When it comes to designing and managing enterprise networks, it's easy to feel like you're reinventing the wheel. From dealing with viruses and other threats, through extending your network to customers and remote employees, to dealing with network optimisation, there are so many considerations that it can often feel overwhelming and isolating.

To make things more complex, for every new thought you might have about how to improve your network or make it safer or boost productivity, there are myriad software packages, gear and industry models that you have to sift through to find a match for your environment.

Invariably, if you ask any experienced network manager what their biggest ongoing challenge is, they'll say their users. Users bring viruses to the network. They can make or break the success of any roll-out. And users absorb time and resources with questions and problems.

Many network pros try to stay ahead of the game by focusing on user education. They stress the importance of communication between the network staff and the user community. Without it, they say, users run amok and cause serious problems.

Clear, concise and comprehensive
I recommend starting with an acceptable-use policy that clearly outlines what users can and can't do on the network - everything from when and if it's appropriate to access personal e-mail at work to installing their own wireless networks. The goal is to be clear, concise and leave nothing to chance. Here are some tips:

Take time with senior executives and business unit leaders to map out the organisation's priorities. Detail what you can't afford to have happen in the network from a business continuity standpoint and map that information to user responsibilities.

For instance, if you don't want customer lists to be jeopardised, then you should create a policy that says that those lists can't be downloaded onto handheld devices; they must stay behind the corporate firewall.

Or if you don't want to run the risk of having financial data stolen, then you should lock down employees' access to only corporate-approved machines. This avoids the chance that workers accessing the network from home could tamper with those files. Another example is banning the use of consumer instant messaging or gadgets with hard drives, like MP3 players. This could prevent data from being taken off the network.

Make sure your policy is in line with your business. If you don't have to follow strict regulations, then you don't have to be as strict in your policy.

Make sure you explain why you are creating these policies. Perhaps your company must comply with regulations such as Basel-2 or the Sarbanes-Oxley Act, or your insurance company requires you to have data protection rules in place. Whatever the reason, share it with your employees so they feel like stakeholders in the process.

Hold meetings periodically (once a year is a best practice) to explain the acceptable-use policy to employees, including any changes, and then have them sign the document. This avoids the inevitable "but I didn't know" excuse you might encounter if you try to enforce the policy.

Call for backup
Be able to back up the policy. Make sure you have network monitoring tools in place to enforce your policy. If an illegal application is downloaded, you should be able to identify the user and the machine in a timely fashion. And make sure that senior management is behind any penalty you dole out. For instance, if you have to cut off a person's instant messaging access because he is abusing the privilege, be sure executives are in sync with this punishment.

Be flexible. If you see that times are changing and you either need to tighten or loosen your policy, don't be afraid to do so. For instance, if instant messaging is gaining traction as a business tool, revisit your policy and make adjustments accordingly. It's important the policy protects the network without standing in the way of business.