No matter how small your business might be, there are some standard IT policies you should have in place to make sure your staff are following safe and professional standards.


Most small businesses should have some sort of usage rules for staff when it comes to surfing the net as well as personal emails. Allowing them to surf online, access social network sites and send and worse, receive personal email, can open your business server and systems up for some scary viruses, adware spyware and malware issues. It will also help dissuade staff from spending business hours using the internet, chatting with friends and posting they hate their boss on Facebook or Twitter.


Strict rules on security should be in place to ensure confidentiality as well as protection from viruses and other threats. At the least staff should be assigned personal user names and passwords and should be told they should not share this information with anyone, including co-workers. This security policy should also outline use of company information and data as well as indicate level of access for each position.

Backup and Recovery

Small businesses often overlook disaster recovery plans; this can be disastrous in case of hardware failure and other potential physical risks that could affect loss of data. You should make certain your staff are making regular backups using a system like StorageCraft ShadowProtect with both Local and Remote offsite storage if you do not have another service providing automatic backups on your behalf.

Standards for Technology and Software

This policy should include and outline use of the software and hardware available to and used by your business. You can outline which departments and staff members have access to specific software and other equipment. For example an Accountant or Bookkeeper may have access to Xero, QuickBooks or MYOB and Graphic Designers access to Adobe programs. This will keep your licensing budget under control. You should also inform staff that they are not allowed to download other programs or access files such as music if this is part of your policies. SECURITY and PROTECTION using Unified Threat Management Firewalls, SonicWALL and Cyberoam and other services should be considered.