How strict should computer use policies be?
May 1, 2008 by Sam NarisiPosted in: Employee computer use, In this week's e-newsletter, Latest News & Views
The idea of restricting the ways employees can use the Internet has gotten a lot of attention lately. But how strict should these policies be? We want to know what you think.
It largely depends on the goal of the policy. There are often security and compliance reasons for limiting what people do with technology such as e-mail (preventing electronic harassment, or the leaking of confidential information, for example).
But often, the main goal is productivity and the policies are created because employees are spending a lot of time surfing the Web for personal reasons.
However, if the goal is performance, does it really matter how employees are wasting their time? If someone’s a great performer, is it a big deal if he or she takes a break from the grindstone to check personal e-mail or do some online banking - as long as the work is getting done, too?
Another argument against strict policies is that employees often use their personal computers for work reasons - so things should be able to swing the other way, too.
That said, having a policy and monitoring capability in place can be a good idea to guard against really inappropriate use (porn is the obvious, and the most serious example - some companies have been sued for sexual harassment because of the presence of porn at work).
There are also bandwidth issues to consider. If people are watching videos on YouTube, that takes a lot of resources and people who need the Web to do their work often suffer.
But what do think? What should a computer use policy say? How strictly should it be enforced? Whose problem is it? Let us know what you think in the comments section.
Tags: computer use policy, IT security, wasting time at work
May 6th, 2008 at 1:00 pm
I believe that employees are adults and cannot understand why we continue to treat them like children. If performance is the main goal of a position, you can measure the performance so if the employee is not performing actions should be taken. I.T. departments can block most sites from use, and areas like myspace, youtube etc that have no real business use can be avoided. However stopping employees from reading the news, other areas is like a dictatorship and eventually will add to employee dissatisfaction.
May 6th, 2008 at 1:10 pm
I concur that as long as employee is performing up to standards that the ability to break from the everyday grind to handle some online chores can be more a positive than a negative. This can be on of those fringe benefits afforded to those that do have the good work ethic. The difficulty being monitoring either at an IT level for items such as bandwidth (ie streaming video) or productivity level. It seems that frequently mangers in the production environment prefer having IT restrict all these functions since it is easier to restrict everyone than to truly monitor and hold accountable the staff to accepted production standards. I truly believe that this is one of the declines we have seen in the workplace. The workers that have good work ethics are restricted just the same as those that must be monitored simply because managers/supervisors are not willing to distinguish between the two types of workers. Having come from a production environment I have seen the benefit of rigid production standards and allowances afforded to those meeting the defined standards.
IT policies I feel should strict enough to protect the company against liability (porn, regulatory rules, and industry standards) but as far as managing productivity that is the responsibility of the immediate supervisor/manager. The art of managing personnel has been lost with the trend toward treating all employees the same, which would mandate trending to the least common denominator. If all are managed the same what is the benefit of being an excellent employee. Managing people must allow room to reward those who exceed expectations and to restrict those that seldom manage to meet the expectations.
May 6th, 2008 at 1:20 pm
I agree with Tony Forrest who said that the policy regarding computer use should be associated with productivity and performance. I’m employed by a privately owned company with fewer than 75 employees. In the early days, we were told that it was ok to use the internet if necessary, but to use good judgment and avoid things which could become a distraction. Now, that’s all changed. We’re still fewer than 75 employees, but we work without supervision most of the time. Although most of us remain focused on our tasks, there are others who will allow their minds to wander, and who end up on shopping sites, blogs, etc. Our computer and internet usage policies are meant to inform employees of the consequences of non-compliance. We can’t police the group and certainly don’t want to have to deny anyone the basic privileges associated with free and unrestricted internet usage- but there are instances where even I have had to request access to a particular site. We are adults and we all know our purpose within the organization. I understand the need for a computer/internet usage policy, but sometimes I think that we were better off without the written specifics. It almost creates a problem. (almost!)
May 6th, 2008 at 1:50 pm
About 8 years ago, I used a blocker on several computers due to gambling and porn found on three of 10 computers, and we were only using dial-up at that time. Their productivity wasn’t suffering due to the fact that they weren’t that productive to begin with. Since that time, we have more than tripled our network size, added T1 and gone nationwide. My main issue at this time is bandwidth restrictions and email buildup. We just started using an email filter, which is making my life much easier. We are continuing to look at restricting emails that are sent from the office as well.
While work can be a pleasant place to be, it is not a democracy. We are told when to come to work as well as what to do when we get there. There must be restrictions upon where the employees go. Just as truck drivers cannot drink and drive, office resources are not to be used at the whim of any employee. There can be a certain amount of freedom, but when that freedom is abused, there must be consequences. Where there are boundaries in the workplace, employees are ultimately free to do their work as creatively as they wish.
May 6th, 2008 at 1:59 pm
I think this is a rough subject and I have mixed emotions. I do think in todays society it’s almost
unresonable to hand a tool to an employee and then restrict their use of it. I also feel personally as long as the work is being done and the internet is not being used for porn or anything that would offend another person that it should be allowed. Most people are going to do it anyway if they get
half a chance. It would take an entire IT POLICE DEPT in each company to not have any other duties except to watch what all the employee’s are doing 24/7.
If we cannot trust our employee’s to honor their employment with our company then maybe they should be employed elsewhere. Just my two cents worth after 16 years as an HR Director
May 6th, 2008 at 2:17 pm
I too think restrictive internet policies are short sighted. Employees wasting time has been around a lot longer than the internet, and is usually a result of poor management and not access to the internet.
We used to worry about the same issue with personal telephone calls on the company phone. Now employees use their cell phones for personal calls, so it’s harder tom monitor. Soon iphones and the like will do the same for internet browsing, so managers need to better manage work product and quality and not rely on spy ware and other monitoring devices to keep tabs on employees.
May 6th, 2008 at 4:05 pm
There will always be some who abuse any good thing. The internet has been a vital tool for me and several other coworkers to research business issues. It is also a productivity enhancer if I can crank out an email to deal with a personal issue during normal office hours that I would other wise have to take time off of work to physically attend to. This happens frequently in an office environment and is not normally tracked.
May 6th, 2008 at 5:17 pm
Until recently it has pretty much been the wild west around here when it comes to internet usage. After implementing a monitoring program it was pretty easy to get them to agree to block certain sites. I learned all kinds of thing I would rather not know while researching some of these sites! Besides the obvious liability issues of not blocking certain sites, we also experience bandwidth issues when everyone is looking at the latest youtube video. So we recently began filtering web content. In a perfect world, people who are spending too much time surfing and not working would get canned. Unfortunately, human nature being what it is, usually I hear complaints, but no one is willing to do anything about it. So filtering becomes the coward’s way of dealing with the situation.
I must say I was amazed at the outrage expressed when we blocked myspace. I couldn’t believe they had the gall to complain. It is rare that this site would be needed for business reasons here and they clearly were not using it for business purposes. You would have thought we locked all of the bathroom doors.
May 7th, 2008 at 7:42 am
I agree with you Ann. We implemented a web filter about a year ago and immediately turned on content filtering on. The prime reason for the web filter was to protect the company from illegal activity and also to try to fix bandwidth issue we were having. We kept turning up the juice on our T1 and the bandwidth would be maxed-out immediately. The filter fixed this until cyber Monday, so we blocked shopping during the Christmas season. I know that sounds harsh, but the network speed was restored and we could again function as a business. I actually had people come in to my office demanding that I unblock YouTube, MySpace, and yes . . . shopping sites. (these sites were being used pretty much all day long). I do care about the company and the bottom line, but don’t think it is the IT director’s job to make sure that everyone is being productive or working at all. It is my job, however unpopular it makes me, to make sure that resources are available and functioning adequately for the company as a whole. For a long time I was afraid that someone would hang a “Kick Me” sign on my back. No signs yet!
May 7th, 2008 at 11:56 am
Kelly you are right…it is not the IT director’s job to make sure that everyone is being productive. But it is part of his or her job, along with the CIO, to make sure that the resources that are available are being used for it’s inteded purpose. If your company had some piece of equipment that you’d like to use for your personal use at home, would your company let you do that? Most likely not and if they do you are very lucky. So why would using the company’s bandwidth for personal use be any different? This isn’t a madder of how effective of an employee you are. This is about using a resouce for personal use that doesn’t belong to the employee.
May 20th, 2008 at 3:31 pm
I appreciate the thoughts and feedback from all; thank you for taking the time to comment. I work for a mid-size non-profit, needless to say our IT budget is quite low; however we do have a T1 connection with a few servers. Bandwidth usage is always an issue. We expect our employees to access the Internet for work purposes during work hours and personal purposes during breaks. Between the hours of 11a and 2p it can be quite difficult to use a web based programs, check our e-mail, and at times several of our applications have “errored out ” (you can tell I’m in HR and not IT) and have caused us to have to restore server access, etc., etc., etc. It is quite frustrating having a liberal IT policy and we are looking to tighten the reigns. I’d like to be able continue working through out the day and not have to choose other activities between 11a and 2p because someone has to finish their auction on eBay. After all, Internet access that is provided at work by your employer is to be used for work purposes.
PS: Where am I writing this from … work.
June 9th, 2008 at 5:33 pm
As an IT manager, I am not responsible for managing non-IT staff. That is the responsibility of the department manager.
I am responsible for managing the network (bandwith) and one alternative that was not mentioned earlier is rather than out and out restrict certain traffic, you can throttle it down traffic.
For example, if you throttle back YouTube priority and bandwith, you can make it so painfully slow that users stop going there.
The opposite is true too. You can also prioritize traffic to work related sites. (Really helpful for those who want to work.)
If people complain that the network is slow but (conveniently) can’t recall what they were doing when they noticed it, you can tell them that you can analyze their account activity history (i.e. see all the sites they have been to) and troubleshoot the problem for them.
They usually say, “You can do that?” or “Oh, nevermind.”
July 15th, 2008 at 3:53 pm
I agree that internet usage is not my job requirement. I manage an IT staff and it is up to the dept heads to manage their people. My concern is keeping the IS running and safe. I can’t believe that some of you let your users access to their personal emails. You are just opening the door for a virus. This is also a bandwidth hog as well. People like to forward the little funny attachments they get from friends and such to others in the company. Do you see the cascade? The avi and other video files are very large and can bottleneck your T1 in a heartbeat.
We filter, throttle and delete attachments that are not work related and if someone wants to gripe they can see the CEO. Until he tells me to change it…..
People have a job to do and they get paid for it. Keep your surfing at home.
September 29th, 2008 at 10:33 am
Our company has approximately 50-60 pc’s on a T1 network. We have Websense blocking all “unnecessary” sites from porn to social networking, streaming media etc. This morning, i decided to go online and research a possible employee outting to Atlantic City. I hit a brick wall when the phrase “Atlantic City” prompted a block for the category “gambling” LOL Now I can’t do my job! Fortuantely, IT was able to edit the rules for my account only. We had a laugh about it, (You’re all set, gamble away!) but I was loathe to call IT and trouble him to drop what he was doing to address my issue. However, since implementing the restricted access, our daily bandwith usage has decreased dramatically. Employees can still access their web-based email, banking, and news sites, but can no longer waste time watching YouTube and updating their MySpace pages. It is working for us with very little grumbling from employees. Seriously though, who’s going to complain that they can’t browse E-Harmony at work?