Two decades ago, the web was a casual escape dominated by message boards, AOL Instant Messenger, and Homestar Runner. Only some people used it for work. Fast forward 20 years, and countless jobs require that you use the internet in some way. This has made it easier than ever to take a quick break, open a new tab, and do some personal surfing – blurring the line between work and leisure.
While on the clock, it’s crucial that you and your employees use the internet wisely. Everyone needs a break, and watching the occasional funny video can actually be a healthy habit. But that doesn’t mean you can be careless, either. Everyone on your team should know how to browse wisely, securely, and respectfully while working or using company devices. Some basic online awareness can also be one of the most effective plays in small business security, while keeping your team mindful participants in a web-friendly workplace.
We be surfin’
Have you ever paused work to read an online movie review? Or used your phone to check social media notifications from the restroom? You’re far from alone. Some might even find their dream home in between meetings, thanks to the always-available internet.
This behavior is only increasing as more companies experiment with remote and hybrid work. Our previously separate internet lives are being woven together: Millions of employees now use their own computer for work, or have permission to use their work-issued laptop for personal use. And many have installed work apps like Slack or Microsoft Teams on their phone, which means their job comes with them to the grocery store, the movie theater, and on hikes (whenever they have signal).
Casual, work-time web browsing is so popular – and so normal – that it’s been given a name: cyberloafing. Despite the negative (and delicious-sounding) name, cyberloafing has been linked to higher levels of employee satisfaction and even productivity.
It’s a prime example of how “work” has changed, and keeps changing: Regular breaks should be encouraged for good mental health, and the internet – even though we’re using it all day long – is often the first choice as a distraction. It’s even more enticing if you work from home, without pesky co-workers or managers walking by and seeing that Thoughts of Dog Twitter feed on your screen.
How employees can surf safely (and respectfully)
The overlap between work and the internet isn’t shrinking any time soon. If you’re a small business leader, it’s never been more important to give team members some guidelines for staying safe and respectful online. It’s something that affects both security and HR, as it will ensure employees don’t do anything inappropriate, illegal, or dangerous online.
Not sure where to start? Here are a few ideas on what to include in your internet usage policy:
- Create strong, unique passwords for every online account and web service
- Visit sites you know by manually typing in the URL
- Inspect links to ensure they’re sending you to a trustworthy site
- Watch for warnings from your browser about potentially unsafe pages
- Stick to HTTPS when possible, and consider enabling HTTPS-only mode when browsers allow
- Download or stream anything illegal or suspicious while on work devices or networks
- Connect to untrustworthy public Wi-Fi networks
- Click on pop-up ads or open links in unsolicited emails
- Fill out random forms around the web
- Disable your browser’s security features in order to view or download something
Every business is different and yours likely has its own culture and philosophies around using the web and time management. Beyond some ground level, security-minded tips, you’ll need to talk to your leadership team (if you have one) and decide the extent of what’s allowed and what isn’t.
The key is to make sure your team is aware of your stance. Depending on your policies, you may want to mention that Incognito Mode doesn’t entirely hide their browsing history, or that IT teams can read what they’re writing in emails or messaging apps. Also, remind them that content they consume during work hours could be seen or overheard during video calls and meetings.
That’s a lot to keep track of! But you can sum it up for team members with a single piece of advice: Just think a little extra about what you’re doing on the web while at work.
Lighting the way to mindful habits
If you run a small business, don’t ignore the issue and pretend your employees aren’t web surfing. You also shouldn’t punish them for doing so. The better plan: Make sure they’re doing it mindfully, and in moderation. You can nurture these habits by equipping team members with the right education and tools. That way they can navigate the web securely on their own – or with minimal assistance and oversight from IT.
If you haven’t done so already, create an online security handbook that covers your employee internet and device protocols. Make these guidelines part of your onboarding and reinforce ideal habits with additional training sessions and educational materials. Make sure your IT/security team has an open-door policy so employees feel comfortable asking questions and coming forward with any potential mistakes or web-related concerns.
When employees factor security into their daily routines, it naturally creates a strong defense against the most prominent source of cyber attacks: human error. This is what the term “culture of security” is all about. Focusing on human-centric security, with mindful habits across your workforce, is just as important as choosing the right security software.
Strong leadership and thoughtful messaging go a long way. You can take it further by putting the right tools in your employees’ hands: devices approved by your IT department, privacy-centric browsers, and a password manager that helps them manage their accounts and other sensitive information.
For example, 1Password can help everyone on your team stay both productive and secure on the web. It will suggest strong passwords for new accounts and autofill them on all your devices and browsers. 1Password will also make a note of the URL each password is meant to be used on, so you won’t accidentally share your credentials on a scam site.
Stay alert without looking over their shoulders
As your team grows, so does the possibility of some online snafus. It’s important to keep tabs on your company’s digital defenses, but you need to strike a balance – monitoring employees too closely will lead to a culture of surveillance that creates stress and resentment.
The trick is to find tools that let you monitor your overall level of security without being overly invasive. For example, with domain breach reports in 1Password Business and Teams, you can quickly check if any company email address has been affected by a known data breach. If anything comes up, you can tell the affected employees to update their account details or, if necessary, deactivate the associated accounts.
1Password Business customers can also view an Activity Log to see what noteworthy actions have been taken by team members. This will help ensure that the right people and devices are being given access to company passwords and other data.
Keep your team prepared for anything
The web is like a living organism, changing and evolving in real time. New sites and services are launching each day that influence our online routines. And as your employees’ web surfing changes, cybercriminals will keep adjusting their tactics accordingly. The bottom line: You can’t account for every future scenario in a single sheet of instructions.
Instead, focus on giving your employees the skills to spot and avoid issues, and know that their decisions on the web can affect everyone around them – as well as your customers. Foster a safe and respectful culture, and help them sharpen or update their online habits on an ongoing basis. And make sure they know who they can talk to within your company when any questions arise.
Thanks for reading! You are free to resume your loafing. 🍞