Your computers and networks are a window to your organization. They require a significant investment to get set up, and they provide access to information, functionality, and collaboration with team members.
This means that they are an asset you should protect, ensuring that your security is up to scratch and that they are only used for work that contributes to your organization's mission. In order to maintain an open channel of communication with staff, volunteers, and anyone else who uses your network, it's important to lay out a policy explaining exactly how your organization's networks should and should not be used.
Creating a policy ensures that everyone is on the same page, while protecting your organization from security issues and liability for any illegal activity performed by those with access to your network.
Below are four key reasons to implement a computer use policy at your organization.
First, there are security concerns that can arise from misuse of company computers or networks. Piracy is a large contributor to malware infections, so if pirated software or files are downloaded onto your machines, your cybersecurity is at risk. Downloading pirated content is also illegal in the U.S. If someone with access to your computer network uses it to download pirated goods, your organization could become liable for that crime. Clearly stating that these practices are prohibited reduces your risk of running into these issues.
Without a computer use policy, your users may not know what is expected of them or to what extent they may use company networks for personal purposes. Setting precise guidelines around what is and is not acceptable, and explaining what the consequences will be if those guidelines are abused, ensures that you and your employees know exactly where you stand.
A computer use policy helps reduce misuse of your network and holds users personally responsible for any misuse that does occur. Prohibited activities might include gaining unauthorized access to other computer networks or data, illegally revealing or passing on your organization's data, fraud, or copyright infringement. Again, your organization can become liable for illegal activity performed using its networks.
You may also explicitly prohibit things like cryptocurrency mining or activities that use excessive bandwidth.
Not only does a computer use policy help employees to understand what is required of them, it also tells them what they can expect from their employer. You should explain clearly any monitoring that you plan to do, so that they understand the level of privacy they can expect while they are at work.
The wording of your policy should clearly explain to employees, volunteers, and anyone else using your networks exactly what is expected of them and what they can expect from you as an employer. It should also outline what steps will be taken should the policy be violated. All network users should agree to this policy before gaining access to the network.
Here are a few key points your policy should include:
Instating a computer use policy may seem like a lot of work — and, of course, you trust your employees to treat your networks with respect. However, these policies prepare you for worst-case scenarios in which somebody violates the guidelines, and they act as a deterrent from using networks inappropriately. Furthermore, they promote open communication and clear boundaries and can help to create healthy workplaces.
In partnership with Tech Impact, TechSoup is piloting a service for developing computer use policies. If you are interested in participating in the pilot scheme, please complete the survey below to let us know.
In the meantime, a wide range of tools and support are available from TechSoup to help you keep your organization running smoothly and your employees well cared for. Start by checking out these human resources tools to help you collaborate more effectively with your colleagues. And look into our help desk services to help you solve urgent software and hardware issues.
Top photo: Shutterstock.