------------------------------------------------------------

It is often said the Internet was one of the greatest
technological innovations of the twentieth century.
However, if not managed appropriately, the Internet’s very
strengths can be used by employees in ways which can lead
to devastating effects for organizations, often having a
detrimental impact on the firm’s bottom line.

The 2002 Computer Securities Institute/FBI Computer Crime
and Security Survey found 78% of employers reported staff
abusing email and the Internet systems at work. This
article explores the key risks arising from inappropriate
Internet use and how an effectively implemented Corporate
Internet Policy can minimize risk.

LOSS OF PRODUCTIVITY. The most common misuse of the Internet
in the workplace is non-work related surfing. Unlike taking
an extended lunch break where one’s physical absence is
observed, surfing the Internet often goes unnoticed by
colleagues.

The temptation for staff to surf for personal ends is rife
throughout the workplace. Numerous surveys conclude a
significant proportion of work time is lost to personal use
of the Internet. IDC Research estimates 30% to 40% of
employees’ Internet activity is not business related and
costs organizations millions of dollars in lost
productivity.

These statistics are staggering. Employers would never
dream of allowing staff to take 2 days paid holiday each
and every working week. However, they are effectively doing
just that by enabling staff unfettered access to the
Internet. This productivity loss is also a major
contributory factor to most of the other risks and so needs
to be tackled head on.

LEGAL LIABILITY. Employers are obligated to protect their
staff from inappropriate behavior of a racist, sexual or
offensive nature. This includes employees use of the
Internet. The downloading of such material, whether
intentionally or otherwise, exposes the organization to
legal risks. Businessweek.com estimates 70% of Internet
porn traffic occurs between 9am and 5pm. Even if not
forwarded, staff accessing such inappropriate
information/images on their PC could be accused of causing
harassment.

Should employers not have an effective Corporate Internet
Policy and disciplinary guidelines designed to prevent such
activities, other employees may have recourse to the
courts, potentially resulting in significant damages being
awarded to claimants. Some 27% of Fortune 500 companies
have faced harassment claims.

Additionally, employees need to ensure when downloading of
files – images, documents, software, data, music, video
etc. – that they are not subject to intellectual property
rights. Infringement can also lead to costly settlements
should action be taken.

BREACH OF CONFIDENTIALITY. What is often forgotten is that
confidentiality breaches most often stem from within. The
Internet offers numerous ways to disseminate information,
often without trace. Internet-based email systems, instant
messaging services, chat rooms, bulletin boards are just
some of the methods staff can use to funnel confidential
information.

Should such information be passed into others’ hands, it
could cause significant damage, potentially resulting in
revenue loss. Staff must be explicitly informed on what
basis they are permitted to use such tools, and monitoring
and enforcement tools must be implemented to support this.

DAMAGE TO REPUTATION. The publishing of inappropriate
material on a chat room, or bulletin board using a company
email address can lead to the organization’s reputation
being tarnished from unwanted publicity. 10 Downing Street
were famously subjected to adverse publicity when it sacked
3 workers for downloading pornographic images. In a
commercial environment such adverse publicity can have
financial consequences if clients take their custom
elsewhere.

DAMAGE TO IT SYSTEMS AND ELECTRONIC DOCUMENTS. Viruses can
be introduced to a corporate network from the Internet
leading to documents being damaged and/or IT systems
needing rebuilding. This risk will always be prevalent, but
the introduction of guidelines within the Corporate
Internet Policy and appropriate software will reduce this
risk.

INCREASING IT NETWORK TRAFFIC. Often overlooked, personal
use of the Internet can result in a significant portion of
the network’s bandwidth being utilized for non-business
related activities, having a detrimental impact on business
related network traffic.

BENEFITS OF AN EFFECTIVE POLICY AND IMPLEMENTATION STRATEGY.
An effective Internet Policy establishes a comprehensive
set of rules and guidelines to enable your organization to
effectively manage these risks. It allows you to
communicate the standards and behaviors expected of
employees and provides a blueprint for the effective
management and use of the Internet.