When developing a security policy, define an acceptable use policy for your company's assets. Seek legal advice to ensure your policy can be enforced. Additionally, review the following documents:

  • Electronic Communication Privacy Act (ECPA)
  • 18 United States Code (USC) 2701
  • RFC 2196

Include warnings of disciplinary or legal action against anyone found violating rules of the policy.