PL-4(1) Rules of Behavior | Social Media and External Site/Application Usage Restrictions

Description

Social media, social networking, and external site/application usage restrictions address rules of behavior related to the use of social media, social networking, and external sites when organizational personnel are using such sites for official duties or in the conduct of official business, when organizational information is involved in social media and social networking transactions, and when personnel access social media and networking sites from organizational systems. Organizations also address specific rules that prevent unauthorized entities from obtaining non-public organizational information from social media and networking sites either directly or through inference. Non-public information includes personally identifiable information and system account information.

Applicability

The Chief Information Security and Privacy Officer (CISPO) is responsible for implementing this control.

Implementation

TAMU-CC shall include in the rules of behavior, restrictions on:

1. Use of social media, social networking sites, and external sites/applications;
2. Posting organizational information on public websites; and
3. Use of organization-provided identifiers (e.g., email addresses) and authentication secrets (e.g., passwords) for creating accounts on external sites/applications.

Revision History

Last Updated: February 21, 2025

Previous Versions:

• June 29, 2023
• May 31, 2022
• March 25, 2021
• September 16, 2019