Internet and social media use at the workplace is a significant productivity issue for many employers. To control use, companies may block specific sites or establishing a restrictive Acceptable Use Policy for their employees. But these two strategies – a blackout and strict AUPs – each have their disadvantages.

This creates a quandary for businesses: Is it possible to create a middle-of-the-road solution that limits Internet use within given boundaries without creating privacy issues or a management enforcement nightmare?  During the recent launch of Safetica in the Philippines, we released a white paper on the three options facing companies. As Jakum Mahdal, CEO of Safetica Technologies stated in this white paper,  “The question is not about making a full prohibition, it’s about setting reasonable restrictions."

Internet and social media use are a known productivity issue in the workplace. And while use of Facebook, Twitter, and other social media is growing, organizations are unsure whether they should completely block employee access to suspect sites, issue an Acceptable Use Policy (AUP) for their employees, or find some other method to moderate their employees’ online activities.

Productivity losses due to social media use are huge

The numbers of employees using work time to surf the Internet are substantial. A Safetica Technologies survey of employees in Great Britain by, a vendor of DLP/monitoring software found that 32% used their computer during office hours to check on various social media unrelated to their work.  In the Philippines, the largest share of personal computing time is actually spent on social networking, according to the Southeast Asia Digital Future in Focus 2013 report by internet analytics company comScore. Specifically, 41.5% of the total minutes users spent online on social networks. comScore likewise credits the Philippines with having the second highest Facebook penetration rate in the world at 92.2%.

When it comes to effective productivity at  work, social media definitely impacts it. Faced with this drag on their productivity, organizations have two major ways to limit Internet and social media use – technical blocks and legalistic AUPs – and both have significant problems
“With one out of three workers misusing the Internet and social media, employers are just beginning to realize the huge costs they are already paying in terms of lost productivity,” said Jakub Mahdal, CEO of Safetica Technologies. “In addition, many company efforts to restrict Internet use swing between being an extreme overkill and simply ineffective.”

Block or talk: two common defense strategies

There are a number of ways to block specific sites. Organizations can block a specific domain or IP Address at the network or at the individual browser level. However, there are also many ways for employees to circumvent these restrictions by using a Virtual Private Network (VPN) or an anonymous proxy server. In addition, a blocking strategy prohibiting employee access to the Internet could hit employee morale and make the company a less attractive place to work.

Organizations can also try to reduce Internet use though an AUP, establishing the conditions and the penalties for unapproved Internet use in the office. Typically, an AUP is a legal document with limited or no technical enforcement mechanisms. It is often used as giving the grounds for employee termination and not limiting behavior beforehand. In addition, an AUP often positions the line manager as the direct enforcer of internet activity – a task that not in his or her list of productive activities.

“An AUP does work – to a limited extent. Safetica Technologies found that the percentage of UK employees using the Internet for personal purposed dropped by one third to 22% when they knew it was against their company’s AUP.But one out of every five employees is still not a very satisfactory level,” remarked Mr. Mahdal.

Reasonable restrictions are possible with Safetica

However, new monitoring software provides a third way that is more effective in limiting Internet use. Safetica Auditor, the monitoring component in Safetica 5.0, enables organizations to list the sites their employees are visiting and to chart the time spent at these sites. “Just saying ‘Facebook bad’ and ‘work good’ is simplistic. Employee behavior and internet use will vary by company so the first step is to map out the specific situation,” added Mr. Mahdal.

Armed with data on actual internet and social media use, employers can establish rules that meet their specific needsand block targeted sites. With Safetica, an employer can set time limits for Internet or specific social media use by department or the individual. Once this boundary is crossed, an alert is triggered.

“The question is not about making a full prohibition, it’s about setting reasonable restrictions. Sure, completely block some illicit sites. But it’s more important to give employees a clear time limitation and have the software – not the individual manager – sounding the alert. Direct control of internet use by a line manager will be inconsistent and dominated by temper tantrums – and this isn’t in anyone’s best interest,” explained Mr. Mahdal.

Get legal and get your employees on board

Use of a monitoring tool such as Safetica 5.0 must be used in accordance to the Philippine Data Privacy Act of 2012 which governs the individual rights to privacy. “This Act essentially tells companies that they must explain to employees why they are using the software and get their signed assent – two logical steps in implementing a viable and enforceable AUP,” said Mr. Mahdal. “It’s important to remember that respecting the individual employees rights – and involving them in establishing  the boundaries for Internet and social media use – is a critical part of the process.”

Author
Safetica team

Next articles

Safetica ONE 10.0: The new generation of DLP integrated with Insider threat protection features

The new content inspection and OCR, risk detection, and data analytics API integration, new branding in the products' user interfaces and improved the overall user experience.

VIDEO: Sensitive Data Protection and Company Operations Audit with Safetica

Learn how can Safetica solve your company sensitive data protection and operation audit goals!

Security or uninterrupted work? With Safetica 9.9 you get both.

New version brings override of DLP policies or control of when file content scan is needed. And announcing public beta of Safetica 9.10 with OCR!
Safetica uses small cookies to improve your website experience. You may disable them from your browser settings at any time. Learn more.