If your employees do most of their work on a computer, then creating a computer usage policy is an important step for your organization. It guides your employees on how to use their work computers, what to use them for, and can help protect your company from certain legal liabilities.
It’s important to remember that laws surrounding computer usage policies vary by location and can change over time. For this reason, we advise that you seek professional legal counsel before moving forward with your computer usage policy.
In this article, we’ll take a look at what a computer usage policy is, what they generally contain, and 3 key reasons why you need one.
Note: These first few sections focus on what a computer usage policy is, why you need one, and what generally goes into one.
A computer usage policy is a document that provides employees with guidelines on how to appropriately use company equipment and the internet on your work computer network.
This policy is designed to make employees aware that browsing specific sites, downloading certain files, and using the computer system for anything other than business purposes is prohibited. It’ll also highlight how violations of the policy could be handled. Depending on the laws in your region and the severity of the violation, it could lead to termination of employment and other consequences.
This way, you help protect your business from various risks like losing or leaking important information and computer files or getting your computers infected with malware.
However, businesses aren’t the only ones who benefit from such a policy.
Most universities also have a computer and internet usage policy. Students, faculty, and staff have to adhere to a similar university policy when using a university computer or when they access the university’s information technology resources.
To use the campus network, students might have to go to a specific computing facility on campus or the university’s library and access the computers from the library staff or with their library card.
This kind of policy often helps businesses minimize the risk of computer misuse – whether in the university library or a business office.
The goal of a computer usage policy is to create a safe computer environment within your organization for all parties. It’s meant to protect the company from dangerous and detrimental computer activity on the network and to inform employees of what they can and can’t do on company computers.
National and regional laws surrounding computer usage policies vary across locations, so there’s no standard format that fits every organization. We advise seeking legal counsel to find out what needs to be included in yours. Here are a few items that can generally be found in a computer usage policy:
This is the introduction to the document. It usually includes your company’s name and briefly mentions the reasons for creating a policy.
This section lays out what the document will include – and the people, facilities, and equipment it applies to.
This section shares the purpose of the policy. The goal is to give your employees more detail on the specific reasons for implementing the policy.
You might mention the most important reasons for creating a policy.
Ideally, it would be phrased in a way that your employees can see how the policy will help both the organization and themselves to be better at their job.
The policy itself can vary depending on your industry, location, size, and the type of business you’re running. It may include the following sections, which your legal counsel can customize depending on your needs:
This general, blanket statement explains that your employees could be monitored when using work computers and the business network for the purposes of adhering to the law (if that is the case).
Businesses often try to make it clear that employees should not expect personal privacy while using company equipment on company time.
This section describes what’s included in proper employee computer use and internet access, according to company policy.
This section is specific and can be customized to the nature of your business. For example, many companies prohibit using social media during work hours. However, if you’re a social media marketing agency, this isn’t feasible.
In this case, it would specify what their job duties are and the approved activities to carry out those duties. Also, it clarifies their level of authorization as computer users and what the acceptable use of these communication platforms is.
This section might answer the questions below. Remember to consult your legal counsel to make sure you include everything that is required and nothing that is prohibited:
Here, you might include additional specifications on some of these elements:
Depending on the counsel of your legal advisors, you might expand on each of these sections to include specifics related to your industry and business.
The final section of the policy will likely state that violating the policy may lead to disciplinary action. You may specify what this action is, the procedure and whether the employee will get a warning beforehand.
Did you know that 50% of employees don’t know what’s expected from them when it comes to computer and internet usage at work?
With a computer use policy, you can set precise guidelines for your employees’ computer usage, and they’ll better understand what behavior is expected of them when they use the organization’s computing resources.
Let’s take a look at where a computer usage policy can help you:
About 92% of computers with pirated software have malware like Trojan horses, viruses, and worms.
Additionally, if your employees download pirated files or software, your company will be liable and have to pay fines.
When you have well-defined rules that prohibit the usage of unlicensed or pirated programs, you can reduce the risk of running into serious security and legal issues like those mentioned above.
There are many ways in which your employees can misuse your computer and information resources.
So, which specific computer and network activities should you advise against in your policy?
That will depend on the laws in your area, but you may be able to prohibit activities like:
There are even some official laws against such misuses, like the Computer Fraud and Abuse Act and the Data Protection Act.
That’s why it might be worth it to include such guidelines in your company’s computer usage policy too. This way, you can lay out clear rules which your employees can refer to, and they’ll understand the consequences received if they violate the policy.
Privacy-related laws and monitoring rights will also differ according to country and state.
That’s why it can be important to create a straightforward policy about the degree of privacy your employees should expect and your company’s monitoring activities in the workplace.
Many employees expect to have personal privacy while working on company-owned computers.
However, according to the Electronic Communications Privacy Act of 1986, an employer in the U.S. can monitor employee activity on three occasions:
For this reason, your counsel may advise you to emphasize in the policy that computers are company assets and not a device on which they can conduct personal activities.
Including such aspects in your computer usage policy can help your employees understand what expectation of privacy and monitoring they should have, and help them stay away from unproductive internet activities.
Final thoughts
Apart from potentially minimizing risk, a computer usage policy can help your employees understand what is acceptable and what is not when they’re using a company computer.
This way, you clearly illustrate their responsibilities, which could result in better efficiency, more productive employees, and a more secure online working environment.
Along with the help of your legal counsel, the examples we’ve mentioned above can help you create a strong computer usage policy that keeps your employees focused and motivated in no time!