Why Establish an Acceptable Usage Policy?|
For the Past 15 years, I have been supporting small businesses with computer problems, ranging from desktop support to network and server integration. I have been a Microsoft® Certified Professional since 1999, and a Microsoft® Certified Small Business Specialist for over a year. I ran my own company, Lyons Den Computer Services, Inc., from 1992-2007. I exclusively serviced businesses with 3-25 workstation and servers. I recently started a new position where I am working with even larger organizations, with over 100 computers per location. One thing most of these companies have in common ...view middle of the document...
Many of these companies gained a wider business base and more opportunities due to the relatively low cost of global communication via email, product information access on the World Wide Web, and internet search abilities to find new and previously unexplored markets. Some of these companies, which had no internet access or very slow connections 5-10 years ago, find themselves “crippled” by a short outage of service today. Of course, the bad always comes with the good, for all the employees that became so much more productive with these new tools of the trade, there were those lost to what managers came to call the “World Wide Waste” (Palmgren). Michael Erbschloe, Computer Economics vice president of research, describes it, "Online shopping, stock trading, car buying, looking for a new house, and even visiting porn sites have become daily practices for about 25 percent of the workers in U.S. companies that have access to the Internet in their offices (Stewart 47). Organizations expect that some personal use of the internet may occur, akin to how some personal use to the company phone is expected and allowed, but it becomes very easy to cross the line from using the web to work to using it to play, or to fritter away the workday. It is far too easy to stray when keyword searches lead to as many shady resources as legitimate ones.
Resources and Bandwidth
Once upon a time, the company had a single ISP account, costing around $20, and shared the fax line to do little online research and check email once a day. Now the company pays a thousand dollars or more per year for the connection, and has purchased routers, and switches, and lots more networking infrastructure , and is paying to maintain it. Some are complaining the internet is slower than the dial-up days. Your in-house specialist or outside IT firm is telling you that you need to buy a faster connection. Yet productivity is down. Are people working that much harder on the internet, or are many people running resource wasting and possible spyware applications like Weatherbug, Instant Messenger, stock tickers, and such. That free internet radio they listen to down the hall isn’t free for the business owner paying the internet bill, and what if the mail room guys are downloading music and movies? Enough of these resource hogs can keep the legitimate network traffic bogged down, and can even endanger the network if a spyware application is secretly sending spam from one of your network systems. Soon, other ISP’s and mail servers will start to block all of your email, legitimate or not!
Legal Liability Risks
One of the key purposes of a solid security policy (and company policy in general) is to provide litigation protection and defense. The acceptable use policy is, arguably, the most important single element of that defense, particularly in light of its close ties to Human Resource and sexual harassment policies (Palmgren). Email is a great tool for communication, I can send you a...