Careers & Employment Information


Employees, Get Used to Working under Surveillance


Let's face it. Monitoring employees' e-mail, tracking their Internet use, logging everything done at keyboards has become the norm in Corporate America.

With computer monitoring software so cheap and easy-to-apply it's no wonder that workplace surveillance becomes more and more widespread.

Here are some figures from the 2005 Electronic Monitoring & Surveillance Survey made by American Management Association and the consulting firm ePolicy Institute:

76% of companies monitor websites their employees visit, and 65% use software to block connections to certain websites.

36% use software to log keystrokes and keep track of the time spent at keyboards. 50% store and review computer files.

55% store and review employees' email messages.

So, wherever you work, the odds of your company's keeping a keen technology-aided eye on you are pretty high. There is no such thing as privacy at the workplace, experts say. Let's not have any illusions about it. Even if you are allowed to use workplace computer at lunchtime or after work, the policy covering the use of computers and the Internet applies as well.

According to the same study, 84% companies surveyed do have rules covering personal use of email, 81% have established policies governing the Internet use. So, majority of organizations at least have set up rules for everybody to observe.

80% of organizations that monitor keystrokes and time spent at keyboards let employees know about that. 86% notify staff about email monitoring, and 89% alert workers that their Web activities are tracked. These figures show that for vast majority of employers the aim is to make workforce to comply with the rules rather than to catch somebody red-handed. The remaining 20%, 16% and 11% probably carry out clandestine monitoring. Too bad, but there is little employees can do in most such cases.

It seems odd, but under the law, in many states employers aren't obliged to warn employees about computer and /or email monitoring. We may grumble it's not fair, we might protest, but that's that. At least in the vast majority of organizations monitoring is not surreptitious.

If the rules are set, the only option is to conform to them. And try not to take offense, though it is not easy. Though employers sometimes are carrying it too far, in most cases they aren't doing it out of pure malice. Company owners are protecting themselves from reputation-damaging scandals, costly workplace harassment lawsuits and data leakage.

Employers are expected to protect employees from hostility at workplaces, and they monitor, say, email messages to spot those who are sending obscene or hateful emails. Software for email monitoring costs far less than a single compensation payment in case the victim sues the firm. Lots of companies can't afford litigation; those who can, don't want it.

Even logging every keystroke can be justified if the employees are dealing with trade secrets or some other highly valuable (in a direct sense of this word) information. It doesn't necessarily imply distrust -- some companies just won't survive if some confidential information is lost.

If the employer doesn't allow staff to surf a bit during lunch breaks, it doesn't at all mean the boss is a petty tyrant or just greedy. There is another reason for these restrictions.

Unrestricted Web surfing from workplace computers leads to corporate PCs swarming with malicious software. In fact, lots of these computers already are choke full of various unwanted programs, some of them extremely dangerous.

Last October, America Online and the National Cyber Security Alliance examined the computers of 329 randomly selected Internet users and found that 85 percent of them contained some form of spyware. The average "infected" computer had more than 90 spyware and adware programs.

The State of Spyware Report, made by Webroot Software released on May 3, says:

During Q1, 2005, 87% of scans made with Webroot's SpyAudit software found some form of unwanted program (Trojan, system monitor, cookie or adware) on corporate PCs.

Excluding cookies, which are not such a serious problem as key logger programs or Trojan horses, more than 55% of corporate PCs contained unwanted programs. There were an average of 7.2 non-cookie infections per PC.

Now consider the fact that no single anti-virus or anti-spyware product protects against all the crap that might land in workplace computers. You are lucky if it's just irritating adware. But in case of programs capable of stealing information, like keyloggers or keylogging-containing Trojans, a single "overlooked" program may mean lost valuable data.

Of course, no regulation is perfect. Everywhere where there are rules, policies and regulations there is always room for abuse or misunderstanding. It seems that the human factor is the weakest link here.

Ancient Romans used to say "Dura lex sed lex" (the law is harsh but it is a law). Present-day computerized workforce can paraphrase it "the policy is strict but it's a policy".

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security. Learn more -- visit the company's website http://www.softsecurity.com


MORE RESOURCES:
could not open XML input