Suggested IT Policies

Suggested Technology Policies

All pages and content copyright 1999-2004 Stephen Malm Consulting & Services

A large percentage of my billable time with clients is correcting avoidable problems associated with open IT policies. Additionally, I see many clients loosing money due to technology abuse by employees.

Please consult legal representation prior to implementing any IT Policies.

The following are suggested guidelines specifically for my clients:

Ensure your employees know that it is your right to monitor computer activities in your workplace on your equipment. This includes but is not limited to email use, Internet use, and use of general applications for personal reasons and monitoring may be done through history file review, deleted file recovery, duplicated email delivery or direct surveillance. Monitoring may also include installation of network and/or individual PC software which transparently track Internet and email usage as well as keystrokes.
Set firm policies regarding personal Internet use if you allow it. It is suggested that personal Internet surfing be kept to a minimum and that all 3rd party email sites such as Hotmail and Yahoo mail be forbidden.
Do not allow chat and instant messaging programs to be activated and used unless specifically required by the employees job position and will be used for business use.
If you want to block access for all users to specific sites, this can be done for most of my clients at the router level.
If you want to block specific users from accessing the Internet completely, this can be done for most of my clients at the router level
Set approved Internet Start Pages. Suggestions are Google or Yahoo. Of course, if you have an Intranet, require that all users open to that page first to get current company information.
Forbid users from subscribing to any mail lists or message boards without approval.
Forbid users from using their company email addresses to sign up for ANYTHING on the Internet unless approved. The most harmless appearing websites can be used for gathering email address for spam solicitations or the sites may not implement security policies which prevent email addresses from being farmed from their website.
If you have users that are receiving excessive spam, change their email address. This can be done with temporary parallel email addresses which will almost completely prevent any loss of legitimate business emails.
Do not permit users to install any unauthorized / unapproved programs both web based and application based. Keep your systems simple and they will be much more cost effective for you to maintain and they will operate more efficiently. Web based programs are a MAJOR source of worms and Spybots. Do not allow any additional search bars, backgrounds, smilies, screensavers, or similar programs to be installed without authorization. Below, please find a table of suggested forbidden and approved programs:

Suggested Forbidden Programs

and Websites

Basic List of Approved Programs

(may vary by client)

Outside mail including but not limited to Hotmail and Yahoo Mail
Browser helpers including but not limited to Dashbar, Yahoo Companion, Hotbar, Gator or CoolWebSearch
Internet Pop Up Stoppers in general. If you have a pop up problem, you have a spybot problem that needs to be resolved.
Any Spybot cleaning programs or Ad Stop programs should be installed by the end user, especially ones that are delivered by pop-up advertising.
Any unapproved or secondary virus detection or cleaning programs.
Any instant messaging or chat program unless specifically approved, including but not limited to AIM, iChat, Yahoo Messaging, and MSN Messenger.
Any Email Program "Add-ons" including but not limited to Smilies and additional Stationery or Backgrounds
Any Screensaver programs or desktop background image generators except for those built into Windows. This especially includes Webshots.
Any programs that change the users cursors.
Any program based daily message programs.

Microsoft Office (Word, Excel, Powerpoint, Outlook, Access and integrated tools)
One Approved Anti-Virus Program
Macromedia Flash
Adobe Acrobat Reader
Approved Accounting Software
Spybot Search and Destroy
Quark
Adobe Photoshop
Adobe Illustrator
Filemaker
WinZip
Quicktime
Windows Updates may be installed, just don't be fooled by a pop-up that looks like it is a legitimate Windows update.

If you ever have any question as to what should or should not be installed, ask first, and install only after approval!

There are specific reasons why unnecessary programs are to be avoided. Much of this has to do with company security as well as loss of computer performance. If you have specific questions why a specific program is forbidden, ask.