Whether you'd like to read Living IT in printed form or via our Email digests, subscriptions are free. Sign up now, and we can send you regular copies of Living IT magazine by post or electronically.
News Desk
How To
In Depth
Case Studies
Expert Opinion

Mobile Computing

Advertisers Info

How to monitor and control use of the Internet and email

If you want to monitor and control what your staff do on-line – what web sites they can and can’t visit and whether or not they can send personal emails or messages, you can buy software that will help you to do this. Infact this is a good idea as there are a number of threats to which workers could inadvertently expose the business and themselves to.

Naturally you should use anti-virus software and a firewall to make sure that the business is protected from basic threats and by implementing the business Internet security packages’ equivalents of parental controls you can provide some basic protection for the business. These will prevent staff from accessing inappropriate web sites from your network. You can also subscribe to a number or content filtering services that will sift out all of the inappropriate material and block attempts to access certain types of web site and material.

You must of course, be very careful that this is not seen as ‘snooping’ and while you might want to monitor email content for example, you should not of course, be looking at information that is of a personal nature. But content that pertains to company business, can and should be monitored and recorded as it could affect you contractually. Staff also need to be careful about what they say in emails as companies, as well as individuals, can be held responsible for defamatory comments or the passing on of confidential information, or harrassment.

Before you put any kind of monitoring in place, the first thing is to have a usage policy that sets out what staff are and are not allowed to do on-line – and they need to agree and signup to the policy for it to be effective and binding.

A usage policy need not be a massive or overly formal document – it just needs to make it clear what is expected of employees. The policy should be sensible and strike a balance between allowing users to do things like check their own personal bank details and perhaps visit shopping or sports sites in lunch breaks, but draw the line at visiting sites that might contain content that may be offensive to some users. It is a good idea to involve staff in drawing up the rules right at the start so that you can find out what they think is reasonable and heighten awareness of the need to protect the business.

As well as making it clear to everyone what’s allowed and preventing too much time wasting and inappropriate use, having a usage policy will also protect you from being taken to task by the employment authorities. While you have a right to keep an eye on what your employees are doing on-line, you are required by law to tell them that you plan to do this – and let them know exactly how and why you are doing it. You also need to be sensitive to their privacy of course, and having a usage policy and monitoring activity can also protect employees – from being exposed to potentially offensive material perhaps or from identity theft and the like.

It is also important to work out what you will do if there are any serious breaches of the policy by staff. How many times would they have to breach the rules – and by how much – before they are given a formal warning and under what circumstances might someone be dismissed for improper use. Checking the cricket score is one thing, but using company internet resources to download megabytes of music or video, to visit pornography sites will be another matter for most employers.

Most usage policies will include, as a first level, the withdrawal of access to Internet and email resources while there is a query to be sorted out.

What do you need to think about?

What should you allow staff to do and not to do on–line and what should your usage policy cover?

  • Personal email - if this is allowed, is it limited to reasonable volumes or to certain times of the day

  • Email content - you need to be careful about sharing confidential information or being subjected to defamation or causing offence, so rules about content need to be set out

  • Instant Messaging - popular with groups of friends and home users and often useful at work also – but do you allow it?

  • Web surfing? - limited access to sports and retail sites may be acceptable, but adult material or anything else that might cause offence to anyone won’t be in most cases

  • Time on line - the amount of time spent on personal surfing and genuine work and research needs to be checked out as well

  • Downloading - it can be dangerous and consume bandwidth and time, if staff are always downloading software utilities and / or MP files.