Most employees understand that stealing from their office is not acceptable, but often it’s the definition of “stealing” that causes problems. For example, if a spare pen or pencil from someone’s desk ends up in his or her car, must they return it? Is it stealing if they don’t? What about making personal copies on the office copier? That uses paper and toner—is that stealing?
Another grey area for many employees is the use of company bandwidth, e.g. the internet connection. If a worker connects to their company’s wi-fi to check messages or post something on social media, is that stealing? What if they stream a video on their laptop during a lunch break?
Technically, all of these activities are theft unless the employer has established policies that allow them. Even more importantly, conducting personal activities over the corporate wi-fi connection could potentially compromise the network, and therefore the company’s systems. That could expose them to intrusion.
For example, if a worker who is authorized to connect to the company network to receive work emails on his or her phone logs into a favorite site that has been hacked, it could create a back door straight into the heart of the company’s systems.
The safest play is to have a policy that prohibits accessing the corporate network for non-work, unapproved activities, no matter how innocuous they may seem. Most firewalls have a feature—often available as part of a “traffic log,” that lets administrators see who was on the network—and when/what they were doing. It’s a good idea to perform periodic checks of traffic to evaluate worker’s online activities and determine if they present a danger to the company.