I'm under pressure from the board to facilitate a strategy that reduces users' time on personal e-mails. Obviously, I am aware that users should have a degree of freedom to use the e-mail for non-work related matters. Can you give me practical advice on an IT solution that will strike a balance between users' needs and company rules?
Finding a balance through liberality
Tell the board that the use of personal e-mails will significantly reduce in the future and the cost to the company will be zero. This is because you are going to trust your people, by giving them complete freedom, ownership and a standard to live up to.
Organisations that introduce rules and regulations in this area suffer. The same applies to use of the Internet and personal phone calls. People will rebel against strict rules that inhibit their freedom, and will spend effort, energy and much "company time" beating the rules. I have seen this so often. Say to people that they are free to send any personal e-mails they wish, that they will not be monitored in any way. However, ask them to use their personal judgment on this, to keep the number, and time spent, fair. You will be amazed by the results, I assure you.
A little freedom is a dangerous thing
Professor Chris Edwards
Professor of Management Information Systems
Maybe I come from a background different from everyone else on this planet, but surely one comes to work to do just that: "work". I fully understand your board's concerns regarding personal use of business facilities and strongly believe that you should act to clarify matters. Web surfing will be next on the list, and using the company server to maintain the local tennis club's Web site will not be too far away; supporting employees' emergent personal business ventures may even happen.
Why you believe that users should "have a degree of freedom to use e-mail for non-work related matters" beats me. I can understand that employees can use the phone for urgent personal matters but would discourage use for any other reason. In allowing users to, for example, place orders for books over the Web, you might be seen to be allowing them to represent themselves as acting on behalf of the organisation with all the legal ramifications that holds. Any comments contained in an e-mail coming from your organisation's address may be construed as being the opinion of your organisation. If this was meant as a personal comment to a "friend" that somehow became public, your organisation might be held responsible.
So, my first suggestion is to question why you want employees to have this freedom and to recognise the potential implications of facilitating this. Second, if for some reason, which I can barely imagine, you must allow such freedom, then have the employees open e-mail accounts on Hotmail or Yahoo! so that less confusion arises as to the source of the message. However, I am by no means sure this action would exonerate you from all liability.
Instigate a constraints procedure
CEO, Bloor Research
If you are going to allow personal e-mail at all, you must place a constraint on it that is workable and you must also have the ability to monitor users accurately. And while you're at it, you may want to cover Internet usage as well.
Here's an idea. First start monitoring so you know the extent of the problem. Don't do anything until you know the true picture. (And by the way, how does the board know what it claims to know?) Then agree a policy with the board based on a large reduction in usage and have this declared openly. (No more than an average of one e-mail per day, or no more than three named receivers of e-mail, or whatever).
Pick off the abusers of the rules one by one: a good way to achieve this is to pick the worst offender and start automatically copying their e-mails to their manager after sending an e-mail to the manager explaining why you have done this. If they do not act, then escalate.
Have an acceptable code of practice
Senior consultant, NCC Group
Your organisation should produce an "Acceptable Use" policy which covers both e-mail use and Internet access and dictates quite explicitly what is and is not allowed within the organisation. You should highlight the balance you are looking for, but also outline the legal implications of viewing, downloading and sending material via e-mail or the Internet by quoting the Computer Misuse Act.
Ultimately, it is a line management responsibility to ensure that your people do not spend excessive amounts of time accessing the Internet or sending e-mail. However, there are several relatively inexpensive software packages on the market which allow the monitoring, either by content or address, of e-mail traffic through your organisation.
High-profile guidelines could be drawn up and published to the entire organisation with a clear message that e-mail traffic is being monitored and relevant action will be taken if staff are found to be abusing the facilities. By analysis of these statistics, any staff that are immediately identified to be abusing the system by excessive private e-mails, could be disciplined, if appropriate.
Enterprise resource planning users within our company have been complaining for the last six months that they do not have adequate competencies and that our organisation offers inadequate levels of training. As a result, the improvements in productivity that were expected from the new systems investment haven't occurred. The user group has made it clear that they believe it is our responsibility to ensure that both initial and update training is provided on these systems. We do not see ourselves as trainers, nor do we have the resources to do this, but at the same time human resources claims IT training is not within its remit. To make matters worse, our company's performance is not what it should be and management is not very sympathetic to making sums of money available for training.
Does anyone have any suggestions on how we can get ourselves out of this quagmire?
This was first published in September 2000