One research firm, International Data, estimates that 30 percent to 40 percent of employee Internet use is not work related. While most non-work related Internet use is likely to be harmless - such as booking holidays and using web-based email - should you put a formal business policy in place to safeguard you and your employees?

While most small businesses recognise the need to strike a balance between giving employees reasonable personal access to the Internet and being heavy handed - there are potential risks to your data or the image of your business:

downloading files containing viruses
sending valuable or sensitive information outside of your business
using an overly casual tone in business emails
accessing, downloading, or distributing offensive or pornographic material
defaming other members of staff or business contacts

Introducing an email and Internet policy should go a long way to preventing these risks and it should help your employees get the most out of their technology use.

Your policy should state exactly what is and isn't permitted so all parties are aware of where they stand. The policy should give clear guidelines, but avoid being overtly negative. Your policy should include:

why it is needed
what email and Internet use is acceptable and unacceptable
when or if email and the Internet can be used for personal use
the rules on downloading files and checking for viruses
how emails should be addressed - and the tone you expect to be used
if you will carry out any monitoring - and if so - what it will involve
what action you will take if anyone breaches the policy