U.S. Navy nails Internet usage policy

Here’s an idea to start the new year: Treat your users like sailors. Yeah, really. Right now, the U.S. Navy is putting the finishing touches on its new appropriate-use policy for IT. This policy will apply to about 900,000 users, including military personnel, civilian employees and contractors. When it goes into effect this spring, it will cover everything from PCs and networks to cell phones and fax machines, in places ranging from battle zones to bureaucrats’ offices.

In other words, the Navy’s policy will cover more users, with more diversity, in more different situations than you’ll ever need to worry about. Now that’s someplace to look for a model.

Better still, the new Navy policy shows signs of being a remarkably sane model for what users should do with IT, at least the way it’s described by Robert J. Carey, the Navy’s deputy chief information officer for policy and integration.

The main principle is that if it interferes with Navy operations, users shouldn’t do it.

And if it’s illegal or a violation of regulations or contract requirements, users shouldn’t do it.

Otherwise, it’s probably OK.

Bet your appropriate-use policy can’t be summarized that simply, can it?

Here’s another key feature of the Navy’s policy: According to Carey, personal use of Navy IT equipment is good for morale. Sending personal e-mail, surfing the Web and shopping online during breaks are all fine — as long as they don’t hog bandwidth or otherwise interfere with Navy operations.

So if the sailors, Marines and civilians who use Navy-issued IT gear make sure the Navy’s work gets done, personal use isn’t just OK — it’s actually a good thing.

That’s a truly elegant core policy. Sure, by the time it’s officially issued it will probably be spun out into endless pages of milspec jargon. But because it’s clear and simple at its core, this appropriate-use policy will likely work anyway.

That’s fine for the Navy. But can you treat your users like sailors?

The answer: Maybe.

After all, your users probably aren’t military personnel. That means precious few of them are being shot at. It also means their sense of organizational mission is different. Your users aren’t focused on defending their nation; they’re more likely concerned with defending their budgets, jobs and retirement plans. This isn’t an adventure — it’s a job.

So if your company’s culture is such that you really can’t trust users to stay focused on the corporate mission, then a working principle like “Don’t do it if it interferes with business” probably won’t do much good. (If your users are that unfocused and untrustworthy, maybe you should be looking for a new place to work, not just a better appropriate-use policy.)

But chances are, your users stay focused mostly on business. So having a simple, common-sense principle at the core of your acceptable-use policy will work fine.

Instead of long lists of what is and isn’t acceptable — lists you’re forever lengthening to close new loopholes — you’ll have a few simple tests for non-work-related IT use. Is it illegal? Is it on company time? Does it interfere with business?

Those are tests that business-side managers can understand. Even your chief executive officer can grasp them. Users who require micromanagement won’t like this approach, but everyone else will get it. They can even enforce it themselves, so you don’t have to play policy cop.

That’s the other advantage of a Navy-style appropriate-use policy: It’s not us or them, IT vs. users. It’s all about staying focused on what’s important to the business.

So we might as well try treating our users like sailors. After all, when it comes to using IT, we’re all in the same boat.

Hayes is Computerworld U.S.’s senior news columnist.

Quick Link: 055152

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now