|
Windows stores lots of information in "My Documents" folders. Is it possible that some employees think of the material there as their personal stuff? Of course.
If an organization intends to keep title to their proprietary material and not give an expectation of privacy to employees it is smart to inform employees. This is normally done by Policy, Agreements and Banners.
Policy is a written document outlining what the company wants to do.
Procedures based on the policy actually spell out the details.
Agreements clarify the policy in certain areas, e.g., computer usage. When employees are hired, trained, promoted or fired it is good to get an agreement signed which acknowledges the company policy.
Banners serve as a reminder. They can be simple and designed to appear whenever someone logs into the organization's network.
|
| | |  | | 
We were called by a local government to check the computer that an employee was using (not the employee's computer).
Before accepting the assignment we asked to see the written policy specifying that computers were owned by the organization and subject to inspection.
None could be found. Just as we were getting ready to walk out the policy was located. This allowed us to complete the investigation.
It isn't illegal to investigate misdeeds without a proper policy but it isn't a good idea.
| | | | |
