Rules concerning internet access at work are not being
communicated adequately to employees and are open to misinterpretation
according to new research from CMG, the information & communications
technology services group.
The CMG study of internet policy at major UK employers, in both public
and private sectors, revealed a wide range of access regimes. More than
60 per cent of organisations permitted widespread internet access for
employees. However, 80 per cent failed to adequately define or communicate
clear rules about internet access but still monitored employee usage and,
in some cases, took disciplinary actions.
The study assessed the policies of organisations on three different criteria:
internet accessibility, freedom to use and clarity of access policies.
The results showed a wide range of levels of both access and freedom to
use the internet. The research revealed that no clear combination of access
and freedom prevails within UK organisations.
One of the most common problems with access policy, according to CMG,
is the subjective terminology. For example, one company disallowed access
to websites that were "considered to cause distress" - but no
definition of "distress" was given and no sites were specifically
mentioned. This lack of definition practically guarantees misinterpretation
of the policies and leaves both employee and employer on shaky ground
for effective management of internet use.
CMG examined the policies of 30 different organisations,
in various industry sectors and the public sector. It scored them on three
different elements:
- Internet Accessibility - who and how many people were given any access
to the internet (a low score meant few people could get access and only
with a manual approval process, a high score meant that practically
all users of the computer network had automatic access).
- Freedom to Use - how much freedom to use the internet was granted
according to both policy and sites actually blocked by the firewall
(a low score meant a very limited number of internet sites were accessible,
a high score meant that no sites were blocked or explicitly prohibited).
- Clarity of Access Policies - how clearly the policy defined what
was permitted and not permitted use (and the penalty for misuse).
Commenting on the findings, Owen Wilson, senior consultant
at CMG, said: "What's missing, it seems, is clear and communicated
rules about how everyone can get the most from the internet. CMG encourages
all organisations to review their internet access policies to ensure that
they are fair, clear and deliver manageable benefits to both the individual
user and the organisation."
The organisations that scored highly for clarity did have definitive and
explicit guidelines about their internet access policy. One organisation
explained its access rules by clearly stating that employees could use
the internet for personal business including shopping, travel and financial
services. Prohibited sites were clearly described and blocked by the firewall.
The study suggests that consumer oriented "dotcoms" may struggle
to penetrate the workplace market until employees are explicitly permitted
to shop online. Ironically, many of the organisations surveyed claim to
be pursuing an eBusiness strategy themselves.
Anna Lagerkvist
|