Dynamic Business

Some common rules that should be included with most IAUPs are:

• All sensitive or confidential data must be encrypted before sending across the web. For example, many doctors’ offices use instant messaging (IM) to communicate from the front desk to the back office. However, many don’t realise that this is a serious security risk because IM is not a secure way to transmit information about a patient or their health conditions.
• A restriction on sharing confidential information about the company, its clients or the people working there. With social media as popular as it is, you don’t want an employee writing all about the latest company scandal on their MySpace or Facebook page; it’s just not good for business!
• Prohibition against visiting websites that contain pornography, racism, sexism, gambling, or email with any such content sent from your business. Remember, even innocent jokes with racist content can leave a huge black mark on your company’s reputation.
• Absolutely no downloading of music files or other programs that are not approved by management. Innocent screensaver programs and jokes often contain nasty viruses that could bring down your entire system or invite a hacker into your network.

Not only does an IAUP reduce wasted hours on the net, it can reduce bandwidth and equipment needs, as well as shield you, the business owner, from possible sexual harassment and other lawsuits arising from your employee’s inappropriate use of the web.

An IAUP is only half the battle

Unfortunately, not everyone follows policies, and some will accidentally violate your IAUP. To ensure company policies are being followed, some businesses are choosing to monitor all internet activity initiated by their employees using web content filtering software.

Tools available today make monitoring of employee internet usage simple and easy. Most companies choose to regularly monitor summary level activity like hours connected to the web, number of sites visited, and illegal or banned sites visited by the company while leaving detailed transaction reviews as necessary on a case-by-case basis.

If someone complains that this is a violation of their privacy, rest assured that nothing could be further from the truth. It’s not only legal but good business. After all, they are using your company assets and if employees are focused on productive work and minimise personal use of the internet, you’re likely to never need to address their internet usage. Just be sure to include a clause about internet monitoring in your IAUP and have your employees sign the agreement.

–Maria Padisetti is CEO of Digital Armour Corporation (www.digitalarmour.com.au), a comprehensive IT support company, covering both infrastructure and software.