Вы находитесь на странице: 1из 7

Internet usage policy implementation in the workplace

An internet usage policy dictates what is deemed to be appropriate internet browsing behaviour in the workplace. This policy typically enforces time restrictions for employees when browsing the internet for non work-related tasks as well as stipulating what genres of sites they are allowed to browse. Having an internet usage policy, which can also be referred to as an acceptable use policy (AUP), ensures that employees are following directives that serve to safeguard their work environment and the IT network infrastructure. What should an internet usage policy include? Drawing up an internet usage policy is typically the role of both the human resources department and the IT department as it endeavours to protect both the employee as well as the IT network. Therefore collaboration between these two departments is essential to ensure that a comprehensive internet usage policy is formulated according to the needs of the company and then enforced. The scope of an internet usage policy is not to snoop on employees or deny them all access rights to the internet whilst at work; however, guidelines and rules need to be formulated to protect employees from being subjected to material that may be inappropriate to a work environment and that could result in legal ramifications. An internet usage policy also aims to educate users about web-borne threats and how irresponsible browsing can result in malicious packages being unknowingly downloaded onto a computer which in turn could infect the whole network. The implementation of rules needs to be explained so that the user understands why visiting certain sites or downloading software onto his/her workstation could be detrimental to the company's network. Therefore a training session about internet security will act as a cohesive link with the internet usage policy and will likely result in users abiding by the policy once they understand the reasoning behind it. A clear distinction needs to be made between work use and personal use. The use of the internet at work offers many advantages and resources which can be beneficial to a company's operations. The problems arise with allowed access to personal email accounts, social networking sites, auction sites, etc.; excessive use of these sites leads to cyberslacking - shunning one's work responsibilities because of excessive internet browsing - thus resulting in lower levels of productivity. This is just one of many security issues resulting from unmonitored internet browsing. Downloading software or attachments onto

a work computer increases the risk of a virus infection throughout the network. Employees need to be warned about the dangers that downloading unknown files can present. Not all internet usage policies are the same, as they should be tailor-made to the needs and structure of the company; so certain companies might accept that these sites can be used during breaks. Banning the access to these sites could be seen as draconian and result in disgruntled employees who feel that they aren't trusted. Time-controlled access to sites that don't pose any ethical or moral problems is likely to be the better option as this would suit both users and policy-makers, although most companies would choose to block instant messaging sites like MSN Messenger because these are seen as time-wasters and facilitate downloads and uploads with little supervision. Ultimately there needs to be a balance so as to maintain good relations between staff and management. However, employees must be made aware that their internet access at work is a privilege and not a right and that they are expected to abide by the acceptable use policies put in place by management as employees of the company. Action must be taken against an employee if he/she continuously ignores the policy - this will drive the message home that internet security is not something that can be ignored or will be taken lightly. Penalties for improper internet usage could start with a verbal warning, increase to a written reprimand, demotion and eventual work termination. Employees must realise that their internet browsing has consequences and if they ignore the policy then they must bear the consequences. For help on creating an internet usage policy for your organization, please refer to this sample internet usage policy. Who should it apply to? An internet usage policy would typically cover all employees who have internet access. However, whilst most policies cover the same grounds, each company will have its own terms and conditions according to the company infrastructure. Certain people may be exempt from certain clauses in the policy depending on factors such as their specific role or hierarchical position, amongst others. Should there be no extraordinary circumstances then it's advisable for an internet usage policy to apply across the board. Any correspondence sent from a company email address should be treated as a professional document even if it just a one-line reply. Once it has the company details attached to it and is going outside of the company then it is a representation of the company and must therefore uphold the company's standards. Thus any discriminatory content in emails sent via company email would be breaking the internet usage

policy. Everyone is accountable for their online activities and any data that is stored or created on a company workstation is not private but can be accessed by management if necessary. In the same way, all company information is confidential and should not be sent outside of the company without permission. These are issues that should be present in an internet usage policy and that should be made clear to all employees. How is an internet usage policy enforced? Once the internet usage policy is drawn up and employees are made aware of its existence and its importance the monitoring of employees needs to be automated through web monitoring software, as it would be a waste of human resources to assign a single person or team to monitor the internet activities of all the employees. Furthermore web monitoring software will provide more efficient and comprehensive results as reports and data can be accessed within minutes. Action can then be taken based on the reports provided by the software. Web monitoring software should not be used to spy on employees but to verify that employees can be trusted to follow policies and to work efficiently during business hours. To ensure this, policies must be reasonable for staff morale and retention. Enforcing an internet usage policy does not mean turning the workplace into a prison but merely establishing boundaries. Users need to know that the violation of these boundaries will have repercussions and action will be taken against repeat offenders, as well as reporting top policy breakers, otherwise the policy will not be taken seriously. Internet usage policies protect a company's data assets and confidential information whilst also safeguarding employees and maintaining standards concerning the use of the internet during working hours. Implementing web monitoring software is an investment in security and could prevent employees from cyberslacking or abusing the company's trust with work-related information. If a security issue were to escalate into a lawsuit it could mean financial losses for a company, therefore the maxim should always be an enforced internet usage policy for the protection of all company assets and prevention of losses. A sample internet usage policy is available for review and use. Web monitoring software for SMBs GFI WebMonitor is the ideal internet monitoring and access control solution to implement an effective internet usage policy. It allows management to set boundaries for site browsing, prevent downloading and installing of software and has multiple scanning engines to ensure that allowed downloads are free of

viruses and other malware. By controlling downloads and browsing in real-time, the network is being protected from malware being installed. There is also the prevention of data leakage through sociallyengineered websites as well as reducing cyberslacking, thus boosting employee and business productivity.


Sample Internet Usage Policy

An Internet Usage Policy provides employees with rules and guidelines about the appropriate use of company equipment, network and Internet access. Having such a policy in place helps to protect both the business and the employee; the employee will be aware that browsing certain sites or downloading files is prohibited and that the policy must be adhered to or there could be serious repercussions, thus leading to fewer security risks for the business as a result of employee negligence. The Internet Usage Policy is an important document that must be signed by all employees upon starting work. Below is a Sample Internet Usage Policy that covers the main points of contention dealing with Internet and computer usage. The policy can then be tailored to the requirements of the specific organization.

Internet Usage Policy

This Sample Internet Usage Policy applies to all employees of <company> who have access to computers and the Internet to be used in the performance of their work. Use of the Internet by employees of <company> is permitted and encouraged where such use supports the goals and objectives of the business. However, access to the Internet through <company> is a privilege and all employees must adhere to the policies concerning Computer, Email and Internet usage. Violation of these policies could result in disciplinary and/or legal action leading up to and including termination of employment. Employees may also be held personally liable for damages caused by any violations of this policy. All employees are required to acknowledge receipt and confirm that they have understood and agree to abide by the rules hereunder.

Computer, Email and Internet Usage

y Company employees are expected to use the Internet responsibly and productively. Internet access is limited to job-related activities only and personal use is not permitted

Job-related activities include research and educational tasks that may be found via the Internet that would help in an employee's role

All Internet data that is composed, transmitted and/or received by <company's> computer systems is considered to belong to <company> and is recognized as part of its official data. It is therefore subject to disclosure for legal reasons or to other appropriate third parties

The equipment, services and technology used to access the Internet are the property of <company> and the company reserves the right to monitor Internet traffic and monitor and access data that is composed, sent or received through its online connections

Emails sent via the company email system should not contain content that is deemed to be offensive. This includes, though is not restricted to, the use of vulgar or harassing language/images

All sites and downloads may be monitored and/or blocked by <company> if they are deemed to be harmful and/or not productive to business

The installation of software such as instant messaging technology is strictly prohibited

Unacceptable use of the Internet by employees includes, but is not limited to: Access to sites that contain obscene, hateful, pornographic, unlawful, violent or otherwise illegal material y Sending or posting discriminatory, harassing, or threatening messages or images on the Internet or via<company's> email service y y y Using computers to perpetrate any form of fraud, and/or software, film or music piracy Stealing, using, or disclosing someone else's password without authorization Downloading, copying or pirating software and electronic files that are copyrighted or without authorization y y y Sharing confidential material, trade secrets, or proprietary information outside of the organizatio Hacking into unauthorized websites Sending or posting information that is defamatory to the company, its products/services, colleagues and/or customers

Introducing malicious software onto the company network and/or jeopardizing the security of the organization's electronic communications systems

Sending or posting chain letters, solicitations, or advertisements not related to business purposes or activities

Passing off personal views as representing those of the organization

If an employee is unsure about what constituted acceptable Internet usage, then he/she should ask his/her supervisor for further guidance and clarification All terms and conditions as stated in this document are applicable to all users of <company's> network and Internet connection. All terms and conditions as stated in this document reflect an agreement of all parties and should be governed and interpreted in accordance with the policies and procedures mentioned above. Any user violating these policies is subject to disciplinary actions deemed appropriate by <company>.

User Compliance
I understand and will abide by this Sample Internet Usage Policy. I further understand that should I commit any violation of this policy, my access privileges may be revoked, disciplinary action and/or appropriate legal action may be taken.

_________________ ______________ Employee signature Date

Web security software What use is a sample Internet Usage Policy without an effective method of enforcing its regulations? GFI WebMonitor is an internet monitoring and access control solution, which allows network administrators to control and monitor internet usage and to ensure that your company's Internet Usage Policy is being adhered to.

The regulations mentioned in this sample internet usage policy are covered by GFI WebMonitor and any breaches of the policy can be addressed by the network administrator, who is given control to oversee what downloads and site browsing is occurring on the network and the Internet within the workplace, through a user-friendly interface. Moreover, administrators have the ability to block sites and control downloads in real-time with GFI WebMonitor's categorization and filtering ability that covers over 165 million websites, making it the ideal companion to an effective Internet Usage Policy.