Del.icio.us
Digg
Reddit
Facebook
StumbleUpon
Valid Reasons for Monitoring
“It was like I lost everything in my life,” Arace said in 2004. She got in trouble for passing along, among other things, a joke e-mail with the subject line “Vote Hillary” and an attached picture of Sen. Hillary Clinton’s head pasted onto the body of a woman flashing her breasts. “You get a simple e-mail like this, you read it, you chuckle, forward it on, click. Done deal. You don’t think of the policy, because everyone was doing it.”
There are plenty of valid reasons for companies to monitor their workers’ computer use. Productivity is one. A 2005 survey by salary.com and America Online found that employees on average wasted at least two hours a day—much of it online—doing things other than work, at an annual cost to businesses of about $759 billion.
Improper computer use can also spell legal trouble. Downloading pirated music or movies onto a work computer can prompt a copyright-infringement suit. Viewing pornography or sending sexually suggestive e-mails can lead to sexual harassment claims. No business wants to end up like Chevron, which had to pay $2.2 million to female employees after male workers circulated offensive e-mails. (The message contained in one: “25 Reasons Why Beer Is Better Than Women.”)
Says Nancy Flynn, the ePolicy Institute’s executive director and author of books on workplace computing rules, “If a company gets embroiled in a lawsuit, you can take it to the bank that its e-mail will be subpoenaed.”
Security is another concern. Porn, gambling and gaming sites, for example, can harbor viruses and other malicious programs that load onto a computer secretly and allow outsiders to damage a network or make off with sensitive information.
Companies also have competitive reasons to keep tabs on workers. Dan Geer, vice president and chief scientist at Verdasys, a data-security company, recalls installing the company’s Digital Guardian system on the network of a company that makes video games, and catching a worker trying to steal the designs for a new game before its release. This worker, Geer says, had logged in to a credit union site, ostensibly to handle personal banking. What he was actually doing was opening the door to an accomplice who had himself hacked into the credit union’s network and was waiting there to swipe the game files.
Steve Roop, a vice president at Vontu, another data-security firm, says such a sinister scenario is rare. Most workers who leak sensitive information do it by accident: “It’s good people doing dumb things.”
Roop says one client, a cell phone maker, had an employee who got so excited about a new phone’s design that he sent a prerelease graphic to a fan site, hoping to create advance buzz. “It allowed competitors to knock off that design and jeopardize the earnings flow for their own company.”
Companies are using two types of spying software: network-based programs that monitor all traffic passing through a system, and programs that sit directly on an employee’s desktop.
Vericept Protect is an example of the first type. The software searches all correspondence for any indication that employees are accidentally or maliciously communicating sensitive data, and blocks it. Vericept also claims it can examine the tone of an e-mail to detect job dissatisfaction. Someone who sends a message saying “I hate my job” or “You’re not going to believe what my idiot boss did today” could be poised to upload company files in anticipation of leaving the job.
Advertisement 
Your Comments
See all
...