Introduction:
The concept of "Appropriate Use" of computing resources is something that
is quite foreign to a number of business owners, managers and policy makers.
This is, though, no surprise, as it is one of those things that "people
don't that they don't know (about)" until they get 'burned'?
Having allowed employees to 'run rampant' with the business-owned resources
on their desk - the business principals soon learn that perhaps they have
been "missing something" - and that "something" is the concept of appropriate
use...
So - lets begin, as usual, with some definitions - let's build a vocabulary
of terms so that we are all talking about the same ideas and concepts in
the same way:
Business-owned computing resources: the assets or expensed-items
that the business funds to allows it's employees (whether full-time,
part-time or contract) to access both business-owned-data and/or resources
(web-site-information, customer, vendor web-sites, data, etc.) on the InterNet
(typically web-based but can be otherwise, and/or by using both internal
and/or external e-mail resources.
Appropriate Use (of business owned computing resources: We'll make
the 'assumption' here (with all the risks involved in assumptions) that a
business hires an employee to 'do work' for and on behalf of the business.
We'll also "assume" that the work-description and/or the 'job-responsibilities'
do NOT include such things as:using the
company-supplied computer,
on
company time to access sites such as:
- erotic sites such as: Playboy., Lusty Teens, etc.
- sports, news sites such as: ESPN, CNN, New York Times
- job-search-web-sites / salary survey web-sites
- stock-broker accounts, personal finace accounts
- personal e-mail / chat-rooms / interactive messaging areas
The 'general' message here is that businesss computers are a Business Resource,
and should be used to do Business Work - that is, they should be used - and
the time the employee is employed should be used to benefit the employer,
not the employee...
However, some business owners, not having set-forth a documented, written
policy on the subject, have, unfortunately, now worked themselves into a
corner - because they have allowed employees free-reign of the business-owned
computing resources, and consequently have to face:
- deteriorating productivity (while an employee is 'surfing the
web' for their own ends, they are not engaging in the productive, profit-making
work that the business hired them for.
- potential risk of 'exposure' and loss of confidence by customers
if employees do something on the web (read this "In Public") that the business
might be embarassed by ("In Public" (in the press))
- reduction of 'up-time' of computer systems because of errant
viruses / trojans getting onto the computers because of lack of employee
'discipline' in e-mail & web-practices
So - how does the business owner reverse this trend, clean-up their employee's
attitudes & behaviours and get the business back into a productive employee
model.
It's not easy, it's not quick and it is certainly fraught with a number of
Employee Relations and legal hurdles, as the business has now, by 'default'
given employees a 'priveledge' and it is going to be very difficult to take
it away from them. There is saviour in all this, though, hire a competent
consultant to help you resolve the issue from three viewpoints:
Policy needs to be written, agreed upon, implemented and
monitored
Technology probably needs to be upgraded, configured,
and monitored over time
Attitudes and behaviours need to be changed, - this is
by far the longest, hardest part of the endeavour.
More to come here, later...
last update: 2_May_2002; VAC;MacX;nsc6.2;
revID: 2e