More than three-quarters of respondents to a recent survey by CSO (a sister publication to CIO) said their companies permit monitoring employees’ Web use, while 61 percent said their companies allow e-mail content monitoring.
Chris Christiansen, vice president of IDC’s security products and services program (IDC is a sister company to CIO’s publisher), says that originally, companies monitored Web activity and e-mail to avoid harassment suits that resulted from employee misbehavior, such as sending threatening or suggestive e-mails, accessing and distributing inappropriate information, or abusing coworkers’ e-mail privileges.
But now, Christiansen says, regulatory compliance and protection of confidential information are the motivating forces.
Also, inappropriate use of the Internet can soak up the company’s bandwidth, slowing or crippling communications, says Christiansen. And a leak of negative financial information prior to a company issuing its earnings reports can send stock prices plummeting.
Monitoring and even blocking prohibited content and company confidential information can minimize and prevent these problems. Additionally, monitoring provides a log of employee behavior that can serve as evidence if the company has to defend itself in court or provide grounds for firing an employee.
While monitoring e-mail and Internet use comes with costs to buy monitoring software and to administer and review logs, Christiansen believes it’s worth the investment. The additional expenses outweigh the risks of failing an external audit, releasing confidential information or facing litigation.