Not safe for work: Acceptable office computer use

What goes into a good business use policy?


How many minutes, or hours, did you spend on Facebook today? Even if you spent just a few minutes on the popular social networking site during office hours, you're not alone. Data from Nucleus Research finds 77 percent of workers who have a Facebook account use it during work hours.

Sports events, online games, and entertainment sites, many of which cross the line between interesting and inappropriate, are all common distractions in today's office. It's not that these things are entirely new, but the Web 2.0 era, think social networks, URL shorteners, video sites and more, presents wrinkles that require rethinking acceptable use policies.

iTunes and Facebook: Productivity versus personal use

Studies reveal a great deal of employee internet use is for personal, not professional, reasons. As much as 40 percent of internet surfing done during work hours is personal, according to IDC Research.

This isn't news to Kevin Quinlan, senior director of IT for restaurant chain Bertucci's. Quinlan is a realist. His policy is to allow employees six 15-minute slots each day to log on to websites for personal use and fun. That includes Facebook, Twitter, or any other site they want to see (within reason).

"People should be allowed to do what they want on their breaks," he said. "Coming into the office shouldn't be a bad thing. I know what I like to do when I'm using my computer. I don't want to set rules I can't follow myself."

Quinlan is one of a growing number of managers at companies that find new ways of communicating, and younger employees that demand access to varied online content, are leading to a redefining of acceptable computer use in the workplace. Research from security firm Clearswift found 79 percent of workers in several countries around the globe value being trusted to manage their own time, and being trusted to use the Internet as they wish, over pay. Additionally, 62 percent of employees feel they should be able to access web/social networking content from their work computer for personal reasons in order to complete personal tasks.

In fact, many said they would decline to work at a company with anti-Facebook restrictions. This creates a dilemma on several levels for organisations. There are the implications for productivity, but also the potential security risks that are posed when employees are given free rein to surf the web as they wish.

For Quinlan, the changing tide arrived a few years ago as the iPod crazed touched off and he found scores of employees downloading iTunes onto company computers without his consent. Not malicious activity on the part of the employees, he notes, but activity that was messing up his network.

"I had issues with remote users saying 'Oh, I can't connect anymore.' I was trying to chase down the problem and finally discovered some piece of software iTunes was running was knocking out our VPN connection every 15 minutes."

That launched a new realisation for Quinlan, and he started using Bit9's Parity Suite, several products that control unauthorised software and malware from running on endpoints, while still allowing workers to have access to a range of web content.

"When we hire folks, they have a session with the network administrator and they sit down and go over what you can do on your computer, what the policies are," he explained.

Find your next job with computerworld UK jobs

"Recommended For You"

Cisco blade package will enforce web filtering policies How IT can avoid legal problems