backtop


Print 40 comment(s) - last by Shida.. on May 25 at 9:36 AM

"I always feel like somebody's watching me"...

Do you ever feel like someone is watching you, waiting for you to make a mistake?  Well if you're part of one of the 41 percent of largest U.S. companies that monitor their employees email on a regular basis, you might not be so crazy after all.

A surprising new survey is illustrative of the increasing loss of privacy on the internet, particular in public locations.  The company that published the study, Proofpoint, states that the cause of this privacy loss is not entirely malicious.  Companies have become fearful of information leaks over email, blogs, message boards, media sharing sites and mobile devices.  Over 44 percent of companies admitted to performing investigations into leaks this year.

Companies are responding by increasing employee monitoring.  Of the companies with over 20,000 employees, approximately 41 percent were found to monitor outbound email.  Of the large companies approximately 22 percent hired employees chiefly for the purpose of monitoring the other employees' email.

Aside from email leaks, 40 percent of companies reported investigating email violations of privacy or data protection regulations.  The results of these investigations -- 26 percent of all companies surveyed report terminating an employee within the last year for email policy violation.  Further, 23 percent of companies responded that their business had been impacted by the release of sensitive or embarrassing materials from within the company.  Of the largest companies, 34 percent report that their employee email was subpoenaed within the last year.

Companies aren’t just worrying about and watching employees' email communications, either.  Of all the companies surveyed, a surprising 27 percent reported that they lost confidential information through lost or stolen mobile devices within the last year.  In the past year 11 percent of companies reported disciplining employees for blogs or message boards.  In addition, 13 percent report punishing employees for inappropriate use of social networking sites and 14 percent report punishing employees for using media sharing sites.

Blogs are also under investigation these days.  Of the companies surveyed 14 percent of companies report investigating the release of material financial information (such as unannounced financial results) on blogs and message boards.

The unfortunate side effect of this trend is that it’s hard to tell companies are merely watching out for their own interests from companies who are looking to snoop inappropriately in employees personal lives.  The trend surely will leave many employees feeling a bit violated.

However, even those employees that are not subject to corporate monitoring may fall under the scope of increased government monitoring programs in the U.S. and abroad.  The UK government recently announced plans to try to collect its citizens' email, web, and phone history.  Web monitoring efforts here in the U.S. are also widely known.  People are having to face the somewhat unpleasant reality that their private lives online are becoming less and less private.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Violated?
By bertomatic on 5/22/2008 2:12:52 PM , Rating: 2
Agreed. The owner of the equipment and data have every right to monitor and protect that data. As a sysadmin, I am supprised over and over at how "regular" employoees use company equipment for personal use. "keep it at home people".


RE: Violated?
By Kenenniah on 5/22/2008 2:32:59 PM , Rating: 2
Nothing more exciting than swapping digital cameras out for an employee only to find he left pretty pictures of his anotomy on the memory card of the old one.


RE: Violated?
By MrBlastman on 5/22/2008 3:05:13 PM , Rating: 3
Or how about being a sysadmin and finding out that one of the most important employees in the company is a chronic porn surfer?

Do you shake his hand ever again knowing what goes on at work? Does the CEO do anything about it?

It is a double edged sword - for some people, they are immune to it where others get busted.

If you don't think it should be at work, don't do it at work.


RE: Violated?
By Mitch101 on 5/22/2008 5:23:48 PM , Rating: 4
Managers are the best for pr0n and jokes. A good manager provides up to date new jokes worthy of reading.

Helpdesk is the worst for resumes and burnout videos and thinking they know ways around the system. LOL. A+ certified no more like D minus at most.

Accounting and HR for soccer mom schedules and extra curricular activities outside the office. Gossip too. The funny part here is Accounting and HR will open tickets for not receiving kids photos or soccer schedules or e-mail from their husbands.

Security funny enough they receive the most netflix e-mail. Should you be securing the place or watching movies?

Most of the time if you do get called to check on something its because someone forwarded the wrong joke or adult content to the wrong person or someone saw it over their shoulder.

My favorite ones to deal with are the people who receive a spoofed message from a yahoo/road runner account thinking they won a contest from the company you work for and you match the IP addresses to their local subnet.

A manager once moved his porn accidentally to a public folder.

Other things that come to mind.
Girls with ex boyfriends who start websites with their pictures on them. Ex wife/husband fights. Someone sending threats to people outside the company from someone else's computer left unlocked. VIRUSES from people who connect to external mail systems and open the attachments then try to deny and lie about it. Sadly the Viruses from external mail sources is someone from helpdesk 30% of the time. Again D Minus certified.

Every e-mail system should block AOL entirely because its just chain letters, jokes, virus warnings you heard 10 years ago that they just heard for the very first time. Budweiser frogs? Bill Gates sending you money if you forward this to 10 people?

In every company there is that one guy who must forward you ever piece of spam he ever receives in his inbox even though you tell him to just delete it and move on he never does this. At this point the e-mail team adds his name to spam just because.

A new thing I started seeing is spam with an IPV4 but last octet being IPV6. Example 192.168.2.354 I haven't tried this yet but its a pretty cool idea.


RE: Violated?
By phattyboombatty on 5/22/2008 3:55:01 PM , Rating: 2
quote:
The owner of the equipment and data have every right to monitor and protect that data.


Try using that same argument to secretly record phone calls. Even though your employee is using your phone, your phone server, and your phone lines, you're probably committing a federal and/or state crime by recording that call.


RE: Violated?
By Kenenniah on 5/22/2008 5:11:19 PM , Rating: 2
Tell that to evey customer service center. I'm guessing you've never hear the disclaimer telling you that this call may be monitored etc.? All you have to do is let people know their calls may be monitored and there is no legal issue. Just about every large company that I know of has policies that employees sign to work there. Phone calls are also different, since in order to record the call you are all recording what's being said on a different public or private network. To read an email, you don't have to touch on any other network. You are just reading text already stored on a hard drive in your server or your employee's computer.


RE: Violated?
By phattyboombatty on 5/22/2008 6:04:56 PM , Rating: 2
I hope you're not running a legal department anywhere. The customer service centers you mentioned get consent by informing the caller the call may be monitored. Thus, all parties to the call are aware of the recording and its ok. How does telling your employee that their call may be monitored inform the private party on the other end of the call that the call is being recorded?

Your example with email regarding public vs. private network only works for intra-office emails. Every outgoing and incoming email from outside your private network has to travel across public lines, and is analogous to the phone example. I'm not saying that recording emails is illegal. I'm just saying that the argument that "this is my property, I can do what I want with it" doesn't always fly.


RE: Violated?
By Kenenniah on 5/22/2008 8:54:14 PM , Rating: 3
Federal and most state laws (with the exception of 12 states) only require one party of a phone call to be aware of the recording. So it all depends on where the calls are taking place (and yes the strictest law stands). So for a call from Iowa to Kansas, only one party is required, but from Iowa to California all parties are required to be notified, so we are both correct depending.
http://www.rcfp.org/taping/

For the networks, there's a difference between passing through other networks, and actively recording information. With recording phone calls, you have to record both ends, so you are in effect streaming information from an outside network and recording it. With an email, the data has been completely sent to your equipment. It may have gone through other networks to get there, but you don't have to aceess or touch those networks to get the information, Every bit of it at the time you read it is located on your own private segment. I can disconnect my computer from the internet and still read an email. I can't disconnect from a phone line and still record a conversation. I'll grant you it's a very very subtle difference and I have no idea if it really matters or not :P

One way to look at it, is an email is more like the recording of the phone call. It's already been recorded, it was just sent to your servers. So to compare more directly, it would be like someone recorded their end of a phone conversation, and trasferred the wave file to your company's servers.


"If they're going to pirate somebody, we want it to be us rather than somebody else." -- Microsoft Business Group President Jeff Raikes














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki