Online transactions that are carried out through the Internet are increasing every day, as well as using social media is growing in importance for organizations.
For this, there must be a clear Internet Policy in all organizations that regulate its use.
It is important that all companies have a policy for the appropriate use of the Internet for all employees, for the following reasons:
- Avoid disputes between users and the IT department
It is important to clarify what is allowed and what is not allowed to do over the Internet.
- Reduce the risk of losing information for the company.
The Internet continues to be the main source of risk of information loss in organizations, which is why there must be a clear regulation to establish the permitted use, by the information technology department to prevent the loss of valuable information for the organization.
- Protect the operations of the company.
In the same way, the necessary precautions must need to be taken to prevent the organization from being affected in its daily operations by a deficient information security policy.
In a good Internet policy, the following should be considered:
- Who should have access to the Internet?
First of all, it must be clearly established that Internet access does not necessarily mean that it is allowed for the entire organization, open for everyone, and without restrictions.
- If there is a valid reason to use the Internet.
There must be a valid work reason for a person to access the Internet.
- Which internet sites are allowed and which are not?
In the same way, it must be clearly specified to which sites, web pages, or Internet services, a specific collaborator is going to be granted access.
- Professional use of the Internet.
As in other policies, it must be considered that the Internet can be used in accordance with the values of the company, and in a professional manner that does not put security, information, or the entire organization at risk.
- Personal use of the Internet.
It must be established whether or not the personal use of the Internet will be allowed, and if there will be any limitations in this regard since it must be considered that the Internet is a company resource that should not be affected by the personal use of other people.
- Access to the most popular social media channels.
Social networks are a powerful communication tool, to get more customers, but they should not necessarily be used by everyone in the organization. If there is no valid business reason, this service should be restricted to certain people. As an example, the bandwidth that someone may be used for personal use can actually be affecting another department that wants to send critical information to an important client of the company.
- Disclosure of this Policy.
Establishing an Internet use policy is of great importance for the company, since together with the rest of the policies of the information technology department, they must be widely disclosed and made known, and above all, well understood by the rest of the organization.
It is convenient that they are published on the internal company websites, that they are adequately communicated through email, and also by holding meetings, where all questions in this regard are explained and resolved by the rest of the organization.
- What is the procedure to request Internet access?
In the same way, it must be clearly established, what should be the procedure to follow, when it is required that any collaborator needs to have access to the Internet, and what is the idea of using it.
- Culture, values, and philosophy of the organization.
As in the rest of the policies, you should always consider what the company is like, what are its values, and what is its philosophy.
The Internet is a service that represents an incredible opportunity to do business, but there are also people who want to harm organizations, steal information, deceive people and take advantage for their benefit.
The purpose of having a good Internet use policy is:
- Protect the company from computer risks,
- Establish the necessary measures to protect the company’s operations,
- Clearly define all the guidelines related to the use of the Internet for an organization, such as, for example, what is the procedure that must be followed when a user needs to use the Internet, who should request it on his behalf, to which websites, to which services, and what is the authorization procedure?
Next, you can find an example of a policy on the use of the Internet, which could be used by any organization, regardless of its size, since this generally applies to everyone.
“Internet access is allowed for users, using the equipment and accessories owned by the company, as long as it is necessary for their daily work activities.”
“Internet access must be used in a professional manner, which means that it can be restricted only to Internet sites that are related to your work, avoiding at all times entering sites with inappropriate content.”
“The use of social network channels will be subject to authorization according to the convenience for the business.”
“Regarding the personal use of the Internet, it is also allowed, as long as it is also done in a professional way, without affecting other people, and that it does not mean an excessive use of resources.”
Every company is different, and this policy is only pretending to serve as an example, so that you can adapt it to your own needs and use your own ideas, according to the culture and values of your own company.
The scope of this policy applies to all employees, for all types of applications, from the CEO or General Manager of the company, to the lowest-ranking positions in all business units.
In this way, it is avoided that there are exceptions that could question the implementation of the restrictions of using the Internet for the entire organization.
Implementing an Internet use policy is crucial these days since it allows restricting use it by the organization and, in this way, protects the company against cyber intruders that could represent a loss of information, or even reach put at risk the company’s operations, affecting its reputation in the industry as well.
One of the things that can hear in the news these days is when a company has been targeted by cyberattacks, usually trying to hack the website, steal credit card information, or passwords with which they use to perform illegal banking operations, or simply launch denial-of-service attacks that could damage the company’s operations and reputation in the global world.
It is also very important to make all the users of the organization aware of the importance of making good use of the Internet, because this way, it is possible to avoid spreading a larger problem that could affect many users, which would be very serious for the company.
It is very important that the Information Technology department be the one that regulates the use of the Internet in the organization must be reinforced through existing technologies to restrict access from central servers, the corporate firewall, access to switches through wired networks network or wireless, or even from the centralized email system.
As we have already mentioned previously, it is very important that all organizations have their own policies for the Information Technology department clearly documented.
In this case, it is important to have an Internet use policy that clearly specifies what the scope is, and what would be the risks of not using the Internet carefully in the organization.
In this way, confusion and misunderstandings are avoided, and it is also a very important tool for the organization to protect its information against cyber attacks that could harm the organization.
If you are an Information Technology Administrator or Manager, you should always consider reinforcing the policies for the use of technology in your organization.
If you liked this article, or if you have an additional opinion that can enrich this knowledge, please leave us a comment, and please don’t forget to share it using our social media channels.
Gilberto Acuña is an IT Professional and has worked for more than 30 years in the Information Technology area, serving as IT Infrastructure Manager and Information Technology Manager in various companies in Mexico and the United States, and in different industries, such as beverages, restaurants, energy. He has is also a business owner, and IT, SEO, and e-commerce consultant.
Please, leave us your comments, and write to us to find out what you think about it, and if you have any other experience, we would very much like you to share it with us, so that we can enrich this online community.