Strategy to Protect Your Information Assets- Computer Use Policies
- No Comments
Small business and personal computer users must be aware of the need to protect the information assets stored on their computers. For small businesses, company records, financial documents, and customer confidential data must be protected for the business’s success and reputation. For the home user or home business user, many of the same personal information assets are at risk. The days of protecting our information assets with locked doors and file cabinets are over.
The minute you put your computer on the Internet, you are opening your information, even confidential information, to the world and people who seek to do you harm. The responsibility is yours to protect that information. If confidential or sensitive information is lost or compromised, you risk your financial future, legal action, and continued prosperity.
In 2013, I researched this area focusing on small business. I sought to determine the strategies that small businesses could use to protect their information assets. Many of these strategies could also help you at home. I will focus on the third of these three strategies in today’s article: Computer Use Policies.
In my previous articles, I have discussed the other two strategies to help your home and small business stay secure: Information Security Awareness and Virus/Malware Protection. The third piece of this protection plan is to establish a computer use policy. A computer use policy is essential to a business with computers. The computer use policy establishes what your computer users can and cannot do on that computer in their office. Can this type of policy be established at home? Absolutely, I encourage parents to control what their children do on the home computers and electronic devices.
Many companies (even homes) have rules about what computer use is acceptable. Unfortunately, very few companies enforce the policies and punish people who violate the computer policy. A policy that is not enforced is wasted paper. The key to an effective computer use policy is enforcement.
What items would be covered in a computer use policy? Computer use policies discuss social media usage, personal email, personal internet usage, wireless internet usage, and allowed websites. Accessing personal sites, social media, and email from a company computer, exposes the company to all the employee’s risks along with the company’s. Since most people have smart phones, most personal usage should be confined to those phones, not company computers. The policy must state the punishments or penalties for violating the policy. Management must be prepared to enforce the policy because the odds are good that it will be violated at least once.
Software products can be purchased and installed to monitor and control what employees access from company computers. Similar software can be installed on your home computer to control access. I know some employers that say that they allow their employees to use their lunch hour to “play on the Internet”. This strategy is dangerous. Most employees do not understand the “only lunch hour” restriction, and a great deal of damage can be done during a one hour lunch hour.
Remember, you can have locked doors and windows, but if someone unlocks or opens one of those entrances, you are now vulnerable. You have another door into your business and home that you really need to insist is protected by your computer users. Computer Use Policy templates and samples are available on the Internet for you to customize and use for your business.
Dr. Lisa Lee Bryan is program chair CSU-Global – Management Information Systems/Data Analytics. She may be reached at email@example.comShare: