This website uses cookies to store information on your computer. Most of these cookies are essential to make our site work and others help us to improve it by providing some insight into how the site is used. If you continue to use the website we assume that you are happy to receive these cookies.

To find out more about our cookies or reset your cookie preferences please see our Privacy and Cookies page.

You are here: Home legal Security and Acceptable Use Policy
Document Actions

Security and Acceptable Use Policy

Acceptable Use Policy

The guidance notes herein are in accordance with MOD JSP740 (Acceptable Use Policy)

1. This page defines the general Ministry of Defence (MOD) Acceptable Use Policy governing the use of its external Internet resources by MOD staff and by general internet users.

2. It applies to everyone who uses MOD owned or leased Information Technology equipment and Telecommunications networks (MOD IT and Telecoms) including personal computers (whether or not connected to a network), laptops, terminals, Personal Digital Assistants (PDAs), computer kiosks, printers, fax machines, photocopiers, video conference facilities and telephones of all types.

3. All MOD information systems are liable to a recording and monitoring regime intended to maintain security and to ensure that MOD internet services remains available to all users, which include both automated and manual audit procedures to identify unauthorized attempts to upload or change information, or otherwise cause damage. Any information recorded is not used to identify individual users or their usage habits unless required for duly authorised security or law enforcement activities. Raw data logs are used and retained for no other purposes. See the Privacy page for further information on our privacy policies.

Websites

3. MOD Websites are published under the authority of the Secretary of State for Defence, and contain information duly sanctioned for release to the general public. They are bound by the Copyright regulations laid down elsewhere on this site.

4. Unauthorized attempts to upload information or change information on these services are strictly prohibited and is punishable under the Computer Misuse Act 1990.

Official Domain Names

5. The UK Ministry of Defence (MOD) is the operating authority for a number of Internet domains, which are as follows:

mod.uk
mil.uk
moduk.org
dera.gov.uk
dstl.gov.uk

6. Any Internet resource purporting to relate to being an official asset (for instance a website URL or email address) should therefore normally be expected to utilise one of these Official Domain Names. There are a number of legacy instances where this convention is not yet followed, which will mainly be from the general UK Governmental '.gov.uk' address space which MOD shares with Central and Local Government users, in particular email accounts in the form of '@gtnet.gov.uk'. If any doubt exists as to the authenticity of an Internet resource not falling within these naming conventions, please contact enquiries@cert.mod.uk.

Email

7. All MOD internet mail servers are configured to prevent their use as open mail relays, and any attempt by non-authorised personnel to use such servers will be treated as misuse. Any suspected abusive email from a genuine or forged MOD address should be reported to abuse@cert.mod.uk.

8. The practice of sending unsolicited bulk mail ("spam") or e-mail floods ("mailbombing") to MOD addressees may be considered as an attempt to cause a denial of service, and as such will be considered as a serious security matter that may therefore be pursued with the postmaster of the orginating address.

Contacts

9. The UK Ministry of Defence has established procedures whereby any security relevant matter affecting its external Internet services, such as use of these resources in a manner contrary to the Usage Policy, can be passed to an appropriate authority for investigation.

10. The following specific email addresses should be used: