policies

Monitoring employees online: Is it right?

The choice to monitor your employees’ computers or not is a tricky one. While part of you may think it’s unethical, it could end up saving you hours of lost productivity or preventing a data breach. Here are some pros and cons of employee monitoring, and some tips to handle it fairly if you decide it’s right for your business.

The case for monitoring

There are a number of reasons why monitoring your employees’ activities on company devices is a good idea. Doing so can help you:

  • Protect your organization from data theft or harm – because careless or disgruntled employees may leak or steal your data.
  • Ensure you have a harassment-free workplace – because cyberharassment (sexual or otherwise) happens among employees.
  • Ensure staff are complying with policies – such as not downloading illegal programs or spending time on websites with illegal or hostile content.
  • Provide evidence in case of a lawsuit – heaven forbid this happens, but if an employee participates in illegal activities using your business’s computers, monitoring can provide evidence of who was involved.

The sad fact of the matter is that many business owners who begin monitoring their employees often end up discovering that their staff members aren’t focused solely on the company’s success.

Arguments against employee monitoring

Of course, there are some potential downsides to monitoring that you should be aware of as well. These include:

  • Productivity loss – monitoring can put a damper on employee morale and you may see the distrust lead to productivity losses.
  • Lost privacy and lawsuits – you’ll likely learn personal details of your employees that you would’ve never known about had you not monitored them. You may discover their political or religious views, sexual orientation, or medical problems. This could potentially open up your business to privacy or discrimination issues if you or your management team acts negatively based on any of this information.

Monitoring guidelines to follow

If you decide to monitor your employees, here are a few tips you should follow.

1. Create written policies
When you decide to monitor your employees, ask yourself: Am I doing this for security purposes? Is it to ensure your employees aren’t wasting time on social media? If your monitoring policies are too strict, you could create an atmosphere of distrust.

Set guidelines for acceptable use of email, social media, web browsing, instant messaging, and downloading software and apps. Also, make sure to include how monitoring will be carried out and how data will be secured or destroyed.

2. Tell your employees
It’s important to inform your employees about the scope of your monitoring policies. If they find out you’re doing it without their knowledge, you could face legal issues. By being transparent and open, you may actually see a boost in productivity by deterring employees from wasting time on the web.

When you tell your employees, explain why you’re doing it and the risks your business faces from misuse of digital assets. Reassure them you’re not doing it to spy on their personal life, but to create a compliant and law-abiding workplace. Because their activities will now be less private, encourage your staff to keep their personal communication to their smartphones. Also, provide a copy of your written policy to employees to read and sign.

3. Get the right technology tools
You don’t need to know every little employee activity, so look for apps and software that alert you of the most relevant problems so you can focus on more important tasks.

If implemented correctly, employee monitoring makes your business more secure and productive. For more information about security and other IT support tools, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

IT security policies your company needs

When it comes to Internet security, most small businesses don’t have security policies in place. And considering that employee error is one of the most common causes of a security breach, it makes sense to implement rules your staff needs to follow. Here are four things your IT policies should cover.

Internet

In today’s business world, employees spend a lot of time on the internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. This must limit internet use for business purposes only, prohibit unauthorized downloads, and restrict access to personal emails on company devices. You can also include recommended browsing practices and policies for using business devices on public wifi.

Email

Just like the Internet policy mentioned above, company email accounts should only be utilized for business use. That means your employees should never use it to send personal files, forward links, or perform any type of business-related activities outside their specific job role. Additionally, consider implementing a standard email signature for all employees. This not only creates brand cohesion on all outgoing emails, but also makes it easy to identify messages from other employees, thus preventing spear phishing.

Passwords

We’ve all heard the importance of a strong password time and time again. And this same principle should also apply to your employees. The reason is rather simple. Many employees will create the easiest to crack passwords for their business accounts. After all, if your organization gets hacked, it’s not their money or business at stake. So to encourage employees to create strong passwords, your policy should instruct them to include special characters, uppercase and lowercase letters, and numbers in their passwords.

Data

Whether or not you allow your employees to conduct work on their own devices, such as a smartphone or tablet, it is important to have a bring your own device (BYOD) policy. If your employees aren’t aware of your stance on BYOD, some are sure to assume they can conduct work-related tasks on their personal laptop or tablet. So have a BYOD policy and put it in the employee handbook. In addition to this, make sure to explain that data on any workstation is business property. This means employees aren’t allowed to remove or copy it without your authorization.

We hope these four policies shed some light on the industry’s best security practices. If you’d like more tips or are interested in a security audit of your business, give us a call.

Published with permission from TechAdvisory.org. Source.