Does Your Small Business Need Technology Policies?

by Margot Carmichael Lester, Staples® Contributing Writer

Many small businesses operate without technology policies. But that could put you and your company’s livelihood at risk. Take a look at what you need to include in an employee technology policy to safeguard yourself.

Personal Use

Is limited personal use of company computers and other devices allowed? “Some personal use should be tolerated, because it increases employee morale and productivity,” says Abbey Dieteman, cofounder of Dieteman Technology Consulting in Oneida, NY. “However, there should be a policy that technology use will be monitored and there is no reasonable expectation of privacy on company technology.”


Are there some sites you want to prohibit due to productivity, like popular social media, gaming or eCommerce sites? How much personal time is allowed? “We installed Internet monitoring software that documents how an individual spends time on the computer,” says Vincent Clarke, marketing manager with USB Memory Direct in Hollywood, FL. “We rely on the fact that telling employees they are being monitored will discourage most of them from being unproductive.”

Text Messaging

Is text messaging between colleagues allowed? “SMS and most consumer-based messaging apps send messages unencrypted over the Internet,” explains Jim Patterson, cofounder and CEO of workplace mobile messaging company CoTap in San Francisco. “This means that anyone able to access the network — for example, anyone sharing the Wi-Fi connection at a coffee shop or hotel — can potentially intercept and read the content. This is especially problematic for companies in certain regulated industries, such as healthcare or finance, where data leaks can result in large penalties and fines.” Consider requiring employees to use official company solutions designed for business use-cases and that have security and compliance protections.

Mobile Devices

Without question, every enterprise should have a strict policy banning the use of mobile phones while driving. “Likewise employees should be cautioned about using devices while operating dangerous equipment or in other dangerous situations that might require their full attention,” Patterson says.


What information can employees access — and how — during and after their employment? How do you limit access to critical data? “Use common sense but consider worst-case scenarios,” advises Dmitry Davydov, CMO for Bitrix Inc., a company based in Alexandria, VA, that develops a productivity 2.0 suite for small businesses. “Don’t be paranoid — you don’t have to encrypt everything, but limit access to critical information. Make sure only the right employees have access to it and that your security standards are up to date.”

Downloads & Installs

Can employees download or install applications and programs on company devices? “You may want them to get approval before installing programs needed for their job,” Dieteman says. “And I recommend not allowing employees to download games, as there is a high rate of virus and malware in these types of programs.”


Are employees (or interns and temps) required to bring their own devices to use at work? What if they engage in illegal activities while on your Wi-Fi connection? “In most cases, think about how to manage and provide people secure access to applications, data and files,” says Bernardo de Albergaria, vice president and general manager of SaaS products and markets at Citrix. Also include configuration and security of personally owned devices to “protect the organization against threats, data loss and noncompliant usage.”

The Bottom Line

“Small business owners, especially, tend to be hesitant about creating such technology policies because they don’t want to seem like they’re micromanaging employees or being distrustful,” Dieteman says. “As with any business policies, it’s extremely important to have one because your business could be at risk.”


blog comments powered by Disqus
We welcome your comments about the articles on the Staples Business Hub. Please follow these simple rules when submitting your comments: Do not mention our competitors, the price you paid for products, URLs, or your personally identifiable information (such as your full name or address). Be considerate and courteous. Do not attack or insult other users, use violent language, or engage in name-calling. These types of comments will be removed. Our moderation team may read comments before they are displayed.