This is a guest post from Jennifer Martinson of SecureThoughts.com.
Most companies create guidelines and policies so that they can maintain a sense of order around the workplace. The guidelines that are put in place determine a great part of the company’s culture, and technological guidelines are some of the most important ones to any company.
If there is a leak of information, it can set a company back months and in some markets, put it out of business. Improper use of technology has serious consequences, but at the same time, you don’t want to unnecessarily restrict your employees.
While each company is its own entity, here are a few things that every leader should think about when creating employee guidelines for office technology:
Make Security a Top Priority
While some technology guidelines for your workplace might have the aim of improving productivity and efficiency, the end goal of any set of workplace guidelines should be to keep both employees and the company safe in their use of technology.
Everything else needs to be subservient to that fact.
On that note, regardless of the skill level or makeup of your team, you should go over the basics and make a few basic security items clear. Here are a few good examples:
- Your employees should use a top-class Virtual Private Network when they are traveling or meeting people outside of the office. This way they will be protected when using public networks, and they will be difficult for others to attack. If VPN isn’t an option, files should be stored and transferred using a secure VPN alternative like SmartFile.
- Passwords should be enabled for all accounts and devices, and they should all be ten or more characters (of different types). No dictionary words or names should be included in passwords.
- Personal cloud services should not be used to freely transfer sensitive documents. Consider secure business cloud file sharing services instead.
Consider Company Size
Look for Flexible Yet Secure Products
A Note From SmartFile: Remember, your product choice will impact adoption. Aim for products that alleviate headaches and don’t create them. For instance, why force your least tech-savvy users to use an FTP server instead of a simple web interface? Poor product choices will only influence your team to go to shadow IT solutions.
The size of your company should be taken into thought when drafting your workplace technology guidelines.
If you have only a few employees working under you or you are only currently overseeing a small team, then you can be a bit looser in your restrictions and take direct action should you notice anything problematic.
Larger companies might not have that freedom and should aim to have everything done by habit. Larger companies also should be more careful to change policies, as the retraining time or confusion may become a hindrance.
Know Your Employees’ Strengths and Weaknesses
Whenever you are making any team or company policy, you need to ask yourself the important question, “Just what sort of team am I working with here?” and make your decisions based off of that.
The human factor is important when working with technology, as most breaches of security are the result of human error. Is yours a cautious team? An independent team? What were the reasons these people were hired in the first place?
Customize your plan to how your employees will react in certain situations. It will require some thought but is well worth the investment of time.
When creating guidelines, you are going to need to determine who has access to what files. The bottom of the totem pole doesn’t need access to your most critical files. Create granular permissions to determine appropriate access.
These should be laid out clearly, as some employees may interpret them loosely (meaning snooping around restricted areas) and others strictly (potentially denying themselves access to vital data). In smaller companies you might just want to do it on an individual basis. Always set up a way where permission can be granted in necessary circumstances.
You should do a threat assessment of all of the files and technological resources of your company. The key to the server room, should your company have one, should be closely guarded. Other items can be left open for your employees to use. There are too many variations on this to mention, but the more damage something could potentially do via an accident, the more it should be regulated.
Take a look at your company and how it uses technology. You can see the possibilities, and only you can move your company ahead in the perfect direction. If you take care of this early on, your employees will feel secure with technology and come to you with innovative ideas of their own.
Guest Author Note:
Smartfile’s blog has some serious information for anyone looking for information about how to manage technology and information in the workplace. Files are replacing objects in offices across the world, and this website is one I’ve found extremely useful in helping me making the constant transition. As an example, their recent post on building a development team is perfect for those leaders trying to form a team for new projects and innovations.
About the Author:
Jennifer Martinson is a writer working on behalf of Secure Thoughts, one of the best websites on the web to teach people of all skill levels and backgrounds about internet security. She is glad to share her knowledge with business leaders and experts.
You can reach her on Twitter with the username iSecureThoughts.