Search Intranets
Current Issue
January/February 2012
Editorial
Columns
Features
News & Tools
Read_Me_File

Services
About Intranets
Subscribe to
Intranets
Past Issues
Sample Issue (PDF)
Online Office Issues: What You Need to Know
By J. A. Hitchcock - Jan/Feb 2003 Issue Posted Jan 1, 2003 Print Version  
Page 1

Note: This article appeared in Intranet Professional, prior to its re-launch as Intranets (in 2004).

How do you handle a problem like online issues in the workplace? It may sound like the title of a song from The Sound of Music, but many companies are finding online issues are getting more complicated every day, whether it's the use of an intranet or the Internet. Relevant questions include the following:
• Should employee's online use be monitored?
• Should monitoring software be on every computer, the LAN and/or intranet?
• Should only a select number of computers be connected for online use (intranet and/or Internet)?
• Do employees practice good "netiquette?"
• What should be done if an employee is harassed online or is doing the harassing, whether from inside the workplace or from the outside?

First, look at the employees: Whether the company is small or large, you need to determine how often employees really need to be online. Are they using instant messaging/e-mail only via the intranet (for internal communications) or the Internet or both? Are they using the Internet for research or just "surfing?" How about Web conferencing? Second, is there an acceptable use policy (AUP)? If not, now is the time to formulate one. Don't wait for something to happen before policies are put in place. And finally, there is that thorny issue: Net monitoring software.

1. Employee Online Usage


Face it—if an employee's computer is connected to the intranet or Internet (or both), he is going to utilize it, whether or not it's for business or personal use. If usage rules do not exist, problems could, and likely would, happen. Make sure the rules are in writing, either as part of an online policy or as a separate document. Limit personal use of the intranet or Internet to before or after work and/or during lunch only. If net monitoring software is not installed, this becomes more of a trust issue.

To IM or Not to IM
With the explosion of instant messaging (IM), employees find it easier to shoot off an IM to a co-worker or superior than to pick up the phone or visit that person's office to talk. Take the case of "Bob," who had several IM windows open on his computer monitor screen at once, essentially "talking" with several people. He typed the message, "I think Tim is doing the right thing about going into rehab," referring to a co-worker who had confided in Bob about his drug habit. When Bob hit the SEND button, he groaned. He meant to send the IM to his girlfriend but typed the message in the wrong IM window and sent it to a co-worker who was a notorious gossip instead.

E-Mail Mishaps
It may be harder to send an e-mail message to the wrong person, but it does happen. If an employee is writing a message about something confidential, such as a new product in trials, recent sales figures, or information gleaned about a competitor, it could end up in the wrong in box. All it takes is inattention to the intended recipient and what the message contains, not going over the message carefully for grammar and spelling, and failing to double-check the recipient before hitting that SEND button. This is especially important if employees communicate with branch offices in other countries. Are they watching what they write and making sure they are not offending the other person?

Another example of e-mail abuse is when a more senior staff member admonishes or fires an employee via e-mail instead of in person. That employee could reply in anger (justifiably, but the wrong thing to do) and possibly escalate a situation that could have been handled better in person. Or that now ex-employee could sue the company for discrimination, sexual harassment, etc. and use the e-mail as evidence.

Even if the e-mail message gets to the correct person(s), if it contains confidential information, it could be used against the company, such as what happened to Microsoft when the Department of Justice investigated the company. With a little bit of thought and common sense, that e-mail you intend to send may be better communicated in person, over the telephone, as an internal memo, or by other means.

Can U C Me?
Web conferencing is another online wonder, but if used incorrectly or without proper security, it could be a problem.

• Set up one room for Web conferencing capability if using a PC camera instead of having a PC camera on every employee's computer. This cuts down on abuse (such as Web chat rooms, employees "conferencing" with each other on company time, etc.).
• Do a test conference before the actual one, so that any problems can be worked out beforehand.
• Consider using an online Web conference Web site instead of setting up one on the intranet. Some secure sites include: www.placeware.com; www.webex.com; and www.mshow.com; www.latitude.com.
• Any Web conference should be accessible only with a password and the password should be different for each conference. Always make the password a combination of letters and numerals to cut down on "interlopers" when using a Web conference Web site on the Internet instead of in-house. Yes, it is harder for people to remember "complicated" passwords, but if the Web conference is something you do not want competitors to know anything about, the more complicated the password, the better. For example, a well-known candy manufacturer set up a Web conference at Webex in tended for employees only. The conference was about a new product that competitors were dying to find information about. Competitors got into the conference because the password was the name of a candy bar currently in production. All they did was type in product names of the candy manufacturer and they found the right password.

Surfing USA … And Around the World
An employee is doing research on the Internet. He accidentally clicks on a pornographic Web site and frantically gets out of there (after shutting down dozens of pop-up windows, a common ploy by nefarious Web site owners). Should he be reprimanded? No. It is easy to visit a Web site that one had no intention of going to, especially if the link looked innocent enough. Another employee is typing madly away. The employee is observed participating in a personal chat room. On company time. It is not lunch, nor a break. Should she be reprimanded? Definitely. If the organization has an acceptable use policy (AUP) in place, it can be used to address personal online use, especially if the policy notes so many warnings before dismissal, loss of vacation days or some other "punishment."

2. The Acceptable Use Policy (AUP)
Don't have an AUP? It is easy to formulate one, once you know what to include. Some companies make an AUP part of the employment package or contract when hiring a new employee or have current employees sign and date the policy once they have read and agreed to it, which is highly recommended.

The best way to determine what an AUP might look like is to share one that is especially good in addressing the key issues of online use. The sidebar on pages 6 and 7 provides an example of an AUP for businesses (courtesy of www.efa.orgau/Publish/aup.html). Replace "Widgets Ltd." with your company name and adjust wording according or edit as desired.

3. Net Monitoring Software
Think of it this way—the company owns the computers, not the employees; the company pays for the Internet and intranet services, not the employees; the company pays for the software, not the employees; and so on. Monitoring is something that should be seriously considered.

Each of the following Web sites offers net monitoring software and many have additional info, such as survey data, sample AUP policies/ information, case studies and more:

http://www.SurfControl.com
http://www.WinWhatWhere.com
http://www.NetScout.com
http://www.Sequeltech.com
http://www.Gridsolutions.com

When deciding on what makes the most sense in your organization, keep in mind what employees need to do online, whether or not there is an acceptable use policy, and what net monitoring software is available, if you should choose to use it.

Sidebar

WIDGETS LTD. ACCEPTABLE USE POLICY FOR EMPLOYEE USE OF THE INTERNET

SUMMARY
This policy sets out guidelines for acceptable use of the Internet by employees of Widgets Ltd. The primary purpose for which Widgets provides access to the Internet to its employees is to assist them in carrying out the duties of their employment. They may also use the Internet for reasonable private purposes, which are consistent with this Acceptable Use Policy (AUP). They may not use the Internet access provided by Widgets Ltd. in such a way as to significantly interfere with the duties of their employment or to expose Widgets Ltd. to significant cost or risk of liability. Widgets Ltd. may modify this policy upon 30 days notice in writing to its employees. 

WHAT IS ACCEPTABLE USE
Subject to the balance of this policy, employees may use the Internet access provided by Widgets Ltd. for: work-related purposes; sending and receiving personal e-mail messages provided that if e-mail messages are sent with a Widgets Ltd. e-mail address in the From: or Reply-To: header, a disclaimer shall accompany the message to the effect that the views of the sender may not represent those of Widgets Ltd.; reading and posting personal Usenet messages on the same condition specified above; using instant messaging software for personal purposes; accessing the World Wide Web for personal purposes; and utilizing any other Internet service or protocol for personal purposes after obtaining permission to do so from Widgets Ltd.; provided in each case that the personal use is moderate in time, does not incur significant cost for Widgets Ltd. and does not interfere with the employment duties of the employee or his or her colleagues. 

WHAT IS NOT ACCEPTABLE USE
Except in the course of an employee's duties or with the express permission of Widgets Ltd., the Internet access provided by the company may not be used for: personal commercial purposes; sending unsolicited bulk e-mail; disseminating confidential information about Widgets Ltd.; any illegal purpose; knowingly causing interference with or disruption to any network, information service, equipment or any user thereof; harassing either a fellow or nonemployee; disseminating personal contact information of officers or employees of Widgets Ltd. without their consent; knowingly causing any other person to view content which could render the company liable pursuant to equal opportunity or sex discrimination legislation at the suit of that person; or knowingly downloading or requesting software or media files or data streams that the employee has reason to believe will use a greater amount of network bandwidth than is appropriate. 

CONSEQUENCES OF UNACCEPTABLE USE
Widgets Ltd. keeps and/or may monitor logs of Internet usage, which may reveal information such as which Web sites have been accessed by employees and the e-mail addresses of those with whom they have communicated. Widgets Ltd. will not, however, engage in real-time surveillance of Internet usage, will not monitor the content of e-mail messages sent or received by its employees (unless a copy of such message is sent or forwarded to the company by its recipient or sender in the ordinary way), and will not disclose any of the logged, or otherwise collected, information to a third party except under compulsion of law. 

Responsibility for use of the Internet that does not comply with this policy lies with the employee so using it, and such employee must indemnify Widgets Ltd. for any direct loss and reasonably foreseeable consequential losses suffered by the company by reason of the breach of policy. 

Widgets Ltd. will review any alleged breach of this AUP on an individual basis. If the alleged breach is of a very serious nature, which affects the employee's duty of fidelity to the company (for example, e-mailing confidential information of the company to a competitor), the employee shall be given an opportunity to be heard in relation to the alleged breach, and, if it is admitted or clearly established to the satisfaction of the company the breach may be treated as grounds for dismissal. 

Otherwise, an alleged breach shall be dealt with as follows: 

Initially, the employee shall be informed of the alleged breach, given an opportunity to respond to the allegation, and, if it is not satisfactorily explained, be asked to desist from or where applicable to remedy the breach. 

If the breach is not desisted from or remedied, Widgets Ltd. may either withdraw the employee's access to the Internet or provide a first warning to the employee, to which the employee shall have an opportunity to respond. 

If the infringing conduct continues, the employee may be given a second and a third warning, to each of which he or she shall have an opportunity to respond. 

If a breach is committed after the third warning the employee may be dismissed. 

Version No: ____ Date: ____ 

For more information on acceptable use policies review these Web sites: 

www.surfcontrol.com/resources/Acceptable_Use_Guide.aspx
www.netc.org/tech_plans/aup.html
www.doi.gov/footer/doi_aup.html

Sidebar

"Netiquette"—The Write Thing to Do
• Be polite whether communicating within the company or on the Internet. Remember: You are using a work account and if you do something that could be considered harassment or rude, you could lose your job.
• When writing an e-mail message, make it look professional, as though you were typing it to be printed and mailed via regular postal mail. Do not hit the SEND key until you have reread it at least a couple of times to make sure spelling and grammar are correct. Do not use smileys or cute acronyms, especially when writing a message to someone from another country.
• Always sign e-mail messages with your full name and title, no matter how well you know the recipient.
• If using a work e-mail account to send messages containing your personal opinions, clearly state that this is your opinion and not that of the company you work for.
• Do not forward or send messages in all capital letters, SUCH AS THIS. It is considered shouting and could offend others. • Do not send or forward any chain letters or "forward this to everyone you know" messages while at work or to people you work with or for.
• If writing a message intended for someone in a branch office in another country who is not American, make sure you know enough about his customs so as not to offend him. If you do not know, ask someone in the office. It is always better to be safe than sorry (and possibly fired for inappropriate behavior).

Sidebar

I Spy—Should You?
• 34.9 percent access the Web at work a few times a week • 38.1 percent access it a few times a day • 14.6 percent surf constantly
• 12.4 percent never access it When asked how much time they spent surfing non-work-related Web sites, employees gave the following answers:
• 9.6 percent-Never
• 18.4 percent-Up to 10 minutes
• 25.1 percent-30 minutes to an hour
• 11.9 percent-1-2 hours
• 12.6 percent-Over 2 hours

Vault.com surveyed 451 employees in Fall 2000 and gathered the following information: When asked if they felt their employer had the right to monitor their Internet usage, 53.2% said yes and 46.8% said no.

Source: www.vault.com


Print Version  
Page 1

Copyright 2004-2012: Information Today, Inc. 143 Old Marlton Pike, Medford, NJ 08055-8750
Phone: 609-654-6266 · Fax: 609-654-4309 · custserv@infotoday.com