With so much of today’s commerce being conducted electronically, providing staff with internet access has become a business necessity. The internet, e-mail and instant messaging have become essential tools that staff use to communicate, collaborate and carry out research.
Yesteryear, it was relatively easy for organizations to create Acceptable Use Policies (AUP’s) that clearly specified permissible uses for internet and e-mail. The evolution of Web 2.0 has, however, made that a much more difficult process. Wikis, weblogs, forums, social-networking websites and instant messaging are no longer strictly leisure time technologies – they have become vital business resources used in marketing, research and communication and collaboration. But they are resources which can also be misused or abused. How much time do your employees spend surfing the internet (“cyberslacking”)? What do they do during their time online? Search for the best vacation deal, visit an internet casino or look for their perfect partner? How many of the e-mails that are sent and received are work related and how many are forwarded jokes and videos that unnecessarily consume both the employee’s time and the company’s bandwidth? Do employees use e-mail to harass their colleagues? Do employees obtain information from the organization’s network and use that information for immoral or illegal purposes?
Lost productivity is not the only computer-related risk that organizations face. The improper use of e-mail and instant messengers can lead to extremely expensive lawsuits, and the proliferation of mobile devices has made it considerably easier for errant employees to steal sensitive information.
This white paper will detail the risks to which organizations that do not monitor their employees are exposed and explain the right way for organizations to go about monitoring.
WHY YOU NEED TO MONITOR YOUR EMPLOYEES COMPUTER ACTIVITIES
The monitoring of employees is commonplace. The majority of employers monitor employee arrival times. The majority monitor that cash has been handled correctly. The majority monitor the accuracy and quality of employees work. Monitoring in this manner is accepted as a business necessity and most organizations would consider it completely irrational not to make such checks. Yet, a surprisingly large number of organizations still do not adequately monitor the manner in which employees use their computers – and that can be an extremely costly omission. The misuse and abuse of computer equipment can have serious consequences for an organization:-
Personal surfing has become an enormous problem for employers. Employees shop, gamble, play games, chat, watch and share videos and visit online red-light districts – all during working hours. Estimates as to the amount of time that is lost to cyberslacking vary enormously, but most studies put it in the region of 2.5 hours per employee, per day. Multiply that
2.5 hours by the number of employees and the average hourly pay rate in your organization, and you will have a ballpark estimate of the cost of cyberslacking. It’s probably more than you thought, huh?
Social networking site, Facebook, was recently dubbed a social not-working site after a study by security company Sophos revealed that 60% of its users accessed the site during working hours – and that more than 20% of its users accessed the site more than 10 times each day during working hours.¹ There are more than 51 million Facebook users and that number is increasing by more than 200,000 per day. How many Facebooking cyberslackers are in your organization and how much are
A recent study by Carnegie Mellon University’s Software Engineering Institute found
Intellectual property theft
that 75% of IPT’s were carried out by
Intellectual property theft (IPT) has always been a concern for companies – and internet-connected computers and mobile devices provide new opportunities for people to access and steal data. Documents and data can easily and speedily be transferred to a flash drive or laptop. Many organizations are concerned about outsider theft, but, in fact, the majority of thefts are committed
current members of staff.
Employee Monitoring: An essential component of your risk management strategy