The struggle to prevent misuse of the internet in the workplace has been a long one. From social media and chatrooms to video games and video streaming, employees face limitless temptations and risks when they log on to their work computer and hop online.
Despite the internet’s ability to streamline communication and work projects, along with its general ease of use and convenience, the internet can also be a major detriment to any company’s productivity and security levels.
The International Data Corporation (IDC) estimates that 30 to 40 percent of employee internet activity is non-work related. This high level of personal internet usage at work is costing US businesses $63 billion in lost productivity each year, according to Websense Inc.
Controlling internet access at work can be tough, but it’s not impossible. Let’s take a look at some of the policies and practices that companies should adopt in order to prevent the misuse of the internet in the workplace.
Want to prevent employees from misusing the internet? Start monitoring and controlling internet use with a FREE trial of CurrentWare’s internet monitoring and web filtering software.
“We use BrowseControl and other CurrentWare products as an essential part of our security practices. I like the product, and it works great. We have utilized CurrentWare for the last eight years, and I’ve no complaints. Responsive support and willing to take feedback and suggestions. Highly recommended”
– Anonymous Verified Reviewer, Insurance Industry, 11-50 Employees
Internet misuse in the workplace isn’t only costing billions in lost productivity. When an employee browses freely across the internet, they can unknowingly visit one of the thousands of malicious websites that are being registered daily. These cybersecurity threats can be just as devastating for a company as any amount of lost productivity.
The most common ways in which employees misuse the internet in the workplace include:
The most common internet-based cyber security threats in the workplace include:
Based on this research, companies can expect their employees to be spending 16 out of the 40 total hours of an average workweek doing anything aside from working. And with the continuous innovation of the near-infinite online distractions and cybersecurity threats, there is no reason to foresee a reduction in these already alarming numbers.
Not only does reckless internet usage leave your company susceptible to lost productivity and increased security risks, but your network performance will also be diminished as employees browse bandwidth-hogging websites such as YouTube. When your network is slowed down with network latency issues, your entire staff of employees will be affected by excruciatingly slow network speeds, causing projects to take longer than they should.
Though a company may not be able to prevent illegal sport streaming websites from providing high-quality services or stop cybercriminals from executing sophisticated cyberattacks, every company and management team can implement internet usage policies to help minimize the threats to their productivity and security.
Defining what websites and applications are acceptable for usage in your workplace will be a great first step in establishing your company’s internet usage policy. Doing so will also guide you towards finding the right technology and tools that you may need to implement as a means to prevent misuse of the internet in the workplace.
As a manager, you understand the importance of clear authoritative communication with your employees. You have rules for when work starts and ends, how long the lunch break should be, and how to interact with your customers. When your employees defy these rules, they know the consequences.
To prevent unnecessary and excessive internet usage at work, a similar set of rules should be established for how their time is spent while using a computer and browsing the web. And depending on the industry or field of work, the definition of internet misuse will vary.
For example, if you own a marketing agency then it will likely be acceptable for employees to be browsing social media and other marketing-related websites. But say you own an auto body shop where your front desk clerk uses the computer primarily to log customer service requests, you may want to prevent the employee from accessing their Facebook account.
Once you’ve defined internet misuse and clearly communicated the consequences, you may want to lay grounds for what is considered to be acceptable internet usage in the workplace.
You may further decide to have employees sign an internet usage policy contract to ensure that they are aware of what is acceptable and what is not, and so that they understand that there will be indisputable consequences if they do happen to misuse the internet and breach the contract.
An acceptable use of the internet policy is essential for outlining your company’s standards for employee internet use.
Given that employees can be spending over 8+ hours per day at their desks and on their computers, it can be only fair to allow some of that time to be spent on things outside of their daily work tasks. After all, we’re all humans, right? Humans connected to a hyper-complex system of computers with processing capabilities far superior to our own.
Considering that we humans have a high level of curiosity and a desire for social connectivity, it would likely be best for the mental health and overall productivity of your company to allow workers to spend some free time on the internet. Otherwise, you may end up creating a reputation for yourself as a cyber dictator and could start to see some resignation letters roll in as employees seek a more lenient work environment.
With most companies having time slots for employees to take their breaks, those periods throughout the day could be the designated times to allow personal internet usage at work.
For example, you may choose to allow your employees to access their social media accounts during the lunch hour. Or to allow them to catch up on last night’s sports action during their 15 minute coffee break in the morning. Doing so will create a more positive and productive work environment, and will help to alleviate some of the innate desires and curiosity your employees hold.
However, you should never permit users to roam the internet completely free while on their work computers. Considering the high volume of malicious websites and the limitless threats to network security online, not implementing web filtering software risks being compromised by some sort of malware attack or other network security breach. These incidents can end up costing your company large amounts of money as you repair or replace affected hardware and work to save your company’s reputation in the case of a data breach.
If employees want to watch videos during their break, make sure they are doing so on trusted and secured websites such as YouTube instead of other lesser-known and less secured platforms. Illegal streaming websites are notorious for malicious advertisements (malvertisement).
An acceptable use policy helps define how employees are expected to operate within this gray area. You may ultimately decide that no amount of personal use is acceptable; so long as the policy clearly outlines this expectation you will have a much-needed framework for any corrective actions that may be needed to enforce this expectation.
Understanding that the methods in which cybercriminals are able to execute their cyber-attacks are ever-changing as the technology continues to advance, it will be highly important for your employees to be able to identify risks and prevent attacks.
Firstly, it will be important to identify the vulnerable and valuable assets that your company holds and why these could be the target of a cyber attack.
For example, if you work in the healthcare industry, then the personal data of your patients would be a high-value target and should be heavily protected. If employees are negligent when handling these types of high-value digital assets, such as the medical histories of patients, then your company is at a greater risk of attack and could face costly consequences.
One of the most common yet effective types of cyberattacks is phishing. Phishing involves fraudulent communication, often through email, disguised as a reputable source in order to obtain passwords and gain access to a network. A phishing email could be sent to your employee, luring them in to enter their password or other forms of confidential information. If successful, the cybercriminals executing the phishing scam can use this information to compromise your company network and steal highly valuable data. Once stolen, it will be very difficult if not impossible to be retrieved. The attackers can then use their cybercriminal network to exploit and sell this data for a profit, leaving your company to deal with the legal and financial repercussions.
Another way in which hackers can steal data is through malware attacks. Malware, short for malicious software, often refers to various types of viruses, worms, trojans and other harmful computer programs used to access personal information and steal data from a network.
A common way for malware to be downloaded onto work computers occurs when employees negligently download software from the internet without proper screening. Malware can be disguised as free-to-use software and, once downloaded, can infect the computer and begin to steal valuable company data.
Malware can also be unsuspectingly downloaded by employees who access peer-to-peer file sharing services. Illegally downloading media files such as music and movies is a high risk activity as these files can contain malware.
Providing your employees with the proper training to become knowledgeable about the various cyber security risks within your company will be an important step in preventing an attack from occurring. When an employee spots a phishy email or an unsafe website, they will be far less likely to fall victim.
After going to great lengths to provide your employees with the information and resources they need to be able to productively and securely use the internet while working, reinforcing your policies and providing corrective actions to those who misuse the internet will be fundamental to developing solid internet practices within your company.
Enforcing acceptable internet usage in the workplace will sometimes require you to take disciplinary actions with employees who breach their internet usage contract. For employees who are actively using the internet in a reckless manner (creating a hostile work environment, regularly visiting dangerous websites, distracting their coworkers, etc), you may eventually need to have them removed from the company entirely.
Ensuring that all employees are working productively and securely while on the internet will greatly improve the overall health of your company. Unfortunately, employees often need to see examples of the consequences before they fully grasp the serious nature of misusing the internet in the workplace. Be sure to remain fair and consistent as you enforce your internet usage policies.
Shady Maple found CurrentWare during a significant period of growth in their company. As their number of employees grew, Shady Maple knew that they needed an employee productivity solution that was scalable.
Their old ways of managing employee internet abuse—manually checking each employee’s computer individually and hoping that they didn’t clear out their web history—would no longer be sustainable.
Read our case study to learn how employee internet use monitoring and web filtering software transformed Shady Maple’s employee productivity management strategy.
Even with the solid foundation of your internet usage policy and the training that you provide to your employees, implementing software to control internet access at work is the ultimate tool to ensure the internet is being used productively and securely.
NOTE: The above video contains a legacy user interface for BrowseReporter. To see the most up-to-date version, please visit the BrowseReporter product page.
CurrentWare’s BrowseReporter software will monitor the computer and internet usage of employees to help you determine how they are spending their time while working online. With this software in place, you can easily identify personal and non-work-related internet usage. If an employee goes on social media, you will clearly see this logged in that user’s activity history right down to the date, the time, and the website visited.
BrowseReporter will also provide granular insight into the applications your employees are using while on company time, helping you to isolate those employees that are abusing or disregarding your internet usage policy.
CurrentWare’s BrowseControl is an easy-to-use web content filtering software that allows employers to restrict internet access. Companies can quickly use BrowseControl to block employees from accessing undesirable websites such as pornography, social media, video streaming and any other websites.
With BrowseControl installed on employee computers, companies are assured that their internet usage policies are being effectively enforced. This will help to improve overall productivity and will increase network security.
Controlling internet access at work is essential for preventing employees from misusing the internet. With a careful balance of internet use policies, monitoring employee internet use, and restricting internet access, you can prevent high-risk and inappropriate websites from being visited in the workplace.