Does your company have an information technology (IT)
policy? If so, when did you last update it and do your employees
know it exists? This article looks at the pros and cons of your
employees' internet access and what you can do to develop a
policy around this.
Benefits and pitfalls
Do you provide your employees with portable devices such as
iPhones, iPads, Blackberries or laptops? Do you allow your
employees to access your business' network using their own
portable devices? Does your IT policy adequately address the
security risks arising from your employees using portable
We have all heard or read of horror stories about emails written
in anger and sent in haste (occasionally these end up plastered
across the front page of the New Zealand Herald). Does
your IT policy set out what is and what isn't acceptable when
sending internal and external communications (including emails,
texts and communications on letterhead)?
Social media sites such as Facebook, Twitter, YouTube, Pinterest
and LinkedIn, amongst others, provide a myriad of marketing and
networking opportunities for some businesses. Various issues can
arise, however, from employees' misuse of company email,
internet and social media; these could include:
Loss of productivity
Increased internet connection costs
Reduction of internet speed due to high use/downloading which
can affect business efciency
Inadvertent or intentional disclosure of confidential and/or
commercially sensitive information
Damage to your business' reputation as a result of negative
comments made by employees in emails or on social media sites,
Allegations of bullying or harassment as a result of derogatory
comments posted on social media sites by one employee about another
What does a good IT policy contain?
A good policy will:
State your business' position on your employees'
personal use of work email, work devices such as computers and
smart phones, internet and social media sites stipulating what
level of personal use (if any) is acceptable
Set out the types of behaviour which are deemed unacceptable,
for instance, making intimidating or derogatory comments about
other employees or clients, or disclosing confidential
Address security risks, for example, the use and disclosure of
passwords, and protection of confidential information
Confirm that your business owns any equipment/portable devices
provided to employees and all information contained on them
Advise whether your employees can access your business network
via their own portable devices/home computers and, if so, the
limitations you wish to place around that
Set out the steps you take to monitor your employees'
business and personal use of work email, work devices such as
computers and smart phones, and their internet use. If you allow
employees to access your network via personal devices then you
should stipulate the steps you can take to monitor their use of
personal devices to do that
Specify the extent to which (if at all) it's acceptable for
employees to refer to your business or other employees in blogs or
on social media sites. Point out to employees that information
posted on social media sites may not be private
If you require employees to maintain company blogs, or social
media sites, set guidelines for the type of content that's
State what steps may be taken if an employee breaches your IT
The key to any good policy is that it should reflect the culture
of your business, should be easy to understand and accessible to
all your employees.
The start of the year provides a good opportunity for all
businesses to review, update or implement an enduring and robust IT
policy. A good policy can be proactively used to manage risk while
maximising the benefits that email, portable devices, the internet
and social media can deliver to your business.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
James & Wells Intellectual Property, three time winner
of the New Zealand Intellectual Property Laws Award and first IP
firm in the world to achieve CEMARS® certification.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Long experience representing many of Australia's leading employers has taught us that in employment litigation the identity of an employee's representative is a major factor in how employee litigation runs.
The festive activities of staff at employer endorsed Christmas functions should be of concern to employers.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).