Regulating access to the Internet

While the Internet can increase employee productivity, the potential for employee misuse can create a significant downside. The downside may manifest itself as a decrease in employee productivity when there is excessive personal use of the Internet on company time, using company resources. There must also be consideration for controls on inappropriate employee behaviour such as:

• Accessing gambling, auction, hate or pornographic websites
• Visiting sites that engage in, educate on or encourage illegal practices
• Leaking confidential business information
• Engaging in the piracy of copyrighted materials such as software, music, video, movies and literature

Employers must also provide direction to employees to prevent unintentional misuse of the Internet, such as tying up bandwidth by downloading large files that may be available from other sources. Guidance should be supplied to employees regarding available online storage space and network bandwidth so they can make informed decisions regarding email with large attachments and for data upload and download activities.
Some larger enterprises allow unlimited access to the Internet only for certain employees, e.g., those who are either senior or involved in research. In such cases, access is controlled with documented restrictions on appropriate uses for the Internet when using company-supplied computers and network facilities. At the other extreme, many smaller companies do not have Internet policies and have no written restrictions on use. In such cases, it is prudent to establish a policy that (a) requires that such use be reasonable and (b) specifically prohibits access to inappropriate sites using company equipment.
There may also be government or industry-specific compliance requirements to track and record company communications and transactions. If employees are aware that their activity may be logged, that alone may discourage inappropriate use.
Jeffrey D. Sherman, BComm, MBA, CIM, FCA