Network Solutions

Employee Internet Use

Internet Security Learning Center

Helping to keep your small business secure

Learn how to secure your Small Business, your employees and your customers from Internet threats like identity theft, privacy violations and lost data by deploying the best Internet security policies and procedures.

Home  |  Internet Security Glossary  |  Site Map

Search:

Home > Business Security > Employee Internet Use: Best Practices Checklist

Employee Internet Use: Best
Practices Checklist

 

While the Internet is an effective and efficient business tool, it can also expose your business and its computers to a variety of threats and dangers: viruses, worms, hackers, theft, fraud, and even litigation.

Employees should be instructed on the proper use of the Internet, and must understand that their access to the Web, e-mail, Instant Messaging, etc., must follow business rules, not personal ones.

Usernames And Passwords
  • Employees should create strong passwords - with a mixture of 8 or more upper and lower case letters and numbers
  • Passwords must never be shared
  • Passwords should never be written down
  • Passwords should be changed on a regular basis
Anti-Virus Software
  • All employee computers should have anti-virus software installed, configured to scan both incoming and outgoing e-mail
  • Anti-virus software should be updated on a regular basis (at least weekly)
  • Employee must never disable any aspect of anti-virus protection
E-Mail
  • Business e-mail accounts should be used only for business e-mail
  • Employees should never open unsolicited or unrecognized e-mails
  • Employees should never forward or "reply-all" to non-business e-mail
  • Employees should never send confidential or sensitive business information by e-mail without permission of their supervisor
  • E-mail including subject lines should never include inappropriate language or references
  • Employees should include Web links in e-mails only if appropriate to the business message at-hand
  • Employees should spell-check and proof-read all business e-mail before sending
  • Business e-mail must not be deleted unless a deletion policy has been put in place: certain businesses are required by law to maintain comprehensive records of e-mail and even Instant Messages
Web Browsing
  • Employees should visit only those Web sites necessary for their business duties
  • Employees must understand that "surfing" the Web on company time is a violation of policy
  • Under no circumstances should any employee computer ever be used to visit "adult" or otherwise prohibited sites
  • Employees with laptop or notebook computers must understand that these rules apply to remote use as well as in-office Internet use
General Rules
  • A formal Internet (and computer) use policy should be drafted and signed by all employees
  • Violations of company Internet-use policy should carry penalties determined by the business owner
  • Instant Messaging should never be allowed unless necessary for business
  • Employees should log-off or shut down computers when leaving their desks (even for a moment!)
  • Employees with laptop computers (and any remote-access device) should never leave those devices unattended
  • All Internet and e-mail use rules should be applied to any digital device the company provides or that is used for company purposes (phones, personal information devices, etc