An Effective Electronic Use Policy, Combined with Computer Forensics, Can Help Prevent Employee Misconduct
By Ispirian Computer Forensics
Computer Forensics and Digital Investigators
Computer Forensics and Digital Investigators
Organizations purchase computers and other electronic equipment to increase productivity and improve customer service — but that doesn’t mean that’s all the equipment is used for. Employees tend to assume a degree of “ownership” of the devices on their desktops, and use them to some extent for personal reasons.
Employers generally don’t mind if employees use their PCs to surf the Internet now and then or even play an occasional game of Solitaire. It’s just when employees go beyond an employer’s “limits” that problems arise. That’s why it’s important for organizations to establish an acceptable electronic use policy and to communicate it properly to the staff.
“Employers should establish policies governing the use of electronic equipment for the same reasons they should establish any employment policy — so that employees understand what the employer’s expectations are,” said Brad Kafka of Gallop Johnson and Neuman, L.C. in Clayton, Missouri. “Typically, such policies will emphasize that electronic equipment and software are provided for business use consistent with any licensing requirements. Of course, most policies recognize that some limited personal use is permissible as long as it doesn’t detract from work, doesn’t use other people’s intellectual property and is not otherwise unlawful, inappropriate or in violation of the employer’s policies.”
Beyond the Internet
Often overlooked, detailed policies on the use of computers within an organization are an ever increasing necessity. Corporations and government agencies are racing to provide Internet access to their employees.
When most of us think of the potential for misuse of electronic equipment in the workplace we think of accessing inappropriate Internet content. Internet access can open a Pandora's Box of problems: lost productivity, creation of a hostile work environment, etc. However, misuse of electronic equipment goes beyond the Internet, and electronic use policies should extend to all electronic equipment, including telephones and fax machines, and to any use that might potentially harm the employer.
“Obviously it’s inappropriate to display sexually explicit images or make comments that are hateful in some way. The electronic use policy extends those rules to electronic equipment,” Kafka said. “If the policy is drafted well, the employee couldn’t use the excuse that accessing pornographic sites wasn’t distracting from work since such activities are inconsistent with policies preventing harassment.”
Kafka says another key purpose of an electronic use policy is to establish that the employee typically has no expectation of privacy when using employer-owned equipment.
“Employees often have an incorrect impression that the things they communicate electronically are private,” he said. “That is almost always incorrect but in order for an employer to protect itself against privacy claims it’s important to state specifically that the employer reserves the right to access anything that comes through its servers or through the use of its licensed software. The same holds true with respect to the use of telephones and other equipment.”
Avoiding the Pitfalls
While it seems very straightforward, an electronic use policy must be carefully drafted to be effective. It’s very difficult for employers to create such a policy themselves without the services of qualified legal counsel.
“Employers typically aren’t familiar with the legal challenges that can arise,” Kafka said. “We help our clients draft policies that will enable them avoid claims with respect to allegations of harassment or other inappropriate conduct by their employees. Such policies also allow them to access the information they need to without fear of an invasion of privacy claim.”
Kafka also recommends that the electronic use policy be combined with routine, periodic assistance from a competent, third-party forensic computer examiner to verify that the policy isn’t being abused.
“In many cases, employees assume they can get away with things because no one can trace their activities,” Kafka said. “However, a forensic computer examiner can always figure out who’s involved. Prevention is a big part of labor and employment law and anything that can be done to identify potential problems before they arise is very worthwhile.”
Gathering, Preserving and Presenting Evidence
More and more employers are using software that blocks access to certain types of Web pages or monitors Internet usage. However, such programs cannot control all inappropriate activity and may not provide the evidence an employer needs to take disciplinary or legal action.
“Computer forensics is the application of the scientific method to digital media in order to establish factual information for subsequent legal or administrative review. This process often involves investigating computer systems and digital media to determine whether they are or have been used for illegal or unauthorized activities. It can be a very effective and reliable means of finding electronic use policy violations,” said Tom Smith, a forensic scientist with Ispirian Computer Forensics and a member of the American College of Forensic Examiners Institute of Forensic Science (ACFEI).
A competent forensic computer examiner is a professional investigator who will ensure that any evidence collected can be used for litigation should a situation rise to that level. Lacking proper forensic investigative training and experience, even proven, computer-literate professionals can cause otherwise recoverable files to become unrecoverable. Important evidence can be tainted or simply overlooked.
“I recommend that companies seek the assistance of a trained and qualified computer forensic specialist — not a downloaded software program or an untrained ‘computer expert’ — before exercising any sensitive computer examination activities,” Smith said. “Even something as simple as turning on or continuing to operate a computer suspected of misuse can render a great deal of data on the hard drive unusable, or at least extremely expensive and time-consuming to recover.”
Employers don’t like to think that their employees would misuse electronic equipment. At the same time, however, it’s naïve to assume that employees would never access inappropriate content, infringe upon intellectual property or otherwise place their employer in legal jeopardy. To prevent such circumstances it’s essential that employers establish an electronic use policy and utilize the services of a forensic computer examiner to ensure the policy is being followed.
ABOUT THE AUTHOR: C. Cooper, CMS Special Interest Publications for Ispirian Computer Forensics
Ispirian Computer Forensics is a Missouri private detective agency with specialization in computer technology and digital media; specifically, computer crime and computer misuse investigations, digital forensics, mobile phone and PDA forensics, data and password recovery, and secure disposal of digital media. Ispirian can provide computer forensic investigative services and support to corporate security and the legal community. Our headquarters is located in Chesterfield, Missouri USA. We assist clients nationwide.
Copyright Ispirian Computer Forensics
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer.For specific technical or legal advice on the information provided and related topics, please contact the author.