When running a business of any size you likely do not want, or have the time to worry about personnel issues such as having to enforce an internet user policy.
Your priorities are your clients and growing your business, so you try to let the employees work as independently as possible. The problem is if your staff are not using the internet properly, it can cost you dearly and prevent you from accomplishing those goals.
There are a number of benefits of an internet user policy. First the why.
1. Productivity loss
It is pretty simple. If your employee is not working and is focused on social media sites, music or video sites or any of their own personal needs during work hours it is costing you money.
2. Viruses and Malware
If you do not have a policy or it is not properly enforced you leave your business at risk of being attacked by a virus or malware. When you allow employees to do as they please on their computer, security systems you have put in place such as firewalls and antivirus systems may be turned off and unknown or malicious software can be downloaded and can attack your network.
This puts you at risk for viruses such as Cryptolocker or Cryptowall that have caused massive amounts of money and data loss to business and governments of all sizes.
3. PIPEDA and other privacy concerns
Depending on the type of business you are in you may have personal information of your clients or patients that must be secured. Not having or enforcing an internet usage policy with your employees puts you at risk of not being compliant with privacy laws such as the Personal Information Protection and Electronic Documents Act (PIPEDA). It could also lead to an embarrassing security breach.
The next logical question is how you enforce this policy.
How can you control each user independently and monitor them to ensure they are following the policy?
Here are four suggestions of how you can do it without it taking up too much of your time.
1. Develop a written Acceptable Internet Use Policy
Sometimes all it takes is for a written policy to be in place and communicated to staff. Develop your Acceptable Internet Use Policy and review it with your team periodically to ensure everyone understands it.
2. Central IT management
Implement the policy centrally across your entire network that controls what websites can be visited and which sites can’t be. This can be done by your IT provider and applied across all computers on the network. This will save you from having to worry about checking in on everyone to see if they are spending all day on social media sites.
3. Eliminate local administrator access
Do not allow your employees to be administrators on their local desktop. By having a central administrator you control who decides what security is applied to the computer and stops anyone from making any changes without approval from the appropriate management.
4. Do spot checks or implement monitoring software
If you feel that after you have applied rules across your network security system that you are still having employees breaking the policy there are a variety of programs that will monitor and report what each user is doing on their computer during and after work hours. Many businesses also do random spot checks on members of their team to ensure policies are being followed.
These policies, no matter what they are, need to be reviewed with your staff on a regular basis. This ensures that your team is aware of the dangers and understands the consequences should they choose to get around the rules.
Your IT provider can implement any policy you agree upon and if you require assistance with this our technical team is available to answer questions to ensure you are following best practices.