Acceptable use policies strongly suggest personal computing belongs at home, not in the workplace ACCEPTABLE USEAs it turns out, privacy is not an inalienable right. If you download child pornography on your personal computer and bring it to the office, it could certainly land you in federal prison. Such a fate exists for Michael Barrows, former Glencoe, Okla., city treasurer. In early April, a U.S. Court of Appeals upheld Barrows’ six-year sentence for possession of child pornography, after he argued that he had an expectation of privacy when he took his personal PC to work. The illegal files were discovered when a city clerk, who was having trouble opening a file, asked for help from a reserve police officer who traced the problem back to a file-sharing program running on Barrows’ computer. So what rights does one have when using personal technology in the workplace? Not many, according to Nancy Flynn, executive director of the ePolicy Institute, an electronic communications consultancy. According to a recent American Management Association/ePolicy Institute survey, 84 percent of employers had policies governing workers’ personal e-mail use, 76 percent monitored workers’ website connections, and 65 percent blocked certain connections completely. Half of all employers said they have fired workers for misusing the Internet or e-mail at work. The number-one reason employers monitor e-mail and Internet use is fear of litigation, says Flynn, and that fear is well founded: 24 percent of small, midsize and large U.S. companies had e-mails subpoenaed by the court in 2006. E-mail has become the “electronic equivalent of DNA,” she says. The best way employers can ensure the proper use of their computer assets is to set rules governing them. In Flynn’s opinion, an ideal policy would ban the use of personal technology at the office completely. However, if employers decide to allow personal use, the policy should spell out e-mail rules regarding content, language and confidentiality. “You may want to restrict personal use to certain hours of the day: lunch hours and work breaks, for example, and restrict who they can communicate with: maybe kids, spouses and baby-sitters.” Employers should also offer formal training when it comes to e-mail rules and risks, says Flynn. That way, employees won’t feel like Big Brother is looking over their shoulder. “When employers explain rules, why they are in place, how they monitor and why, it goes a long way toward encouraging compliance,” says Flynn. Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills Careers Security news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe