While the Internet can be a great tool for getting work done, it can also be a distraction to employees and a danger to security. Storing sensitive data, malware, hackers, illegal use of the Internet, and how your company is represented online can also pose significant risks to your business. It has never been more important to outline a clear and specific Internet policy for your employees to follow in order to reduce your liability and exposure to risks. To help beef up your policy, here are five sections you should consider including:
1. Productivity/ Effective Use
It is important to ensure your employees are using the Internet to complete work and not avoid it. Here’s what you should mention in your Internet policy to ensure internet use:
- Ensure all employees review the policies before they can begin Internet use.
- State what resources employees are allowed to access and what purposes they are allowed to use the Internet for.
- Note any prohibited activities or sites.
- State what infractions will result in a removal of privileges.
Poor use of the Internet and failure to follow IT policies can expose your company to significant security risks. Outlining your company’s IT security measures is crucial. Your policy should mention:
- Any security software or company specific applications that must be installed by the employee.
- Required ways in which sensitive information must be accessed (e.g. through specific software applications, not through personal apps/email, etc.)
- Policies for detecting and removing security threats if they occur.
Illegal use of company Internet access by an employee can result in costly litigation against your company and can even get your Internet access shut off by your provider. Outline for your employees:
- What activities pose legal risks (e.g. illegal acquisition, storage, and dissemination of data, fraudulent activities, disseminating false or libelous materials, etc.)
- Ramifications and actions if illegal activities are discovered.
Employees should be made clear their access to company Internet is not the same as their personal Internet. You should be as transparent as possible as to what access information you will be monitoring and able to view. Things to mention:
- Policies for company monitoring of email, accessing file directories, web access and history, and any other information stored on work computers.
- Disclaimer that email is not confidential and may be read, intercepted, and stored by people within as well as outside the company.
5. Company Image
With access to company materials, email, and possibly the company website, every action an employee does online directly represents your company. It is integral to outline how employees go about representing the company such as:
- Approved use/posting of company materials online.
- The separation of personal and company opinions when posting online.
- Creating affiliated websites, blogs, and other sites.
Framing Your Company’s Policy
Overall, maintaining your company’s internal Internet policy is an ongoing activity that requires regular monitoring, enforcement, and updates. It is important to issue periodic reminders to employees to ensure everyone is on the same page.
If you’re just starting your policy or reevaluating, try using these example policies as a guide to frame yours. In addition, you may want to use these inexpensive courses to gauge new employees’ Internet IQ and competencies before they begin Internet use:
Have you run into any obstacles with your Internet policy? Are there any additional things you include in your own policy? Join the conversation and share in the comments!
Image Credit: Teresa via Flickr