1. Protecting YourCompany from Liability
Why an Effective IT and Network Policyis Essentialto Secure YourBusiness
Have you ever been concerned when one of your employees shares a web link or article of
questionable content in an interoffice email, and don’t know the proper course of action to take?
The most frequent responses include: reply to the message with a severe reprimand, call the
offender into your office to discuss the issue and course of action, or pass along the memo to
others. The last option is obviously not a viable choice, and the first just avoids a tough
discussion. A face-to-face meeting is the only way to address this serious workplace problem.
While managers can’t predict and prevent every potential employee issue, these problems can
typically be averted with a company IT and network policy.
To avoid the distribution of objectionable material through the company’s email or other
communications systems, clear organizational rules must be in place. These policies protect the
reputation of the organization and reduce the risk of fines and lawsuits by ensuring that
employees, clients, and business partners aren’t exposed to offensive jokes, pictures, or other
inappropriate communications. Implementing effective computer and network rules is the best
way to reduce issues and liabilities.
Management must do more than create these policies to ensure compliance; without enforcement
it’s a worthless endeavor. If the company doesn’t adequately respond to rule violations and hand
out equal punishment to each offender, the organization could face substantial penalties and
significant damage to its reputation. In addition to monetary and status costs, the loss of a key
employee or client due to an act of poor judgment can negatively impact or destroy the business.
The Needfor Computer Policies
New technology enters the workplace on an almost daily basis, with some creating issues that
companies never anticipate. Even if a business has an employee handbook, few include specific
language pertaining to computer usage or have been updated to deal with the latest devices and
websites. For example, despite the prevalence of social media sites, not many companies restrict
access to them during working hours.
Whether surfing the web for the latest sports news or checking a myriad of online sites for status
updates, the Internet is one of the largest productivity killers in businesses. Just add up the
number of social media posts made by your employees on a typical day and consider how many
minutes they waste, realizing that reading their friends’ posts likely takes up a lot more time.
Computer games also reduce productivity, especially for competitive individuals with a drive to
win every contest.
2. Businesses have options, such as banning or restricting access to these sites or programs. Some
organizations just restrict the time employees can use these programs or apps, rather than
prohibit them outright—or only allow access using personal devices and networks. Each
company must tailor these policies to meet their individual staff and office needs.
Another concern is information security, as the inappropriate use of technology increases the
threat of viruses, spyware, and trojans. When employees access websites that are known sources
of this malware, it adds significantly to the organization’s security risks and can lead to
expensive system downtime and repairs. The first step is to create and communicate rules for
employee use of the internet, including the types of sites to be avoided and penalties for trying to
overcome the company’s security measures, such as software that detects, blocks, and removes
viruses and spyware. Web-access and monitoring applications ensure that the Internet policies
you establish are followed (automatically). Of course, the best prevention comes from employees
following the rules you establish, but using the security measures helps ensure the organization’s
systems are well protected against malicious intrusions.
The final reason to create company computer policies involves liability. When an employee
misrepresents him/herself, accesses pornographic sites, or violates copyright or other laws using
a company email or other computer system, the business may also be exposed to lawsuits and
penalties. Without adequate rules in place prior to an incident, the courts may view the company
as a complicit partner in any transgression committed with its equipment. Sexual harassment is
one example, when email or internal communications are used to send offensive messages or
materials to co-workers (or customers). If there isn’t a well-established rule in place prohibiting
this type of communication, a lawsuit against the company could have more merit than litigation
against a business with a clear policy. As with any liability issue, just writing a rule is not
enough; it must be properly communicated and acknowledged by all employees in order to
protect the organization and its people.
Article submitted by Laurie Breese, Owner of TeamLogic IT of Orland Park.
TeamLogic IT of Orland Park, Illinois is part of a nationwide network of computer consultation
and managed services businesses providing outsourced IT services. Small- to medium-sized
businesses rely on TeamLogic IT to handle a broad range of services from urgent computer
repair and proactive maintenance to the installation of entire networks and more. For more
information, contact Laurie at lbreese@TeamLogicIT.com or visit
www.TeamLogicIT.com./OrlandParkIL