More Resources IBM White Paper: An Architectural Blueprint for Autonomic Computing IT Automation Related Article: Start Your Engines IMAGINE Improved SOA Implementation through IBM Service Management IBM TV: Managing value with IBM Service Management

For all of the benefits that PCs and the Internet bring to businesses, they also create a new series of issues that didn't exist just a decade ago. By creating a policy that clearly explains to employees what they can and cannot do with regards to company computer hardware, networks, and software, you can create a more efficient workplace and shield the company from liability.

Software can play an important role in a corporate computing policy. Web monitoring and filtering software can restrict access to Web sites based on their content or using lists of approved (or unapproved) sites. Software like IBM Tivoli Configuration Manager can also be used to remotely configure PCs and audit the hardware and software configuration. Tivoli Configuration Manager can gather and deploy Microsoft software patches. With an increased emphasis on corporate compliance, Tivoli Configuration Manager can be used to update PC configurations to ensure corporate governance regulations are being followed. It can also be used to configure and audit mobile devices.

But software only addresses some of the issues involved in controlling how your employees interact with company hardware and software. Written policies and ongoing employee education are also critical.

Software Policy
One of the benefits of Internet access is quick and easy access to software downloads. But there's a downside as well. A good Corporate Software Policy will make it clear to employees what types of software (if any) they are allowed to download and install on their company PC or mobile device, and whether or not such downloads need to be cleared by the IT department.

Protecting against malware should be one concern. Freeware and shareware applications can deliver malicious payloads to corporate PCs and networks. Software piracy should be another concern. It's important that all employees install licensed versions of software on corporate computing devices to protect the company from liability and to ensure the quality standards of the software and the ability to receive support from the vendor.

Education for end users should consist of making them aware of the dangers and consequences of violating the software policy. Employees should also be notified if your company uses software to audit and inventory the software installed on corporate PCs and mobile devices.

Internet Policy
The Internet is such an important part of our lives that it's hard to imagine life without it. For that reason, many businesses allow access to large portions of the public Internet through their PCs and mobile devices. Many organizations block access to obvious trouble, such as pornography or gambling sites, but news sites can be an important source for industry news and corporate intelligence and retail sites could help employees find supplies or products they can use at work.

What your company allows access to and what gets blocked is a corporate decision that can affect employee productivity and morale. Whichever route your company decides to take, make sure it's clearly stated in a written policy and enforced with ongoing education.

Education and Policy Enforcement
A well-rounded policy is developed by all of the stakeholders involved. In addition to IT and corporate representatives, legal counsel and human resources should also be involved to ensure all of the details are covered. The consequences for failing to comply with the policy should also be clearly stated, whether they include termination, suspension, or loss of privileges.

In addition to what is at stake for them personally, employees should be educated about the risks of running afoul of corporate compliance guidelines set forth by the company, industry, or by law.

The company intranet can be an important resource for educating employees about Corporate Software and Internet Usage Policy. Online courses and quizzes can be used to keep employees thinking about how their computer and software usage can help mitigate corporate risk and compliance.

The intranet is also a good place to keep the company policy posted so employees can reference it when the need arises. If your organization requires approval from IT before software can be downloaded or purchased and installed, streamline the approval process as much as possible. If there is a significant delay waiting for a response, employees will be more likely to try to circumvent the system. Set up an e-mail address or use a form on the company intranet for such requests, and make sure employees know what information they need to supply in order to get approval.

Today's culture demands that guidelines are set forth governing the use of corporate computing resources, but the proper use of software, education, and well-written policies can ensure that the guidelines are followed without placing an unnecessary burden on end users and IT.