The computers and networks within your organization are essential assets that require a significant investment to set up and maintain. As such, these assets need to be protected. Security measures need to be put in place, updated, and enforced. It is also essential that your computers are only used for work that contributes to the mission of the organization.
The best way to ensure all of the above is through a computer use policy. A computer use policy serves as an open channel of communication with all of the staff, ensuring they clearly understand how the technology should be used. Here are some key reasons you should have a computer use policy:
Reduce Security Risks
Security concerns can easily arise from the misuse of a computer or network. Piracy is one of the main causes of malware infections. If pirated software or files are downloaded on one of your computers, your organization could be facing hacks, data leaks, and even a hefty fine. Since downloading pirated content is illegal in the US, you should clearly state that downloading pirated software is prohibited in your organization. This protects you from liability.
In addition, misuse or careless use of email poses a risk for organizations. Phishing – when a criminal uses email disguised as a message from a trustworthy source – is one of the primary ways by which a cybercriminal gains access to networks. If this happens, not only will your data be at risk, but your reputation will be at risk as well. For nonprofits, reputation means everything. If a major data breach occurs, a nonprofit will have major difficulties fundraising in the future.
Limit Network Misuse
Nothing slows down productive work like a slow network. One thing that can slow your network down is when staff members misuse the network, or use the network for personal use. A computer use policy will hold staff accountable if they misuse your network. Prohibit activities like illegally sharing organization data, copyright infringement, and cryptocurrency mining. Again, this policy protects you from liability and saves your network’s bandwidth for activities that are essential to the organization.
Employee/Client Privacy Concerns
Not only does a computer use policy let your staff know what is expected from them, but it also shows them what they can expect from you. Clearly explain what kind of monitoring you will be doing so they understand what kind of privacy they can expect in the workplace.
For nonprofit organizations, client privacy is also a must. Make sure your clients know what information will be seen by staff and how their PII, or personal identifiable information, will be used and protected. Assure them that no private data will be shared with anyone else without their express consent.
What Your Policy Should Include
- The policy itself. Use detailed language to avoid any misunderstandings. You should also get a lawyer to look over the policy and make recommendations
- Explanation of how and when network users will be monitored
- Details of what appropriate and inappropriate computer use looks like
- Disciplinary actions that will be taken if computer misuse occurs
Create Your Computer Use Policy
Now that you’re ready to create your computer use policy, here are some resources to help jump-start the process.