Compliance, Employee Monitoring

Ten Tips for Preparing an Effective Acceptable Use Policy

Corporate computers and information and communications systems (collectively, “electronic resources”) remain the workhorse for most businesses, even as alternatives, such as third-party text messaging services, external social media, and cloud computing, flourish. Employees rely on corporate electronic resources for e-mail, calendaring, business contacts, Internet access, document creation and storage, and a multitude of other business applications. Consequently, for employers, it is critical to establish and maintain their right to inspect all information stored on, and to monitor all communications transmitted by, corporate electronic resources. The corporate acceptable use policy is the linchpin of that effort.

Preparing an acceptable use policy is far more challenging today than it was just a few years ago. Simply invoking the mantra, “employees have no expectation of privacy,” as some employees have done in the past, will not suffice. Recent technology developments, new laws and regulations, and novel judicial precedent have exposed employers to litigation for inspecting information stored on, and monitoring communications transmitted by, their own electronic resources.

The ten tips below are intended to aid employers who either want to implement an acceptable use policy for the first time, or who need to update their policy. These ten tips are not a comprehensive list of every point that should be addressed in an acceptable use policy. Rather, they are designed to help employers avoid some common pitfalls.

Get Instant access

Employee Monitoring Resources

Smoother Workforce Investigations With Behavior Analytics

Smoother Workforce Investigations With Behavior Analytics

Workplace Investigations - Difficult, but Critical Workplace investigations are a critical function of IT, information security and HR teams across most organizations. From data breaches to fraud and company policy violations, investigations can be difficult and time...

The Difference Between Insider Risk and Insider Threats

The Difference Between Insider Risk and Insider Threats

How to Get Ahead of Issues and Gain Visibility and Control Companies that spend time managing threats are coming to the house after it’s already on fire. “Firefighting” is costly and damaging for the organization. By focusing on threats, security teams have no...