When it comes to Internet access in the workplace the main concerns for most organisations are still the cost of that access, the connection speed and its reliability. However the bigger and more dangerous issues are of course the security threat the connection poses to the business, what it’s being used for as well as when and where employees are actually accessing it.
It’s no exaggeration to say that in the majority of businesses if you were to do a random check on an employees’ laptop or company smartphone most would be storing movies, music, personal pictures and correspondence, eBay and Facebook accounts and more. Yet many businesses either don’t monitor what employees are using their property for or have a system in place that is so outdated it is useless.
It’s madness that organisations don’t have robust procedures and systems in place to monitor, report and manage Internet usage, especially with the highly complex issues of legal liability that are now arising from online activity. But, the frightening reality is that a lot of businesses push legal regulations and compliance issues to one side until they are directly affected by a security breach despite the fact such breaches can have serious repercussions for everyone involved in a business.
We know of companies that have experienced serious productivity loss for months only to discover that an employee has been spending the majority of their working day on eBay selling off company property on the cheap. There is also an instance of a company being brought to a total standstill when police turned up and removed main servers because explicit images of children were discovered on an employee’s computer.
Needless to say this resulted in a criminal prosecution for the perpetrator but the financial costs to the business far outweighed the cost of having a more sophisticated monitoring and reporting system in place. In this case the senior managers were also held responsible for failing to have robust monitoring systems in place.
For senior managers to assume that Internet security is someone else’s responsibility is dangerous – it has long ceased to be just an IT issue. Staff join and leave businesses on a daily basis, and that is how frequently Internet access should be monitored and reported on. The ever increasing number of people bringing their own devices (BYOD) into work must also be addressed with companies needing to look at their infrastructure, policies and procedures in order to accommodate this safely and effectively.
There are plenty of software and hardware solutions to manage Internet security so the whole process no longer has to be time consuming or difficult to understand. Those at the top of companies can no longer say “I don’t know anything about IT” or “IT doesn’t come under my remit”.
In any other area of a business it’s clear where responsibilities lie and even though technology is evolving faster than all other business tools, accepting the responsibility for it is an aspect that is still lagging behind. The time has come for IT and the security of it to have a seat in every boardroom.