Policies Controlling Use of Computer-Based Resources in Small Businesses

To protect themselves from legal liability resulting from employee misuse of computer-based resources, small businesses need well-defined policies and practices assuring acceptable use of the organization's computer network and related resources. This study analyzed the risks and legal implications that parallel employee use of computing technologies, such as e-mail and Internet, and the rights of employers to monitor employee use of computer-based resources. A survey of small businesses in Arkansas indicated that a significant number of employees within the organizations have access to computer-based resources. Sixty-eight percent of the organizations use at least one technique of monitoring employee use of these resources, yet fewer than half store and formally review employee computer files and e-mails or review Internet activity. Only 38% of the small businesses have formal policies regulating use of computer-based resources. Although the majority of all respondents are aware of their right to monitor use of computer-based resources, many are less aware of potential organizational legal risks that could be faced as a result of system misuse.