Dos and don'ts for e-mail and IM policy review

Article

Dos and don'ts for e-mail and IM policy review

Ed Parry, News Editor

At TechTarget's CIO Conference, cyber law expert Scott Nathan and The ePolicy Institute offered some advice for CIOs looking to create e-mail and IM policies within their organizations. Click here to read why Nathan thinks it's so important for CIOs to get cracking on such a policy if they haven't already.

Do

  • Establish comprehensive, written e-mail and IM policies.

  • Educate all employees about risks and compliance.

  • Stress that the e-mail and IM systems are business tools. Spell out what is – and what is not – considered appropriate business

    Requires Free Membership to View

    Login

    Download Enterprise CIO Decisions for free after registering.

    After registering we will email you the latest issue as well as access to our archive of back issues. Get essential editorial insights that senior IT executives need to run IT operations effectively and efficiently.

    Get Enterprise CIO Decisions Now!

    By submitting your registration information to SearchCIO.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchCIO.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

  • communication.

  • Spell out exactly how much personal e-mail and IM use (if any) is acceptable.

  • Recap your discrimination and sexual harassment policies.

  • Have all employees sign and date a copy of each policy.

  • Incorporate written policies in employee handbook and new hire orientation materials.

Do

  • Address ownership issues and privacy expectations.

  • Tell employees if management monitors e-mail and IM.

  • Support e-mail and IM policies with content rules and language guidelines.

  • Establish netiquette policies for senders and receivers.

  • Implement e-mail and IM retention/deletion strategies.

  • Establish e-mail and IM security policies.

  • Install policy-based content filtering software to monitor and block e-mail and IM that violates policies or regulatory rules.

Don't

  • Expect employees to train themselves. Make them aware of rights, risks, responsibilities and repercussions.

  • Create separate policies for executives or managers.

  • Forget your international associates and laws governing e-mail/monitoring abroad.

  • Assign one individual the responsibility of single-handedly enforcing your organization's IM and e-mail policies.

  • Allow employees to dismiss the organization's IM and e-mail policies as insignificant or unenforceable.

Source: The ePolicy Institute


Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top