You can't watch what your employees do every second, but you can help them avoid walking into basic Internet security traps by setting up the following guidelines at your company.

Don't Spill Company Secrets – This is the hardest to enforce, but if you expect your workers to keep your business's proprietary and strategic information within office walls—and out of Internet chat rooms and e-mail messages—you need to make sure they know it. Create a policy specific to your company and have employees read it and sign it.

Secure Your E-mail – If you use Microsoft Outlook 98 or 2000, encryption is built in—just be certain you're using it. Options appear in the Tools menu; select Options, then Security. To send individual encrypted mail from home or on the road, PrivacyX (www.privacyx.com ) offers a free mail-encryption service. (As an added bonus, your messages are completely private.)

Use Strong Encryption – If you're using Outlook 2000 and Windows 2000, you should also install Office 2000 Service Release 1. The new S/MIME3 encryption support, available only in Service Release 1, is state-of-the-art.

Run a User ID and Password Audit – What's less secure than posting passwords on a sticky note on your PC? Picking easy-to-crack passwords (like a user's first or last name) and never changing them.