Skip to main content
We’re here with practical IT information for your business.

Search

  1. Home
  2. Staff and IT training
  3. Your IT policies

Computer hardware

How to choose the right computer equipment for your business to increase your productivity and efficiency without it costing the earth.

Business software

Business software helps you complete a range of tasks. Choose the right software, provide support and train your staff with our introduction.

The internet

It is highly likely that you depend on the internet for some aspects of your business. Find out how you can use the internet more effectively.

Communications

Good communication with customers, partners and suppliers is vital for business success. This summary explores business communication methods.

IT security

How would you cope if your IT system failed or was breached? We cover the main IT security issues and how to protect against them.

Buy and manage IT

Good IT management can help you choose, use and implement IT. Our overview helps you manage IT in a way that maximises the return on your investment.

IT support

IT support is vital if you rely on your IT system. But how can you set up an effective safety net in case things go wrong? We explore the options.

Staff and IT training

Getting the right IT is just the first step. Appropriate training, policies and working practices can help you maximise return on your IT investment.

Create an email and internet use policy

Email and internet technologies have undoubtedly brought a whole host of opportunities and efficiencies to businesses. But, they have also introduced a range of problems and threats of cybercrime that you will need to manage

The UK Threat Report from Carbon Black revealed that the frequency and sophistication of attacks against UK firms had increased.

It's important your business has an email and internet useage policy to clearly describe what constitutes acceptable use of your IT systems. Implementing IT usage policies can help you minimise some of the risks. For example:

  • Malware infections. For instance, Google's Safer Browsing service uncovers thousands of unsafe sites every day. Your policy should detail what kinds of sites your staff should avoid.
  • Misuse of staff time. Browsing personal websites like Facebook can hit an employee's performance. They could be wasting hundreds of hours each year, so your policy needs to set out what's acceptable.
  • Misuse of company resources. Are your staff storing music files on your server, or crippling your internet connection by downloading movies? Your policy should clearly describe what isn't allowed.
  • Liability. Inappropriate or illegal content on your network - especially pornography, racist or sexist material  - can create a hostile work environment and could ultimately result in a lawsuit. It's good for your policy to explain the issues at hand, so employees understand why following it is important.

Writing your email and internet use policy may not be an easy task. You need to balance the needs of your network and any legal requirements with the recognition that the internet is a part of your employees' everyday life.

For instance, if you wouldn't stop them making a quick personal phone call on work time, should you stop them sending the odd personal email?

The aims of your internet policy

Decide the goals of your email and internet use policy before you start writing it. Your company aims may fall into one of these two groups, or be somewhere in between:

  • Big family: you want to treat your staff like a family. This means you take a liberal approach with your policy and only aim to keep malware and inappropriate content off your network. You'll probably ban sites which are inappropriate or a common source of malware, but otherwise give your employees a lot of flexibility.
  • Big brother: you want to exercise maximum control. This approach involves banning your staff from all but approved websites, and usually involves severe restrictions on what employees can access. With the internet deeply ingrained in our day-to-day lives, it's harder to take this approach.

In practice, most companies are somewhere in between these extremes. It's a sliding scale - the further you move towards 'big brother', the more types of website you may block:

Many companies implement more than one policy, to cover different times of day (working hours and lunchtime) or different categories of employee.

Writing your internet and email policy

Use clear, non-technical language when you write your email and internet use policy. People who are not technically-minded may have a different perspective on what constitutes misuse of your computer systems.

Similarly, they might be unaware of how their activities can cause problems - so put each rule into context.

Keep your policy as short as you can, to increase the chance of it being read and understood. And base it on simple principles that can be understood by technical and non-technical staff alike. As a minimum, include the following:

  • Personal internet use should be kept to a minimum. Some personal use may be acceptable, but it shouldn't affect the employee's ability to do their job.
  • Accessing pornographic, violent, abusive or hate sites should be banned.
  • Using the network to harass or bully other people should be a disciplinary issue.
  • Sending or posting online confidential material, trade secrets or proprietary information should be prohibited.
  • Sites deemed to be a security risk or which place excessive demands on the company's IT systems (like video streaming websites) should be avoided.
  • Staff should not put the company at risk of litigation for copyright infringement by downloading music, videos or software illegally.

You can base your company's policy on this list or use our free, sample IT policy templates and adapt them to your specific circumstances.

  • Sample email use policy
  • Sample internet use policy
  • Sample social media use policy

Remember that things change quickly online. Constantly adapting your policy to take new websites or technology into account would be impossible, so focus on articulating a set of guiding principles.

Finally, be sure to seek professional advice if you're unsure of what to include in your internet and email policy. Getting it right will help your employees and guard your company – so it's something that's worth spending a little money on.

Written with expert input from Craig Sharp of Abussi Ltd.

Stay up-to-date with business advice and news

Sign up to our lively and colourful newsletter for new and more established small businesses.