In a world of constant connection, it’s not always easy to keep track of your employees. Even if you know where they are physically, you still may not know where they are virtually. Thanks to modern technology, even when their backsides are firmly planted in their office chairs, their minds may be thousands of miles away. The invention of the internet was supposed to allow people all over the world to work together to reach new levels of achievement. While that is sometimes the case, all too often it just allows them to collaborate in wasting time.
Connectivity has become pervasive and compulsive. Many people have developed an uncontrollable need to constantly check everything from sports scores to stock prices. Workplace use of social networking sites has become so rampant that it has been popularly dubbed “social not-working”. Studies have found
many employees admitting, anonymously of course, that they spend up to two hours a day accessing social media sites from work. Few, however, are honest enough to update their Facebook status to “goofing off”.
Workers do not have a right to use their employer’s internet connection any way they please, but plenty of them seem to believe they do. Gently but firmly eliminating that belief is the first step in avoiding lost productivity, legal issues, and breaches in security. You don’t want to create resentment by being overly strict or arbitrarily restrictive, but you do have a right and a duty to protect your organization, and to manage and monitor your workers’ whereabouts on the World Wide Web. We’ve put together a few tips to help you maintain control of the people and technology in your organization.
Defend Your Rights
People think of the internet as a public place, and they tend to think it’s their right to visit it whenever they please. They need to remember, though, that in the workplace the means of getting to that place belongs to the employer, who is paying for the internet access and providing the computer hardware. Time spent on the internet while at work also belongs to the employer. The organization pays the costs and carries the responsibilities. It therefore has the right to protect itself and its resources. After all, it will be the company’s door the RCMP knocks on first if an employee uses the connection to do something illegal, and it will be the company’s data that is compromised if the network becomes infected with malware. Therefore, implementing an Internet Acceptable Use Policy or Social Media Personal Use Policy is a necessity in this day and age.
An effective policy or set of policies will make it clear to your people that company internet access is for business purposes only. You want to make sure you outline when, if ever, personal use is allowed, and define all types of use that are prohibited. If you have a clear and comprehensive internet usage policy in place, you can forestall accusations that you are invading your employees’ privacy or unfairly restricting their freedom. Be firm but diplomatic. Make your policy comprehensive but reasonable. You want to get an effective policy in place, but you don’t want to alienate everyone in the process. Make the rules and the reasons behind them clear so you don’t appear arbitrarily restrictive. Make sure that your policy doesn’t make anyone feel singled out, or appear unfair in granting privileges to some while restricting others without reason.
Be Aware of the Dangers
There’s more at stake in managing your employees’ online habits at work than just maintaining productivity and discipline. Unauthorized internet usage can bring other consequences, ranging from degraded network performance to security risks and legal liabilities. Consider downloading our Network Security Policy. There are legal risks from employees using your connection to download copyrighted material like music, movies, or pirated software. Employees using your connection to access illicit sites with content like child pornography, or racial or religious hate material could bring the police to your door. Anything your employee does through your connection is going to come back to you first.
Malware, including viruses and spyware, has grown increasingly complex and dangerous in recent years. Infections can lead to damaged or lost data, computers being hijacked for illegal purposes, or sensitive information like passwords or credit card data being stolen by software that logs keyboard input. Your IT department can help protect your system with firewalls and scanning software, but it’s better to avoid the risk of infection in the first place.
Use Technology to Your Advantage
The two main technology based defenses against unauthorized internet use are traffic blocking and monitoring. Through software or network settings, you can block traffic to sites you don’t want employees visiting. There are services that maintain lists of websites with illicit or dangerous content, and allow you to block access to them. This can be done with client software on individual computers or at the network level. If nothing else, it’s prudent to block social media sites and sites with streaming video. These are the two biggest causes of wasted time and bandwidth. Workers with business-related reasons for accessing those sites can specifically be given access.
Monitoring software is capable of keeping logs of internet traffic from every computer in your organization. Having those records can help you if a problem develops requiring disciplinary action. For true accountability, it is best to have proper password protected computer user accounts in place for each employee so that you can reliably correlate activity to a specific employee rather than just a machine.
If you do put a monitoring system in place, it’s best to make sure everybody knows about it. The open acknowledgement that records are being kept not only prevents potential mistrust and resentment over a perceived invasion of privacy, it can also serve as an effective deterrent to inappropriate activity. Some employees may still occasionally check the sports scores or the latest celebrity gossip, but everyone will be a lot less likely to cross the line into serious abuse of your connection if they know their activity may be monitored.
If you have a system in place but you don’t tell your people about it, you not only lose that deterrent effect, you place the burden on your IT people of actually having to sort through traffic logs for everyone in your organization and decide what is or isn’t appropriate usage. IT people are busy enough as it is, and so are you. If you can deter most of the unwanted activity, you’ll only have to look through the logs for specific instances when you suspect a problem has occurred. Consider downloading HRd's Telephone and Computer Surveillance Policy.
Be Firm but Reasonable
Any employees who are still abusing the privilege of internet access can be dealt with reasonably through normal, documented progressive discipline procedures. While you need to keep control, you also need to keep things in perspective. You want to be sure your internet is used for legitimate safe reasons, but you don’t want to overreact to every little transgression. Disciplining an employee for occasionally checking the weather is probably counterproductive. Employee engagement, productivity and retention are all served by maintaining a culture of respect. Creating an atmosphere of total lockdown, or giving the impression that you’re being sneaky or spying can destroy trust between you and your employees. This can easily spiral out of control in a cycle of mutual antipathy, which everyone wants to avoid.
The biggest reason the internet has become such a dominant aspect of our culture is that it is such a human technology. It allows us to connect with other people with an ease that was never before possible. That constant connection can be very compelling, and it can be a tempting distraction in the workplace. People can be compulsive, and they can also be irrational and emotional where that connection is concerned. Dealing with all the possible pitfalls of that fact requires a reasonable, measured response. In the end, the way workers use the internet is not fundamentally a technology issue. It’s a human issue.