When you want to inform end users about what is acceptable and what is prohibited on your company’s network, you can use two documents. One is a general Acceptable Use policy; the other, dubbed the Network Usage Guidelines, is a more specific document that changes according to the current needs.

After a user reads and signs a contract stating that they have read and understood these documents and agree to keep themselves informed about changes to the Network Usage Guidelines, you can then issue users passwords and train them. Training, in this case, means a quick overview of the e-mail system, confirmation that users can actually get into their network folders, and a focus on what the usage policy means in practice. If users understand the reasons behind the decisions, they are apt to accept them more readily.

But what if you are introducing a new policy to an existing group of users? The first step in ensuring user buy-in is to make sure the policy is clear, understandable, and free of vague terms.

In Internet usage policies, for example, you do not want to use terms like “morally objectionable” when describing unacceptable types of downloads or browsing habits. That would leave the documentation open to interpretation, something you definitely do not want. You have to drill down as much as possible to define what you mean by terms like that. If you do not want users to download MP3s or file-sharing software, then say that. Avoid dictatorial wording. Phrases like “you WILL do this because…” can sabotage your efforts and make users less likely to adapt to the new rules.

If an employee knowingly breaks a policy rule once, begin with a strong reprimand. If the behavior continues, you are covered-you have a company-sanctioned Internet policy signed by that user that you can use as grounds for dismissal.