A Double-Edged Sword

Pornography, shopping and stock trading - just another day’s work for a growing number of employees. Indeed, businesses are facing a double-edged sword when it comes to the Internet.

In the mid-1990s, the net was hailed as a productivity tool, the source of e-mail, e-commerce and research tools. But as the 1990s have come to a close, the Internet has become more of an obstacle, distracting workers with e-zines, e-trading and e-porn.

The Web shows no signs of slowing down. It is growing by 2 million pages a day and the number of Web pages is expected to hit 8 billion in 2002. In addition, entirely new business models and content are emerging daily - from e-commerce clothing stores to streaming video magazines.

What can the average IT professional do about non-productivity and cyber-liability? The issues facing employers fall into three main categories: productivity, investment protection and legal exposure.

Productivity

According to a survey by IDC Research, an average of 30-40% of Internet use within the workplace is not business related. IT publication Secure Computing found that 50% of people visit adults sites, 92% trade online, 84% search for new jobs, and 54% visit chat rooms, all from work. Internet activity of this nature reduces employee productivity and slows down Internet bandwidth for legitimate work use.

Investment Protection

Implementing corporate Internet access with a firewall, a virus package, an e-mail package, a proxy, a router, a leased line and all the necessary hardware, can cost as much as $100,000 or more. Common sense dictates that a company protects its investment. 30-40% non-business use of the Internet suddenly costs $30,000 to $40,000 of initial investment, plus the cost of declined employee productivity.

Legal Exposure

The Internet provides employees with easy access to Websites containing illegal materials. If the issues of lost productivity and investment protection aren’t of concern, then this issue should be.

Illegal Material

The Obscene Publications Act (1959) & Child Protection Act (1978), Telecommunications Act (1984)The Computer Crime Squad states that it is illegal to distribute hardcore pornography for profit. Recently, a London Bank employed an IT contractor caught downloading and selling pornography during a period of six months. His laptop contained more than 170 MB of images and he admitted to spending six hours a day downloading material. This posed a financial, as well as a legal, problem for the bank — it had lost more than $100,000 of his salary to his pornographic habit.

Harassment Issues

An employee could take legal action if he were subject to exposure to such material. One woman, recently interviewed, sued her company for harassment as a result of passing another employee’s desk and seeing the contents of www.playboy.com.

Dodgy downloads

The ease of access and size of leased lines available in the corporate environment encourages employees to download music, videos, games and software from illegitimate sources. Not only is this using bandwidth but it is also a breach of International Copyright Law, for which a company can be held responsible.

Hacking Tools

One recent case highlights the threat that hacking can present to corporations. A network engineer was caught using his desktop to hack into a competitor’s network with tools downloaded from the Internet. The competitor threatened to sue.

Liability

Companies are liable for employees’ actions, often even if it is unaware of any breach of the law. A large British financial and pensions company recently settled a lawsuit with a competitor. An employee of the pension company sent an email containing liable comments about the competitor and the competitor saw this email and took the company to court.

Preventative measures

By proactively managing their company’s network, IT pros can stop the threat of Internet misuse before it becomes a headline in a newspaper. With two simple steps, the IT manager can safeguard the workplace and become a saviour for upper management.

First, the IT manager (working with HR) should outline an employee Internet use policy. It should clearly outline what kind of Internet use is permitted, what kind is not, and the consequences for violating the rules. Sample Web access policies can be found at www.websense.com/products/hr/hr_iap.cfm.

Second, the IT manager should install Internet filtering software to help enforce this policy. fThe software filters out inappropriate Web sites, allowing managers to block everything from pornography to stock trading. In addition, the software gives managers the ability to block sites by certain users or groups.

What This All Means

The Internet has changed from a productivity enhancement tool to a potentially major distraction for workers. It is up to the IT professional to put controls on corporate Internet use before it becomes a problem.

With the advent of Internet access policies and filtering software, IT professionals have solutions that can ensure the continued growth and success of their businesses - and their valued employee.