It seems that no matter how many times you remind employees to stop personal use of the Internet, they keep on surfing. Today’s expert has solutions.
Internet usage at work is tough one, says Laura E. Innes, a partner at the law firm of Simpson, Garrity & Innes in South San Francisco. But there are practical steps that employers can take.
Internet Use Policy
First of all, you definitely want a policy on this topic, but you also want to be very open with your employees about Internet usage. Let them know that you are monitoring it. Remind them that employees’ Internet histories are periodically reviewed to ensure that your policies are followed and that people aren’t using the Internet inappropriately during working time.
No Deleting Internet History
This is important, says Innes: Have a rule that employees are not to delete their Internet history. Remember, employees are smart, and they figure all this stuff out. So if you tell them that they can’t use the Internet for personal Web browsing and that you’re going to look at their history, they’ll delete their history so it won’t be there.
So you have to say, “You’re not allowed to delete your history.” Make that a violation of the policy.
BLR’s SmartPolicies supplies 350 HR policies on a CD, prewritten for you, and ready to customize or use as is. Examine it at no cost or risk. Find out more.
What About Key-Loggers?
If you are going to use a key-logger program that monitors computer keystrokes, the situation is the same. Make sure people know that you monitor, and then make sure you actually do monitor.
Many of her clients have implemented a random system, Innes says. For example, “Two percent of our employees’ Internet usage will be randomly reviewed every week,” and do it.
If you find that someone is on a non-work-related Internet site, tell them: “We noticed that you were on eBay Tuesday afternoon, and there’s no reason for you to do that in connection with your business for XYZ company. That’s a violation of our policy. This is an oral warning. If you violate the policy again, additional discipline—including termination—could follow.”
What to Do with Personal Information
With any kind of monitoring, you’re going to get personal information. Don’t go into it any more than is absolutely necessary to confirm that the employee was doing something inappropriate.
So, for example, if an employee on a delivery route diverged from the route without permission, and went 6 blocks away and was parked in front of some building for 2 hours, all you really care about is that she was off the route for 2 hours. You don’t care whether she was parked in front of a Planned Parenthood facility, a counselor’s office, or was shopping.
Similarly, when you see e-mails that clearly are not business e-mails, look at them enough to identify that it’s not business e-mail, and then stop reading. You don’t want to get into all of the details about hip replacement surgery.
Why write your own policies when we’ve already done it for you … at less than $1 each! Inspect BLR’s SmartPolicies at no cost or risk. Get the details.
No Personal E-Mail
Often employers say, “Do not use your e-mail account for personal business,” or “We monitor e-mail and review employee usage records.” By doing this, they hope to remove the expectation of privacy.
It is helpful to have such policies, but be sure to enforce your rules, says Innes. If you are tacitly allowing employees to use their business address for personal correspondence, you may not have diminished their expectation of privacy.
One approach is to say, “If you want to use our computers for personal e-mail, do so during restroom or meal breaks, and use a private e-mail account such as Hotmail or AOL.”
Malware and Viruses
Finally, notes Innes, one additional reason to halt Internet browsing: Visits to certain sites can put malware—destructive programs like viruses, worms, and Trojan horses—on your system.
Innes’s anecdotal experience suggests that half of her clients’ difficult computer system problems come from employees using the Internet for personal use and downloading some sort of malware or virus.
In the next issue of the Advisor: Policy considerations for Internet usage and some good news—your Internet policies are already written!