According to this article, only 17% of employees believe they had a right to access personal email from their work computers but 50% admitted to using personal emails from their employers computers and 60% had sent work related spreadsheets and documents to their personal email which opens up considerable risk to their employer’s confidential information.
I’m glad to see the author, Katherine Parker, a partner at Proskauer Rose, mention training as key to insuring employee compliance with the employer’s electronic information policies. But I think training is an even more important component than Ms. Parker suggests here.
Social networking use is inextricably linked to email. Twitter, Facebook, Linkedin etc. all require that a user setup an email address to establish a profile. If employees access these services sometimes for work and sometimes for personal reasons (including looking for a new job) what email address should an employee use for this service?
What is good for the employer is good for the employee. This is a key message to employees. If an employee runs afoul of the employer’s policies – complaining publicly about the employers, letting slip confidential information on Twitter, innocently but inappropriately sending confidential information to a personal email that gets intercepted by a third party, the employee is going to suffer consequences more extreme than the employer if this information gets back to the employer.
Training, training, training. I come back to the initial statistics: employees know they don’t have rights to their personal email, profiles etc. at work but many don’t care and use the employers’ property anyway. Only by properly educating employees as to why its important to the employer and for themselves to follow the rules, will compliance improve. Also employees need to know best practices that allow them to do the things they need to do personally without running afoul of the rules. This requires training.