How to Create Computer Use Policies and User Agreements for Employees
Let's face it: as indispensable the internet is to a modern office, it is also a source of immense distractions and potential security threats. Employees slack off on social media, access websites they shouldn't be accessing during work hours, download suspicious attachments, and sometimes, even steal confidential company data.
To deal with such situations, your business needs a comprehensive Computer Use Policy for employees. This policy should cover every aspect of computer use within the workplace and have clear guidelines to deal with various infractions. Obviously, this is a legal document and thus, must be created in close consultation with a lawyer. But before you start, consult this guide to understand why you need such a policy, and what all it should include.
Why You Need a Computer Use Policy
If the world was perfect, every employee would be in the office by 9, would turn in all the required work by 5, take only the stipulated hour-long lunch break, and use the internet only for work.
Unfortunately, the world is not perfect. Employees often turn up late, slack off on social media (a whopping 64% visit social sites daily) and even threaten your network's security by downloading malicious files. Sure, you can install employee computer monitoring software to keep tabs on your workers, but without a comprehensive computer use policy, you won't have the means, or the guidelines to deal with infractions. Some use cases for Computer Use Policies and User Agreements are:
- Employee social media behavior: Businesses should be equipped with the means to deal with employees who neglect their responsibilities and spend an exorbitant amount of time on social media.
- Irresponsible sharing: Employees sharing confidential information on public forums, or indulging in social media behavior unbecoming of the company's values is not uncommon. A business needs to have policies in place to deal with such situations.
- Data theft: Disgruntled and/or departing employees often steal confidential data (a whopping 60%, as per one report). This is a serious infraction and should carry appropriate penalties.
- Irresponsible downloading: Employees often use office networks to download files for personal use. This can include downloading pirated files, which is not only illegal, but also puts your network at risk of virus/malware attacks.
- Visiting pornographic websites: Employees accessing pornographic websites at work isn't unheard of. Every company needs policies to deal with such violations.
Clearly, a Computer Use Policy would be extremely beneficial in any of the above situations.
Creating a Computer Use Policy and User Agreement
Understand that monitoring employee computer use is a delicate issue. Obsessively monitoring employees and reprimanding them for minor infractions affects employee morale. It might also affect your ability to hire top talent. Employees should be given certain freedom with their computer use, as long as it doesn't affect their ability to perform competitively in the long-term. You want employees to trust you, and to trust them in return. This means looking the other way at some infractions, particularly when it comes to social media use.
Having said that, your Computer Use Policy should include guidelines regarding the following:
- Personal internet use: Personal internet use - using the office network to send personal emails, plan trips, download files, etc. - should be discouraged. Give your employees some leeway, especially if it doesn't seem to affect their ability to work effectively.
- Downloading files: Discourage downloading of non-work related files. This will save you bandwidth and also help protect your network against malicious files.
- Social media: Some social media use on a daily basis is acceptable. Blocking social media sites completely will affect employee morale negatively. Understand that employees will waste time in socialising, either around the watercooler, or on Facebook.
- Ownership: Your Computer Use Policy should clearly indicate that you retain full ownership rights to your work computers, and any work-related data stored therein. This will help avoid a lot of legal hassles down the line.
- Pornographic content: It's a good idea to implement a zero-tolerance policy for accessing pornographic content on the office network during work hours. Any employee accessing such content at work is likely to be a liability in the future as well.
- Data theft: Data theft is a very serious infraction punishable by prison time. Have strict policies in place to deal with any possible theft of confidential data. This includes employees emailing said data to themselves or to competitors. Any employee found making copies of confidential data for later use should be investigated as well.
- Copyright infringement: Employees downloading pirated data or using copyrighted images on their personal blogs/social media, etc. may put the company at risk of litigation. Ensure that your Computer Use Policy document has guidelines to deal with such infringements.
- Questionable online behavior: Using social media to bully others, post objectionable content, etc. should be dealt with swiftly and strictly.
All said and done, the Computer Use Policy and User Agreement are legal documents and as such, must be created in close consultation with a lawyer. Before you do that, however, take some time to define your own business, what you expect from your employees (and what they expect from you), and your tolerance to unsavoury computer use. This will help a lot in creating a Computer Use Policy that works for your business.