As technology changes and the security threats change, it is important to keep your information technology policies up to date. Many small businesses do not even have documented policies in place. These policies should ideally be part of a company handbook and reviewed and updated periodically. They are there for your own protection and benefit.
Since there is no urgency to doing this sort of work, the policy review tends to get pushed to the back of the line. That does not mean the work in unimportant. As Steven Covey pointed out in his landmark book “The Seven Habits of Highly Effective People”, people tend to spend their time working on tasks that fall in the urgent and important category first; putting out fires. Next, our human instinct is to move to urgent and non-important tasks or things that have a deadline. Covey points out that effective people avoid this trap. They spend their time working in the non-urgent and important quadrant. This is where planning is done and ideally work that prevents the fires that crop up from getting to that urgent category. Effective people know how to delegate the non-important work so they have the time to spend on tasks that are important but may not be urgent.
Policy making falls into this category. It is not urgent until you have a situation where you need the policies, but it is certainly important. For example, an employee is caught surfing unreputable web sites on the office computer. There have been cases where an employee fired for such an offense, sued their employer and won stating that there was no expectation that he could not do such a thing at work. There was no policy in place stating he could not.
Increases in the usage of employee owned phones and tablets in the work place are also creating an urgent need to define policies on who owns the data, and the steps that need to be taken to protect that data. It is important to know your legal obligations as a business.
Colden Company has sample policies available for our customer-base to use to get started with. These policies could very well make a difference for your business.
Are you responsible for your company’s information security? Are you spending your time putting out fires or truly using your time effectively to plan and prepare? Let our staff of IT experts help your business develop and maintain strong information technology policies.
Call us at (888) 600-4560, email us, or see us on Facebook or Twitter and let our experts help your business.