A blog focused on messaging and collaboration of all types -- email, instant messaging, VoIP, Web conferencing and other technologies that help people communicate more efficiently and effectively.

Wednesday, May 9, 2007

Inappropriate responses to policy management

We're in the midst of a major new study on messaging policy management and will be providing the data to our early subscribers next week.

In the context of policy management, I participated in Tumbleweed's WorldSecure conference in San Diego yesterday. One of the panelists in a session on content filtering and encryption told us about her experience when responding to someone who had violated a company policy on inappropriate content being sent through email. This panelist, a senior IT manager, reminded the individual about the corporate policy, to which the offender replied, "Bite Me!". The individual who offered this less-than-appropriate response is no longer employed at that company.

This incident points out the other side of policy management. We might assume that employees accept the notion that their employer has the right to monitor their email, IM and other communciations and to enforce rules about the appropriate use of these tools. We might assume that policy management systems exist to catch only inadvertent and accidental violations of corporate policy. However, there is a small group of employees in most companies that really doesn't accept those restrictions and will fight back, even when they know they're in the wrong.

As an IT manager, how do you deal with those employees? Are there techniques that you've tried that work for convincing these people that corporate policies are a good thing?

posted by Michael D. Osterman at 5/09/2007 11:50:00 AM

3 Comments:

Anonymous mroonie said...

Although I would be tempted to mass email that employees' personal information to everybody within the company and then reply "Bite me!" to his/her complaints to my actions, this of course would only snowball the problem.

I have found that most employees who resent a certain rule/person enforcing the rule, all it takes is a little one-on-one time to help the employee to understand the need for the rule, and also to show that you're willing to take the time to understand the employee better and why they do not want to adhere to the rule. Hopefully people old enough to be working in the corporate world will be mature enough to handle this type of conversation and allow progress to occur.

May 11, 2007 8:59 AM

 
Anonymous Robert said...

Great post Michael. We see this all the time with IT put in the uneasy position of "police officer" to enforce rules. Ultimately comes down to consequences and those have to come from the executive level.

May 14, 2007 11:52 AM

 
Anonymous Stefan said...

I have heard similar stories when talking to customers. Companies are well advised to remove IT from the thankless role of the policy messenger. It leads to employee burnout and can create a hostile work environment.

Instead, regulatory and HR violations should be routed automatically to the appropriate business manager with the proper authority to enact on the rules.

The same applies to core IT policies such as quotas. Rather than having IT chase individual offenders, firms should implement technology solutions that can automatically enforce IT policy while offering alternatives that enable employees to get their work done.

June 15, 2007 3:16 PM

 

Post a Comment

<< Home