific instructions to be used to implement policy requirements in a specific way; they are enforceable through the policy
Guidelines are general rules, practices, and/or instructions that can be referenced to comply with policy; they are not enforceable but recommended as best practices that should be followed
Standards: refer to something that is considered by an authority or by general consent as a basis of comparison (e.g., industry, protocols, academic, etc.)
The purpose of standards is to outline agreed principles or criteria, so that their users can make reliable assumptions about a particular product, service or practice
Standards are often referenced in policies or can be used to frame a policy
Policies should have a formal lifecycle and change management process
4
Why IT Policy is Important
Primary reasons for IT Policy:
Protecting corporate assets (keeping systems and corporate information safe)
The policy aligns stakeholders and drives desired behaviors, actions, and provides guidance on how to do things
Only written and published policy can be used to prove the company has exercised “Due Diligence” in a court of law
There may be legal or regulatory reasons a policy must be created and published (e.g., HIPAA, FTI1075, Federal Green-Book Standard, etc.)
Enable an organization to manage business risk through defined controls that provide a benchmark for audit and corrective action
Without documented policies and procedures each and every employee and contractor will act in accordance with their own perception of acceptable use and system management will be ad-hoc and inconsistent
5
Features of good policy
Features of good policy usually include the following
Specific- Policy should be specific/definite. If it is uncertain, then the implementation will become difficult.
Clear & Understandable - Policy must be unambiguous. It should avoid use of jargons and connotations. There should be no misunderstandings in following the policy. Unclear policies can lead to indecisiveness and uncertainty in minds of those who look into it for guidance
Uniform- Policy must be uniform enough so that it can be efficiently followed by the subordinates.
Appropriate- Policy should be appropriate to the present organizational strategies and goals and address the intended policy objectives.
Simple- A policy shou ...
IT 549 Final Project Guidelines and Rubric Overview .docxchristiandean12115
IT 549 Final Project Guidelines and Rubric
Overview
The final project for this course is the creation of a functional information assurance plan.
The effective management of information and protection of pertinent data is essential for leveraging the required knowledge to serve customers and
stakeholders on a continuous basis. Employing information assurance best practices will ensure a firm is able to eliminate hierarchical structures, become more
flat, and have greater customer touch points by leveraging the correct information at the right time. Successful firms will maintain an established information
assurance plan and posture that are reviewed on a weekly basis.
This assessment will consist of the creation of a functional information assurance plan. You will review a real-world business scenario in order to apply
information assurance research and incorporate industry best practices to your recommendations for specific strategic and tactical steps. These skills are crucial
for you to become a desired asset to organizations seeking industry professionals in the information assurance field.
The project is divided into four milestones, which will be submitted at various points throughout the course to scaffold learning and ensure quality final
submissions. These milestones will be submitted in Modules Two, Four, Five, and Seven. The final product will be submitted in Module Nine.
In this assignment, you will demonstrate your mastery of the following course outcomes:
Assess confidentiality, integrity, and availability of information in a given situation for their relation to an information assurance plan
Propose appropriate protocols for incident and disaster responses and managing security functions that adhere to best practices for information
assurance
Analyze threat environments using information assurance research and industry best practices to inform network governance
Recommend strategies based on information assurance best practices for maintaining an information assurance plan
Evaluate the appropriateness of information assurance decisions about security, access controls, and legal issues
Assess applicable threats and vulnerabilities related to information assurance to determine potential impact on an organization and mitigate associated
risks
Prompt
Your information assurance plan should answer the following prompt: Review the scenario and create an information assurance plan for the organization
presented in the scenario.
Specifically, the following critical elements must be addressed in your plan:
I. Information Assurance Plan Introduction
a) Provide a brief overview of the goals and objectives of your information assurance plan, including the importance of ensuring the confidentiality,
integrity, and availability of information. What are the benefits of creating and maintaining an information assurance plan around those key
concepts?
b) Assess the confi.
Privacy is a topic that inevitably emerges whenever people speak about technology or business. What is it, really? How can you build a program to support it and balance it within our businesses? This session will cover the basics of a privacy program for organisations, some of the more applicable regulations on privacy, how to find the right balance and how to begin to implement your program. We will also discuss how to position your privacy program as a business enabler, establish some lightweight internal governance processes as well as customer and employee communications and awareness, too. Bring your questions and cases to review and analyse.
CIS333 – Assignments and Rubrics Assignment 1 Creating an.docxsleeperharwell
CIS333 – Assignments and Rubrics
Assignment 1: Creating and Communicating a Security Strategy
First Draft Due Week 4, worth 40 points
Final Due Week 6, worth 60 points
As an IT professional, you’ll often be required to communicate policies, standards, and practices in the
workplace. For this assignment, you’ll practice this important task by taking on the role of an IT
professional charged with creating a memo to communicate your company’s new security strategy.
The specific course learning outcomes associated with this assignment are:
• Analyze the importance of network architecture to security operations.
• Apply information security standards to real-world implementation.
• Communicate how problem-solving concepts are applied in a business environment.
• Use information resources to research issues in information systems security.
• Write clearly about network security topics using proper writing mechanics and business formats.
Preparation
1. Review the essential elements of a security strategy
A successful IT administration strategy requires the continuous enforcement of policies, standards, and
practices (procedures) within the organization. Review these elements to see how they compare:
Policy The general statements that direct the organization’s internal and external
communication and goals.
Standards Describe the requirements of a given activity related to the policy. They are more
detailed and specific than policies. In effect, standards are rules that evaluate the
quality of the activity. For example, standards define the structure of the password
and the numbers, letters, and special characters that must be used in order to
create a password.
Practices The written instructions that describe a series of steps to be followed during the
performance of a given activity. Practices must support and enhance the work
environment. Also referred to as procedures.
2. Describe the business environment
You are the IT professional in charge of security for a company that has recently opened within a
shopping mall. Describe the current IT environment at this business. You can draw details from a
company you work for now or for which you have worked in the past. You’ll need to get creative and
identify the details about this business that will influence the policies you’ll create. For example, does the
company allow cell phone email apps? Does the company allow web mail? If so, how will this affect the
mobile computing policy? Describe all the details about this business environment that will be necessary
to support your strategy.
CIS333 – Assignments and Rubrics
3. Research sample policies
Familiarize yourself with various templates and sample policies used in the IT field. Do not just copy
another company’s security policy, but rather learn from the best practices of other companies and apply
them to yours. Use these resources to help structure your policies:
● Information Security Policy Temp.
Social Media for Financial Services, Broker-Dealers and Financial Advisors. FINRA's 10 Commandments, 10-06. Case studies: Morgan Stanley, Charles Schwab, Citi. Principal approval and supervision. Archiving. Policies and training. Applying FINRA's guidelines.
Case Study: Compliance Considerations in Social Media Initiatives
Presented by: Koa Van (David) Chung, Senior Compliance Officer - Sales and Marketing Practices Compliance, Legal & Compliance Department, ING Investment Management – U.S.
All social media projects in the financial services industry rely heavily on the guidance of in-house compliance staff or outside law firms to provide direction and approval on what can or cannot be implemented based on existing government regulations. This discussion will provide you with some important regulatory considerations and compliance guidance when conceptualizing, designing and implementing your social media-related projects.
www.bdionline.com
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxmydrynan
CSIA 413: Cybersecurity Policy, Plans, and ProgramsProject #4: IT Audit Policy and Plans Company Background & Operating Environment
Red Clay Renovations is an internationally recognized, awarding winning firm that specializes in the renovation and rehabilitation of residential buildings and dwellings. The company specializes in updating homes using “smart home” and “Internet of Things” technologies while maintaining period correct architectural characteristics. Please refer to the company profile (file posted in Week 1 > Content > CSIA 413 Red Clay Renovations Company Profile.docx) for additional background information and information about the company’s operating environment.Policy Issue & Plan of Action
The corporate board was recently briefed by the Chief Information Officer concerning the company’s IT Security Program and how this program contributes to the company’s risk management strategy. During the briefing, the CIO presented assessment reports and audit findings from IT security audits. These audits focused upon the technical infrastructure and the effectiveness and efficiency of the company’s implementation of security controls. During the discussion period, members of the corporate board asked about audits of policy compliance and assessments as to the degree that employees were (a) aware of IT security policies and (b) complying with these policies. The Chief Information Officer was tasked with providing the following items to the board before its next quarterly meeting:
(a) Issue Specific Policy requiring an annual compliance audit for IT security policies as documented in the company’s Policy System
(b) Audit Plan for assessing employee awareness of and compliance with IT security policies
a. Are employees aware of the IT security policies in the Employee Handbook?
b. Do employees know their responsibilities under those policies?
(c) Audit Plan for assessing the IT security policy system
a. Do required policies exist?
b. Have they been updated within the past year?
c. Are the policies being reviewed and approved by the appropriate oversight authorities (managers, IT governance board, etc.)?
Your Task Assignment
As a staff member supporting the CISO, you have been asked to research this issue (auditing IT security policy compliance) and then prepare an “approval draft” for a compliance policy. You must also research and draft two separate audit plans (a) employee compliance and (b) policy system audit. The audit policy should not exceed two typed pages in length so you will need to be concise in your writing and only include the most important elements for the policy. Make sure that you include a requirement for an assessment report to be provided to company management and the corporate board of directors.
· For the employee compliance assessment, you must use an interview strategy which includes 10 or more multiple choice questions that can be used to construct a web-based survey of all employees. The questions should be split.
CIS333 – Assignments and Rubrics Assignment 1 Creatin.docxAASTHA76
CIS333 – Assignments and Rubrics
Assignment 1: Creating and Communicating a Security Strategy
First Draft Due Week 4
Final Due Week 6, worth 80 points
As an IT professional, you’ll often be required to communicate policies, standards, and practices in the
workplace. For this assignment, you’ll practice this important task by taking on the role of an IT
professional charged with creating a memo to communicate your company’s new security strategy.
The specific course learning outcomes associated with this assignment are:
• Analyze the importance of network architecture to security operations.
• Apply information security standards to real-world implementation.
• Communicate how problem-solving concepts are applied in a business environment.
• Use information resources to research issues in information systems security.
• Write clearly about network security topics using proper writing mechanics and business formats.
Preparation
1. Review the essential elements of a security strategy
A successful IT administration strategy requires the continuous enforcement of policies, standards, and
practices (procedures) within the organization. Review these elements to see how they compare:
Policy The general statements that direct the organization’s internal and external
communication and goals.
Standards Describe the requirements of a given activity related to the policy. They are more
detailed and specific than policies. In effect, standards are rules that evaluate the
quality of the activity. For example, standards define the structure of the password
and the numbers, letters, and special characters that must be used in order to
create a password.
Practices The written instructions that describe a series of steps to be followed during the
performance of a given activity. Practices must support and enhance the work
environment. Also referred to as procedures.
2. Describe the business environment
You are the IT professional in charge of security for a company that has recently opened within a
shopping mall. Describe the current IT environment at this business. You can draw details from a
company you work for now or for which you have worked in the past. You’ll need to get creative and
identify the details about this business that will influence the policies you’ll create. For example, does the
company allow cell phone email apps? Does the company allow web mail? If so, how will this affect the
mobile computing policy? Describe all the details about this business environment that will be necessary
to support your strategy.
CIS333 – Assignments and Rubrics
3. Research sample policies
Familiarize yourself with various templates and sample policies used in the IT field. Do not just copy
another company’s security policy, but rather learn from the best practices of other companies and apply
them to yours. Use these resources to help structure your policies:
● Information .
Project 1Create an application that displays payroll informatio.docxbriancrawford30935
Project 1:
Create an application that displays payroll information by:
a. Drawing the flowchart for this application.
b. Write the code by using Visual Basic programming language.
Design your application to have the following characteristics:
1. The application should allow the user to enter the following data for ten employees:
· Employee Id
· Number of hours worked
· Hourly pay rate
· Percentage to be withheld for state income tax
· Percentage to be withheld for federal income tax
· Percentage to be withheld for The Federal Insurance Contributions Act ( FICA)
2. The application should calculate and display the following data for each employee (in a one list Box or in multiple list Boxes:
· Gross pay (the number of hours worked multiplied by the hourly pay rate)
· State income tax withholdings (gross pay multiplied by state income tax percentage)
· Federal income tax withholdings (gross pay multiplied by federal income tax percentage)
· FICA withholdings (gross pay multiplied by FICA income tax percentage)
· Net pay (the gross pay minus state income tax, federal income tax, and FICA)
3. When the calculations are performed, be sure to check for the following error:
· If any employee’s state income tax plus federal tax plus FICA is greater than the employee’s gross pay, display an error message stating that the withholdings are too great
4. Make sure to clear all textboxes and labels before entering the information for the new employee
5. Provide ‘Exit’ button which is used to terminate project execution
6. Hitting the [Esc] key should produce the same effect as clicking the ‘Exit’ button
Note: Please, print the flowchart and the source code of your application. Also, I will see the execution of your application.
IT 549 Final Project Guidelines and Rubric
Overview
The final project for this course is the creation of a functional information assurance plan.
The effective management of information and protection of pertinent data is essential for leveraging the required knowledge to serve customers and
stakeholders on a continuous basis. Employing information assurance best practices will ensure a firm is able to eliminate hierarchical structures, become more
flat, and have greater customer touch points by leveraging the correct information at the right time. Successful firms will maintain an established information
assurance plan and posture that are reviewed on a weekly basis.
This assessment will consist of the creation of a functional information assurance plan. You will review a real-world business scenario in order to apply
information assurance research and incorporate industry best practices to your recommendations for specific strategic and tactical steps. These skills are crucial
for you to become a desired asset to organizations seeking industry professionals in the information assurance field.
The project is divided into four milestones, which will be submitted at various points throughout the co.
Your employees as your brand ambassadorsPetra Neiger
You employees can be your biggest brand assets, your social brand ambassadors. 8 case studies from Cisco on how we leverage our employees in social media and why.
1 question minimum 750 words and APA stylewell be focusing on.docxoswald1horne84988
1 question / minimum 750 words and APA style
we'll be focusing on the notion of human perception as both a biological construct and a design consideration. In what ways has HCI historically engaged perception in research and design trends? In what way is HCI now engaging our understanding of perception, and what are some of the major goals and directions for the combination of HCI and Perception?
Requirements:3 Discrete Examples/Arguments
1 Source Each Minimum
General Tips:Directly engage source, theory, and practice
Discuss method, application, understanding, and solution-orientationDiscuss historically, contemporaneously, and project into the future
2 question / minimum 750 words and APA style
the foundation of HCI/HCD research as it stems from human cognitive ability. The notion of how humans (users) think, perceive, and make decisions is critical to developing an understanding of how we can best design to fit their needs. In doing so, we must take into consideration a variety of individual differences, context-based choices on learning approaches, and how our understanding of memory and cognition suggest particular modes of design and insight for our development projects.
For your reflection this week, I want you to find 3 discrete examples of media/tech and break them down with regard to how they allow learning to occur, how they map interactions/tasks according to human cognition and learning models, how they use visual affordances to suggest more functional elements, and how (if at all) they encourage expertise development within their product/service. These examples can be anything from office software and video games to handheld devices and advanced machinery. Whatever you'd like.
Requirements:Minimum 5 uses of HCI terminology (evidence understanding of some cognitive concepts)
3 Different Cases
Give at least 3 different examples per case in your writing, distinctly discussing how they fit into the lecture content
General Tips:Directly engage source, theory, and practice
Discuss how new understandings of the human role and cognitive functions inform practice
Apply HCI understanding to observable design practice
WHAT BINDS WELL-FORMED IT SECURITY POLICIES together is a sense of shared beliefs, purpose, and urgency. Within your organization, you will achieve
that, in part, by establishing principles that create a shared vision, by empowering others to act, and by institutionalizing support processes. It’s important that the
implementation of IT security policies become second nature to the organization. That is, business processes should be designed with the controls needed to
implement and maintain security policies built in.
For example, consider the issue of emergency access to a server in the middle of the night. Gaining access may require going through a firecall system that will issue
an ID and password only when approval by the manager is obtained. In that way security policies are enforced and cannot be bypassed. .
Harrisburg UniversityISEM 547 IT PolicyOb.docxshericehewat
Harrisburg University
ISEM 547
IT Policy
Objectives
Why Policy?
Policy, Procedures, Guidelines
Writing IT Policy (Best Practices)
IT Policy Management
2
IT Policy
3
What is Policy, Procedures, Guidelines & Standards ?
Policy: are principles, rules, and protocols formulated or adopted by an organization to govern its actions.
The requirements outlined in policies, are used to control and guide important organizational decisions (e.g., managerial, financial, administrative, acquisitions, contractual, programmatic, operational, technical, etc.); within the boundaries set by them
Procedures are specific instructions to be used to implement policy requirements in a specific way; they are enforceable through the policy
Guidelines are general rules, practices, and/or instructions that can be referenced to comply with policy; they are not enforceable but recommended as best practices that should be followed
Standards: refer to something that is considered by an authority or by general consent as a basis of comparison (e.g., industry, protocols, academic, etc.)
The purpose of standards is to outline agreed principles or criteria, so that their users can make reliable assumptions about a particular product, service or practice
Standards are often referenced in policies or can be used to frame a policy
Policies should have a formal lifecycle and change management process
4
Why IT Policy is Important
Primary reasons for IT Policy:
Protecting corporate assets (keeping systems and corporate information safe)
The policy aligns stakeholders and drives desired behaviors, actions, and provides guidance on how to do things
Only written and published policy can be used to prove the company has exercised “Due Diligence” in a court of law
There may be legal or regulatory reasons a policy must be created and published (e.g., HIPAA, FTI1075, Federal Green-Book Standard, etc.)
Enable an organization to manage business risk through defined controls that provide a benchmark for audit and corrective action
Without documented policies and procedures each and every employee and contractor will act in accordance with their own perception of acceptable use and system management will be ad-hoc and inconsistent
5
Features of good policy
Features of good policy usually include the following
Specific- Policy should be specific/definite. If it is uncertain, then the implementation will become difficult.
Clear & Understandable - Policy must be unambiguous. It should avoid use of jargons and connotations. There should be no misunderstandings in following the policy. Unclear policies can lead to indecisiveness and uncertainty in minds of those who look into it for guidance
Uniform- Policy must be uniform enough so that it can be efficiently followed by the subordinates.
Appropriate- Policy should be appropriate to the present organizational strategies and goals and address the intended policy objectives.
Simple- A policy shou ...
IT 549 Final Project Guidelines and Rubric Overview .docxchristiandean12115
IT 549 Final Project Guidelines and Rubric
Overview
The final project for this course is the creation of a functional information assurance plan.
The effective management of information and protection of pertinent data is essential for leveraging the required knowledge to serve customers and
stakeholders on a continuous basis. Employing information assurance best practices will ensure a firm is able to eliminate hierarchical structures, become more
flat, and have greater customer touch points by leveraging the correct information at the right time. Successful firms will maintain an established information
assurance plan and posture that are reviewed on a weekly basis.
This assessment will consist of the creation of a functional information assurance plan. You will review a real-world business scenario in order to apply
information assurance research and incorporate industry best practices to your recommendations for specific strategic and tactical steps. These skills are crucial
for you to become a desired asset to organizations seeking industry professionals in the information assurance field.
The project is divided into four milestones, which will be submitted at various points throughout the course to scaffold learning and ensure quality final
submissions. These milestones will be submitted in Modules Two, Four, Five, and Seven. The final product will be submitted in Module Nine.
In this assignment, you will demonstrate your mastery of the following course outcomes:
Assess confidentiality, integrity, and availability of information in a given situation for their relation to an information assurance plan
Propose appropriate protocols for incident and disaster responses and managing security functions that adhere to best practices for information
assurance
Analyze threat environments using information assurance research and industry best practices to inform network governance
Recommend strategies based on information assurance best practices for maintaining an information assurance plan
Evaluate the appropriateness of information assurance decisions about security, access controls, and legal issues
Assess applicable threats and vulnerabilities related to information assurance to determine potential impact on an organization and mitigate associated
risks
Prompt
Your information assurance plan should answer the following prompt: Review the scenario and create an information assurance plan for the organization
presented in the scenario.
Specifically, the following critical elements must be addressed in your plan:
I. Information Assurance Plan Introduction
a) Provide a brief overview of the goals and objectives of your information assurance plan, including the importance of ensuring the confidentiality,
integrity, and availability of information. What are the benefits of creating and maintaining an information assurance plan around those key
concepts?
b) Assess the confi.
Privacy is a topic that inevitably emerges whenever people speak about technology or business. What is it, really? How can you build a program to support it and balance it within our businesses? This session will cover the basics of a privacy program for organisations, some of the more applicable regulations on privacy, how to find the right balance and how to begin to implement your program. We will also discuss how to position your privacy program as a business enabler, establish some lightweight internal governance processes as well as customer and employee communications and awareness, too. Bring your questions and cases to review and analyse.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
2. Page 2
– Table of Contents –
Purpose/Executive Summary 3
Overview 3
Scope 3
Compliance Effective Date 4
Policy Statements 4
Policy Compliance 5
Definitions 6
Appendix A: Cisco Social Media Guidelines 6
Appendix B: Frequently Asked Questions 7
3. Page 3
Purpose/Executive Summary
The purpose of this document is to provide requirements for how employees should participate in the
social Web.
This document is designed to educate employees on how to:
Navigate in the many social networking medias;
Engage with our many audiences in the social Web; and
Be most effective in this up-close-and-personal, ever-changing environment.
Overview
Social media is a newer communication channel, but it doesn’t change the basic rules of honesty,
courtesy and respect that Cisco promotes as a company and each of you promote and represent in your
day to day work lives as a Cisco employee.
Let’s start with the Cisco Code of Business Conduct, the same basic rules and principles that guide our
behaviors every day at work should be synonymous in governing our online behavior.
The Cisco Code of Business Conduct stresses our values of open communication, empowerment,
inclusion, integrity and trust. These same values are applicable to best practices in using social media.
Cisco’s Social Media Policy reflects the company’s culture of transparency, authenticity and openness. It
also reinforces the company’s philosophy to empower employees to connect directly with its stakeholders
using social media.
If you are ever unsure of whether to post, comment or respond on the social Web, submit a question on
the discussion forum on Global Social Media Community for guidance.
We recognize the importance of participating in these online conversations and want to provide a clear
and purposeful social media policy for all Cisco employees to follow to help protect both the employees
and Cisco.
Note: Much of the content included in this document applies to all internet-posted content, including but
not exclusively limited to, social networking sites. Lastly, for transparency, this document is available for
external use; however, some of the links included are for internal use only and can only be accessed
through the Cisco Employee Connection (CEC).
Scope
If you are a Cisco employee, vendor or contractor creating or contributing to blogs, wikis, social networks,
discussion forums or any other kind of social media, whether on Cisco.com or otherwise—this document
applies to you.
Some policy statements included in this document are implemented differently depending on regional,
local, and geographic differences. When in doubt about any information contained in this document,
employees should talk to their manager or local Human Resources representative. All information
4. Page 4
contained within this document is subject to any applicable country, state, and/or local laws. The Policy
contained in this document will not be interpreted or enforced in any way that would interfere with an
employee’s rights under the National Labor Relations Act.
Compliance Effective Date
Cisco reserves the right to modify or eliminate any or all parts of this document, and employees are
responsible for regularly reviewing it to remain up-to-date. Violations of the provisions in this document
may result in disciplinary action up to and including termination of employment.
Cisco will communicate any significant changes to this document through email, Cisco Employee
Connection (CEC) posting, IWE, and / or other communication vehicles.
Effective 03/15/2011
Policy Statements
Employees should use this document in conjunction with the Cisco Code of Business Conduct, the
policies within Policy Central, the Cisco Information Security Policies and Standards and Cisco’s
Employee Resource Handbook, Cisco Connections. All resources mentioned above may be updated from
time to time.
Cisco’s fundamental social media principles include:
Cisco employees may use social networking sites while at work and to conduct business.
Cisco does not block employees’ access to social networking sites as the company believes in
empowering its workforce and instills trust in employees to work responsibly and adhere to the Cisco
Code of Business Conduct.
Though Cisco encourages the use of social media, employees must adhere to these policies and
guidelines when using social media.
Outlined below is the official policy—the rules you must follow—for social media at Cisco.
1. When your participating in social networking sites, be transparent about who you are while
discussing Cisco’s business and related industry topics. Use your real identity—no aliases— and your
real voice, and disclose your affiliation with Cisco. The anonymity of the Web sometimes encourages
carelessness, and being upfront about your identity can avoid problems. For transparency, please
provide a disclaimer if using a non-Cisco sponsored tool.
Cisco-sponsored blog disclaimer:
“Some of the individuals posting to this site, [including the moderators,] work
for Cisco. Opinions expressed here and in any corresponding comments are
the personal opinions of the original authors, not those of Cisco.”
Third party blog disclaimer:
“The opinions expressed in this blog are my own views and not those of
Cisco.”
5. Page 5
2. When engaging online to communicate anything related to Cisco business, you must read,
understand and abide by this policy. Keep applicable policies in mind that can be found in the related
policy section.
3. When engaging online, do not commit Cisco to any action unless you have authority to do so.
4. When engaging online, protect Cisco and your reputation. Avoid any statement or comment that
might harm Cisco’s reputation. You represent Cisco and the Cisco brand. As an employee and
possibly a shareholder, your actions both on and offline can affect perceptions about the Company
and shareholder return.
5. When engaging online, do not post any confidential, internal-use only or copyrighted
information belonging to Cisco or third parties without written permission. Information to be
protected includes music, videos, text and photographs.
Please refer to the Proprietary Information and Inventions Agreement and the Data
Classification Policy for more information. See also the “Frequently Asked Questions” section of
this document to obtain more information on “Proprietary and Confidential Information” and
“Copyrights, Trademarks, Photos and Logos.”
6. Do not make statements about Cisco’s financial performance. Refer any questions to a Cisco
Investor Relations representative.
7. Maintain confidentiality of “internal only” information. Do not share any information marked “For
Internal Use Only.”
8. For social networking sites such as LinkedIn where personal and professional references are
the focus: If you are representing yourself as a Cisco employee, you may not provide professional
references about any current or former employee, contactor, vendor or contingent worker. You may
provide a personal reference or recommendation for current or former Cisco employees,
contractors, vendors and contingent workers provided a) the statements made and information
provided in the reference are factually accurate; and b) you include the disclaimer below.
“This reference is being made by me in a personal capacity. It is not intended and should not be
construed as a reference from Cisco Systems Inc. or any of its affiliated entities.”
9. Do not post anything that is defamatory, offensive, harassing, or in violation of any applicable
law or any Cisco policy.
10. Do not engage with the news media or industry analysts (e.g., Wall Street Journal,
InformationWeek, Gartner, Forrester) to discuss Cisco strategy and/or business without PR and AR
consultation and approval. If you are contacted by a member of the news media or similar outlets,
consult your PR representative or AR representative before responding.
Policy Compliance
2.1 Compliance Measurement
Compliance with Cisco policies is required. Compliance to this policy is verified through various methods,
including but not limited to, reports from available business tools, internal and external audits, self-
assessment, and/or feedback to the policy owner.
Non-compliance with this policy may result in potentially significant reputational and legal risk to Cisco.
2.2 Exceptions
There are no exceptions to this policy.
6. Page 6
2.3 Non-Compliance
Compliance with Cisco policies is required. Deviations or non-compliance with this policy, including
attempts to circumvent the stated policy/process by bypassing or knowingly manipulating the process,
system, or data may result in disciplinary actions, up to and including termination, as allowed by local
laws.
Definitions
The following terms and definitions are used in this document. They have all been taken from Wikipedia,
the online, free encyclopedia.
Facebook Facebook is a social network service and website launched in February 2004 that
is operated and privately owned by Facebook, Inc.
LinkedIn LinkedIn is a business-oriented social networking site. Founded in December
[3]
2002 and launched in May 2003, it is mainly used for professional networking.
Social Media Social media are media for social interaction, using highly accessible and scalable
communication techniques.
Social Network A social network is a social structure made up of individuals (or organizations)
called "nodes", which are tied (connected) by one or more specific types of
interdependency, such as friendship, kinship, common interest, financial
exchange, dislike, sexual relationships, or relationships of beliefs, knowledge or
prestige.
Social Web The Social Web is a specified term for the World Wide Web as a kind of Social
Media.
Twitter Twitter is a website, owned and operated by Twitter Inc., which offers a social
networking and microblogging service, enabling its users to send and read
messages called tweets.
Appendix A: Cisco Social Media Guidelines
The following social media guidelines provide recommendations and best practices to guide you when
participating in the social Web. These guidelines are meant to provide helpful, practical advice and help to
set expectations on how to behave online. In some cases, they help you comply with the Policy above.
1. Do not engage in inflammatory or inappropriate discussions about competitors. Always be
professional. Avoid speaking negatively about competitors. Instead, highlight Cisco’s strengths. Do
not cite or reference clients, partners or suppliers without their approval. When you do make a
reference, where possible link back to the source.
2. Be responsible. You are personally responsible for the content you provide and how you behave on
the social Web. We do encourage you to participate in the online social media space, but urge you to
do so properly, exercising solid judgment.
3. Be aware of laws covering defamation, insider trading, financial disclosures, endorsements and
testimonials, antitrust, competition, privacy, and the protection of intellectual property.
4. Be authentic, factual and respectful at all times. Use your real identity. Provide informed, well-
supported opinions and cite sources, if applicable. Though social media sites are a more casual form
of communication, be sure to remain professional and use a positive tone of voice. Be respectful of
your colleagues, Cisco and our competitors.
5. Avoid engaging in on-line disputes with your audience. Don't use slurs, personal insults or
obscenity, and always respect privacy concerns. Avoid language that may be considered
7. Page 7
objectionable or inflammatory. Show that you have listened and be responsive. If you disagree,
respond in professional and respectful manner.
6. Be honest. Always tell the truth. Correct any mistakes you make as quickly as possible. Don’t alter
older posts without indicating that you have done so.
7. Add value. Express an interesting point of view and worthwhile information and perspective. When
speaking about Cisco, offer your subject matter expertise and contact your PR representative if
unsure whether a topic is appropriate.
8. Build relationships. Focus on engagement with the audience and building trust to develop
relationships rather than using your social networking site solely as a marketing tool to sell Cisco
products or to promote yourself.
9. Be mindful of the indefinite life of Internet postings. You should assume that all Internet postings,
including those posted in a private forum, can be made public and searchable for a long time. Private
discussions may inadvertently or intentionally get posted externally.
10. Know that it’s almost impossible to completely remove information from the social Web even if
you “remove/delete” it from the original source. There is no way of knowing where it may have been
reposted. Also, if you edited your original posts, there is no way to ensure that the last post is what
people will see.
11. Review the privacy settings of the social networking site you are using. Choose social sites and
appropriate settings depending on the content you are posting. Understand that when your content is
posted on a public social network, all posts and comments may be traceable. Any information that
you post should be considered at risk for public disclosure, regardless of your privacy settings since
your postings can be reposted elsewhere and may be viewed by people other than your intended
audience.
12. Be aware of global implications. Your posts can have global significance. The way that you answer
an online question might be appropriate in some parts of the world, but inaccurate, inappropriate (or
even illegal) in others. Keep that “world view” in mind when you are participating in online
conversations. If you have a question about global relevance, please contact the appropriate PR
representative for guidance.
Appendix B: Frequently Asked Questions
Social Media Use as Part of Your Job
1 May I use social tools as part of my job?
2 What is my responsibility as a Cisco employee when I participate in social networking sites
externally?
3 Is it appropriate for managers and subordinates to “friend” each other on social networking sites?
4 Are there training workshops available to learn how to improve my blogging?
5 What tools are available for searching the social Web for blog posts, Tweets, and other social
networking media?
6 May I provide a reference about a former employee on LinkedIn or other reference-based social
sites?
Personal Social Media Guidelines
1 May I discuss Cisco business on my own personal blog or social networking site?
2 What should I be aware of before I post personal information about myself on social networking
sites?
3 Is it OK to use my own personal social networking login account (such as YouTube, Flickr or
other social media sharing site) when posting Cisco content, videos or photos externally?
8. Page 8
4 Can I be terminated from my job if I post a negative comment on my personal social networking
site, such as Facebook or Twitter, on my personal time about Cisco and perceived work
conditions?
Responding to Comments on Social Networking Sites
1 What is Cisco’s policy guidance around publishing comments?
2 If I receive a negative comment on a Cisco-sponsored social networking site, how should I
respond?
3 What should I consider when crafting a response to a negative comment?
Proprietary and Confidential Information
1 How do I determine what information is proprietary or confidential, and whether or not it is OK to
post externally?
2 May I disclose confidential information in Second Life?
FTC Endorsement Guideline
1 What should I know about posting endorsements about Cisco products or services on the social
Web?
Trademarks
1 What should I be aware of when posting the Cisco logo or trademarks to social networking sites?
Copyrights
1 What are the copyright guidelines around posting content that is not mine?
2 Do I need to obtain written permission and/or copyrights (usage rights) from my manager and/or a
customer or third party who may own a portion of the video or who appears in the video?
Photos and Logos
1 May I use photos from the Cisco Marketing Library on my social networking site/blog?
2 May I publish someone else’s photograph on my personal social networking site or internal blog?
Video Use and Guidelines
1 May I post an internal Cisco video to an external video sharing site such as YouTube?
2 May I post a non-internal video to external video sharing sites such as YouTube, Yahoo Video,
etc.? What is the policy surrounding posting video to an external site?
3 I’d like for a third party to be included in a Cisco video that will be published to an external video
sharing site. What are the guidelines for this?
Social Media Use as Part of Your Job
1. May I use social tools (both Cisco-sponsored such as http://blogs.cisco.com and third party
sites such as http://facebook.com or http://twitter.com ) as it relates to my job and job
function?
Answer: You may, as long as you read and abide by this Social Media Policy, Guidelines and FAQs
rd
document. For transparency, please include a disclaimer on your blog posts. If you are using a 3
party blog site and have control over the design, you may make the following statement in a
permanent and prominent space on the blog, such as in the header. It has to be visible for every
piece of content that speaks about Cisco, Cisco products or any aspect of Cisco business.
____________________________________________________________
Cisco-sponsored blog disclaimer:
“Some of the individuals posting to this site, [including the moderators,] work
for Cisco. Opinions expressed here and in any corresponding comments are
the personal opinions of the original authors, not those of Cisco.”
9. Page 9
Third party blog disclaimer:
“The opinions expressed in this blog are my own views and not those of
Cisco.”
If you comment on any aspect of Cisco’s business on a social media site, please identify yourself as a
Cisco employee in a prominent place (bio, profile, etc.) on the website. (For example: If you are using
Twitter to promote Cisco, you must clearly state in your “bio” that you work for Cisco.)
You must also ensure that you follow the Cisco Code of Business Conduct.
If you are a non-employee and are interested in using social networking tools you should discuss this
with your employer and obtain its approval. Your employer will then coordinate this activity with your
Cisco sponsor. You will need to make sure that you identify yourself as an employee of your company
that is on assignment with Cisco. Under no circumstances should you, as a vendor, consultant,
contractor or other third party, represent that you are a Cisco employee.
2. What is my responsibility as a Cisco employee when I participate in social networking sites
externally?
Answer: While your conduct online reflects upon Cisco, in most cases you will not be speaking on
behalf of Cisco. The purpose of your participation in social networking outlets should be to
communicate your own viewpoints. Be sure to check the Cisco Code of Business Conduct, this policy
and other corporate policies for additional guidance.
Do not post inappropriate, disrespectful comments to your blog, or post comments that are intended
to embarrass Cisco, your co-workers or customers. Always act professionally at all times. If you have
suggestions and comments for improvements at Cisco, please state them constructively and leverage
the proper internal channels.
If you witness illegal, unsafe or unethical conduct by a Cisco employee or vendor, we would prefer
that you not discuss this in your blog. Instead, for example, you should contact the ethics office which
is confidential and anonymous to report issues such as the following:
Theft, fraud or any other dishonest conduct
Discrimination or harassment
Waste or abuse of Cisco resources
Conflicts of interest
Unsafe situations
Mismanagement
Any actions that violate the Cisco Code of Business Conduct
Reporting the issues directly to those who can make corrections is the best course of action. Posting
a concern to a social networking site may not be the most direct and most efficient way to resolve
these types of issues. Cisco wants to hear your concerns and has a team that vigorously follows up
and investigates concerns raised by employees and others.
3. Is it appropriate for managers and subordinates to “friend” each other on social networking
sites?
Answer: Managers and their subordinates are free to “friend” each other on social networking sites.
Both managers and employees, however, should be mindful of avoiding any
10. Page 10
interactions/communications that may create a conflict of interest or that may compromise Cisco’s
ability to enforce its policies, especially its policies against nepotism, harassment and discrimination.
Please see Cisco Connections—an Employee Resource Handbook for more information.
4. Are there training workshops available to learn how to improve my social media
skills?
Answer: Yes, Cisco offers several social media workshops (Intro to Blogs, SEO for Blogs, Intro to
Social Media, etc.) and social media training workshops as well as a social media certification
program. You can learn more about Cisco’s blog and social media workshops by visiting the
marketing workshops website as well as the global social media website where you will find a
calendar of other industry-related conferences and seminars. Also, be sure to review the Global
Social Media Community for answers to frequently asked questions or to post a new thread and a
member of the social media marketing team will respond.
5. What tools are available for searching the social Web for blog posts, Tweets, and other
social networking media?
Answer: You can use the following tools to help aggregate and search for content on the social Web.
Technorati: www.technorati.com
Google Blog Search: http://blogsearch.google.com
Twitter: http://search.twitter.com
Alltop: www.alltop.com
6. May I provide a reference or recommendation about a former or current employee on
LinkedIn or other reference-based social sites?
Answer: You may provide personal references for current or former Cisco employees provided that
the statements made and information provided in the reference are factually accurate. You should
also use the disclaimer noted below.
“This reference is being made by me in a personal capacity. It is not intended and
should not be construed as a reference from Cisco Systems Inc. or any of its
affiliated entities.”
If you are representing yourself as a Cisco employee, it is against Cisco policy to provide employment
reference information for any current or former Cisco employee.
Personal Social Media Guidelines
1. May I discuss Cisco business on my own personal blog or social networking site?
Answer: Yes, you may discuss issues related to Cisco on your own personal blog or social
networking site subject to your confidentiality obligations and compliance with all applicable laws and
Cisco policies. You are legally and financially responsible for your own postings.
If you comment on any aspect of Cisco’s business, including our competition, please see the
“Policy” section in this document.
Please use the following disclaimer on your personal social networking site:
11. Page 11
“The opinions expressed in this blog are my own views and not those of
Cisco.”
2. What should I be aware of before I post personal information about myself on social
networking sites?
Answer: We encourage you to create user accounts under your true name. Using a pseudonym may
diminish the credibility of your contributions online. Even anonymous comments and updates can be
traced back to you or Cisco using IP addresses and other tracking technology. Only post personal
information that you want the public to view on the social Web and avoid posting information that
would make you vulnerable to identity theft or may compromise your safety. Social engineering is a
common threat on social networking sites. Be sure to review the privacy policies of the social
networking sites that you choose to use. It is almost impossible to remove information from the Web
since it may be re-posted on other sites without your knowledge, and may be viewed beyond your
intended audience.
3. Is it OK to use my own personal social networking login account (such as Flickr or YouTube,
or other social media sharing site) when posting Cisco content, videos or photos externally?
Answer: No. Do not use your personal accounts when posting Cisco videos or photos to external
sharing sites.
For YouTube, please work with Cisco’s social media marketing team and submit video requests to
the alias, submitforyoutube@external.cisco.com, to be included to the corporate branded YouTube
channel. Remember that only Cisco public videos may be posted to external video sharing sites. For
Flickr, please work with the Social Media Communications team,
socialmediacommunications@cisco.com as they have a corporate account for posting photos.
Sites such as Facebook and LinkedIn will not allow you to register team alias accounts. The person in
charge of creating a Fan Page or Group for their teams should create an account for business use
only using your cisco.com email address. You can then create the Fan Pages and Groups off of that
non-personal account. These accounts should be used separately from your personal accounts which
would be registered using your personal email address.
4. Can I be terminated from my job if I post a negative comment on my personal social
networking site, such as Facebook or Twitter, on my personal time about Cisco and
perceived work conditions?
Answer: A social networking site is probably not the best place to air your grievances. We
recommend that you go through the proper Cisco channel to register your complaints. If discussing
the issue at hand with your management chain is not an option, you should contact the ethics office
or Human Resources at Cisco, which can be done anonymously. Employees will not, however, be
disciplined or retaliated against for exercising their rights protected under the U.S. National Labor
Relations Act or other similar laws. But note that if the comments posted are not protected by law
and in violation of Cisco Code of Business Conduct or damaging to Cisco business, Cisco may
choose to take disciplinary action up to and including termination.
Responding to Comments on Social Networking Sites
1. What is Cisco’s policy around publishing comments?
Answer: We do not promote censorship of your online posting. For official Cisco blogs, both internal
12. Page 12
and external, Twitter and Facebook (to name a few), it is our practice to post all comments except
those that may be off-topic or may create liability as a result of the content. We do have the right to
remove any posted comment, video and/or photograph that is not appropriate for the topic discussed,
uses inappropriate language, or was posted without obtaining written permission.
2. What if I read a post on a Cisco-sponsored or third party social networking site that is not
accurate? Do I have to respond and provide an accurate comment?
Answer: You should not always feel the need to be the one to respond to something you see or read
online. If you are perusing the social Web and see a blog posting on a third party blog, for example,
and you are not the subject matter expert, you can contact the appropriate person to respond. With
all of the powerful internal tools we have in-house to find experts on every topic, you should be
encouraged to use them to find the best and most accurate responses. Also, remember that not
everything warrants a response, so be sure you are adding value when commenting, and do not
comment just for the sake of commenting.
3. If I receive a negative comment on a Cisco-sponsored social networking site, how should I
respond?
Answer: If a reader leaves a negative comment, it is recommended that you do not delete the
comment for transparency reasons. If the comment contains disrespectful or derogatory language
you may consider NOT posting it. We do encourage you to publish most comments because it
encourages people with different viewpoints and opinions to join the conversation, to debate, and to
discuss their side of a specific argument.
Receiving a negative comment about a Cisco product or service ultimately provides an opportunity to
respond to the negative comment and reframe it in a positive light. Censoring comments discourages
participation and social media is, after all, all about public participation and conversations.
Remember: more often than not, the negative comments are from people trying to provoke a
response. Check with your manager or PR representative if you are unsure how to respond.
Be sure that your blog settings allow you to moderate comments on your posts (all comments on
Cisco-sponsored blogs are moderated prior to publishing) and review and remove any potentially
undesirable links that may cause disruption or harm (malware) to your readers.
4. What should I consider when crafting a response to a negative comment?
Answer: Work to turn the negative comment into a positive discussion, encouraging more
commentary. Correct information that may not be factual and be open and honest in responding to
negative comments. Always communicate in a professional and respectful manner.
Consider the following:
Thank the commenter—Thank commenters for their time and for sharing their thoughts. Thanking
your commenters shows sincerity and that you appreciate their readership and their feedback, both
positive and negative.
Take time to THINK before responding—Responding to a negative comment when you are in the
heat of the moment is generally a bad idea. Always take time to think about your response, what
you’d like to clarify or convey, and re-read your response before submitting it. (Contact your PR
representative if you are unsure how to respond.)
13. Page 13
After you have thanked the commenter, make an attempt to engage the commenter in the
conversation. Think about how your response might be perceived by readers. Your response should
be sincere, confident and truthful. If you disagree with the commenter, it’s OK to debate as long as
you remain respectful of others’ opinions, keep the dialogue productive, and always tell the truth. A
confident and factual answer is best; leave out the sarcastic remarks and personal insults and always
be professional. Remember that your responses are ultimately representations of Cisco and the
Cisco brand.
Learn from the commenter—Take a moment to understand the commenter’s argument rather than
jumping to conclusions. Even if a comment posted by a commenter is incorrect, proceed with caution
when you post a response that corrects the commenter. Do not provide a response that is insulting or
disrespectful. Your goal is to keep a positive atmosphere, where readers can go for advice and
conversation.
Correct your mistakes—If you make a mistake, don’t try to hide it; be open and honest and let
your readers know about it. No one is perfect.
Proprietary and Confidential Information
1. How do I determine what information is proprietary or confidential, and whether or not it is
OK to post externally?
Answer: Security policies and practices of external social networking tools may differ from Cisco
policy and requirements. Always assume the information you post to these sites is not secure and
that it can be compromised or used against you and Cisco.
Please refer to the Proprietary Information and Inventions Agreement and the Data Classification
Policy for guidance on identifying confidential or sensitive content. Do not post data classified as
Cisco Confidential or higher on any third party or public site. Doing so may cause Cisco to lose its
trade secrets.
Some information, such as acquisitions, product announcements, or Cisco financials, becomes public
information once it is announced by Cisco. However, do not post such information to external sites
until it is formally announced or shared with the public by Cisco. Disclosure of any information which
is deemed to be material non-public information prematurely or selectively may violate securities law
and may subject both you and Cisco to liability.
If you have questions about posting specific data, consult with the data owner or your manager.
2. How do I protect confidential information?
Answer: First, you must determine how the information is classified. Contact the owner of the data
(including artwork photographs and videos) with questions about the data disposition or classification
or check the Data Information Policy. Evaluate if the information is confidential and will my post be
accessible to the general public. Discuss with your manager if you are unsure.
3. May I disclose confidential information in Second Life?
Answer: Cisco has two clusters of islands within Second Life: The Cisco Virtual Campus and the
Cisco Employee Internal Islands.
The Cisco Virtual Campus (which is comprised of islands named “Cisco Systems 1” through “Cisco
Systems 4”) is our public campus and is populated by customers, partners, press, competitors, and
14. Page 14
so forth. All information provided here should be classified as Cisco Public and be non-proprietary or
non-confidential in nature unless otherwise explicitly approved by the data owner or your manager in
writing.
The Cisco Employee Internal Islands, which is comprised of islands named “CSSB1” and “CSSB2”,
are for internal projects and are open to employees to experiment and develop. Customers or other
non-employees are not allowed on these islands except as authorized. Employees should avoid
posting Cisco confidential and proprietary information, unless in a temporary manner during
presentations, as the infrastructure of Second Life is not secured by Cisco and may be open to
outside snooping. Any information posted for temporary purposes must be removed immediately
following its use.
Check the Second Life Guidelines for additional information.
FTC Endorsement Guidelines
1. What should I know about posting endorsements about Cisco products or services on the social
Web?
Answer: As a result of the evolving level of influence inherent in the social Web, and Web in general, the
Federal Trade Commission (FTC) has provided guidelines around providing endorsements online. The
notice incorporates several amendments to the FTC’s Guides Concerning the Use of Endorsements and
Testimonials in advertising and blogging, which address endorsements by consumers, experts,
organizations, and celebrities, as well as the disclosure of important connections between advertisers and
endorsers. Fines for violating the new rule will run up to $11,000 per incident.
In the eyes of the FTC, a paid endorsement is no longer limited to monetary compensation and this is
why things will get interesting moving forward.
The revised Guides specify that while decisions will be reached on a case-by-case basis, the post of a
blogger who receives cash or in-kind payment to review a product is considered an endorsement. Thus,
bloggers who make an endorsement must disclose the material connections they share with the seller of
the product or service. To be clear, a blog post (or Tweet) in exchange for cash or in-kind payment
to review a product is considered an endorsement.
If you are posting an endorsement about a Cisco product or service on any social networking site, you
must disclose the material connections you share with Cisco. In the realm of new media, transparency
and ethics speak louder than the value proposition of the product itself.
For more information: http://wwwin-blogs.cisco.com/deannab/entry/ftc_issues_new_rules_for
Trademarks
1. What should I be aware of when posting the Cisco logo or trademarks to social networking
sites?
Answer: Each employee is responsible for protecting and appropriately promoting the brand. Do not
share Cisco visual assets with third parties such as Cisco fonts, Cisco stock photography, Cisco
logos, or other devices that are reserved solely for Cisco.
Your personal social networking sites may not include Cisco logos or trademarks. This is to prevent
the appearance that you speak for or represent Cisco officially.
On Cisco social networking sites you may include the corporate logo by following the documented
15. Page 15
policy.
Do not post the Cisco corporate logo on sites external to Cisco for use by non-employees. If third
parties request use of the Cisco corporate logo to support stories or commentary about Cisco, you
may direct them to our Logo Request Tool which provides an online, click-to-accept license for such
use.
Lastly, you should not use third parties’ marks or logos without their written permission.
Copyrights
1. What are the copyright guidelines around posting content that is not mine?
Answer: You are legally and financially responsible for your postings and may be subject to liability
for postings which include copyrighted information such as music, videos, photographs, etc.,
belonging to third parties if they are used without the third parties’ permission. All such postings on
Cisco blogs, without the proper permission by the owner of such works, are prohibited. Click here
for more copyright information.
2. When creating a video, do I need to obtain written or copyright permission (usage rights)
from my manager and/or a customer or third party who may own a portion of the video or
who appears in the video?
Answer: Yes, in using videos, you need to seek approval from any participants BEFORE producing
and publishing a video to an external video sharing site.
With proper Cisco agreements in place, by participating in a Cisco video, third parties agree to (1) be
solely responsible for the content of all information they contribute or refer to; (2) release Cisco from
any liability related to their participation in the Cisco video; and (3) indemnify and hold Cisco harmless
from any and all claims or disputes arising out of their participation in a Cisco video. Click here for
video guidelines.
Third parties who participate in a Cisco video also need to adhere to Cisco’s policy of not pre-
announcing product, solution, or company information. They may not disclose any information that is
confidential or proprietary to Cisco or to any third party that has disclosed confidential information to
Cisco. The content can be deleted in the editing process. Contact your Cisco legal representative for
guidance on obtaining proper agreements.
Photos and Logos
1. May I use photos from the Cisco Marketing Library on my social networking site/blog?
Answer: You may use Cisco photography in a Cisco blog on Cisco.com. Do not use Cisco Stock
photography (people, scenic, etc) in a personal blog or on a third-party site. You may use Cisco
product photography on any blog on any site.
2. May I publish someone else’s photograph on my personal social networking site or internal
blog?
Answer: You should obtain written permission prior to publishing photographs or videos of others on
your personal or internal blog. This includes photos located in the Cisco Directory, organization
charts, or teambuilding photos.
Video Use and Guidelines
16. Page 16
1. May I post an internal Cisco video to an external video sharing site such as YouTube?
Answer: No. Videos produced for an internal Cisco audience should NOT be published to external
video sharing sites. Internal videos are at a minimum classified as Cisco Confidential and not
encrypted, so there is a chance that even an internal video could be inadvertently shared outside of
Cisco. As a result, please use caution when including confidential or proprietary information in an
internal video. If the judgment call is questionable, contact the data owner or your management for
sign-off before publishing the video internally.
Additionally, contact the Corporate Brand Video team at corpvideo@cisco.com for brand review and
approval.
2. May I post a non-internal video to external video sharing sites such as YouTube, Yahoo
Video, etc.? What is the policy surrounding posting video to an external site?
Answer: Yes, employees may post videos to video sharing sites such as YouTube as long as the
employee abides by all policies and guidelines in this document, including identifying yourself as a
Cisco employee when posting.
Please leverage Cisco’s branded channel, YouTube.com/Cisco, and work with Cisco’s social media
marketing team to submit videos (use the submit alias, submitforyoutube@external.cisco.com) to get
videos posted.
All permissions from those included in the video must be provided in order to post a video externally.
In producing your video, refer to Cisco’s guidelines. Additionally, contact the Corporate Brand Video
team at corpvideo@cisco.com for brand review and approval.
3. I’d like for a third party to be included in a Cisco video that will be published to an external
video sharing site. What are the guidelines for this?
Answer: Use judgment when interviewing third parties.
Third parties participating in a Cisco video may comment on Cisco to provide color or commentary on
important Cisco-related or market-related issues or to further a Cisco viewpoint on a particular topic
or issue. Engaging in the conversation, being helpful by adding insight and perspective, correcting
errors, and building relationships are all valid reasons to participate. Cisco will need to obtain written
permission to use third parties in a video. Click here for video guidelines.
When developing a Cisco video, third parties should not promote a new product or service. However,
customers are open to hearing from other customers who are sharing successes. As long as the
content does not hype Cisco or its products or solutions, the content can be credible.