Monthly Archives: April 2018

HR is best suited to bring all company stakeholders together to ensure safe and productive Internet access

employee Web-use management

My discussion here is about the suitability of HR being the hub for employee Web-use management where all company stakeholders are brought together to ensure safe and productive Internet use by all employees. For one, HR’s expertise typically includes personnel policy, codes of conduct, labor relations, workforce training, legal compliance issues, and workforce morale, all of which relate to the employee Web-use management issue. Because of their expertise in policy, training, and processes, HR is in the best position to coordinate the tasks of proposing and developing solutions to ensure that employee Web use is properly managed. After all, Web-use management is not just an IT issue. It is all about employee behavior, productivity, and morale. What Internet-use people issues are you seeing in your company? How are you solving them?

Communication is key in HR’s collaboration with managers, IT, and employees in the company. Starting at the top of the company, HR can educate senior managers on the importance of employee Web-use management, get their input, and keep them involved. By collaborating with IT whose access to highly accurate Web-use reporting and filtering tools can produce easy-to-consume Web activity data, HR can keep upper management apprised of pertinent employee Web behavior. This allows HR to contribute to the organization’s profitability and help keep the company out of severe legal difficulty–important business objectives for senior managers.

As the focal point in the employee Web-use management effort, HR can also schedule Web-use training programs for managers and employees, coordinating with Legal, IT, or department managers who observe a need or have the specific knowledge to train the workforce. Training could include instruction on the proper use of network resources, how to recognize a phishing e-mail message, how to detect malware symptoms, how to recognize and report other online threats, and other Web-use topics. Essentially, training would teach employees how to use Web access productively and safely. In this way, all areas of the company play an important role in proper network resources and policy training that would have a significant impact on corporate Web security. Are these types of training programs taking place in your company?

Another HR task would be to communicate the company’s Acceptable Use Policy (AUP) to the workforce by providing it in writing or electronically, requiring a signature to indicate acceptance of the policy. If you do not have a policy, HR, in collaboration with IT, Legal, and senior managers, would be well-suited to establish a sound AUP consistent with your company’s culture. Once the policy is created, HR can work with functional managers and IT to ensure optimum implementation of the policy. As Web activity is analyzed over time, HR can revise the policy as necessary. Managers and HR would work together to ensure employees are complying with the Web-use policy. Along with managers, HR would be involved in specific cases of policy noncompliance.

In communicating the policy to the workforce, HR would focus on promoting the interest of the company as a whole, while helping to maintain or improve employee morale. Managing employees’ use of Web-access resources is a sensitive and complex task, one that involves communicating with all groups–senior managers, managers, IT, and employees–and deals with policy, training, and continuous improvement processes. With HR as the hub, the continuous improvement process would involve the frequent review of employee Web use, new Web services introduced into the network, and new security threats, as well as modification of work processes and appropriate revision of the AUP.

All areas of the company can help manage employee Web use effectively. In the next articles, we will examine more closely IT’s role in employee Web-use management, the requirements of an effective Web-use management program, developing a sound AUP consistent with corporate culture, and other topics related to the human factor of data security.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. If HR is leading the Web-use management efforts in your business, in what other ways are they collaborating with others in the company?