Employee monitoring through social media platforms can improve security, but it raises important ethical and legal considerations, a Gartner report indicates.
It might be worth thinking about keeping your friends close, but keeping your Facebook friends carefully cordoned off from the eyes of your employers, if a recent report from IT research firm Gartner is any indication. The study found that corporate monitoring of employee behavior on social media sites like Facebook, Twitter or LinkedIn will rise to 60 percent by 2015, as businesses look to crack down on possible security breaches and incidents.
The growth in monitoring employee behavior in digital environments is increasingly enabled by new technology and services, Andrew Walls, research vice president of Gartner said in a prepared statement. Surveillance of individuals, however, can both mitigate and create risk, which must be managed carefully to comply with ethical and legal standards.
The report noted that the old way of monitoring employee activity, mainly through internal networks, has been rendered largely ineffective and obsolete by the rise of cloud computing and consumer-focused social media platforms. As a result, businesses must reassess how enterprise security is implemented and managed. While businesses already use social media monitoring in marketing or brand-management capacities, the report found that less than 10 percent of companies surveyed employ these monitoring techniques for security purposes.
Security monitoring and surveillance must follow enterprise information assets and work processes into whichever technical environments are used by employees to execute work, Walls continued in his remarks. Given that employees with legitimate access to enterprise information assets are involved in most security violations, security monitoring must focus on employee actions and behavior wherever the employees pursue business-related interactions on digital systems. In other words, the development of effective security intelligence and control depends on the ability to capture and analyze user actions that take place inside and outside of the enterprise IT environment.
Gartner analysts warned there are several ethical and legal pitfalls that must be avoided, such as monitoring a prospective employees Facebook page to discover personal details that could violate equal employment opportunity and privacy regulations, such as race or sexual orientation. Covert monitoring of digital communications could also breach privacy laws, the report noted. There is also the question of who is actually looking at this information and the parties who have access to employee-monitoring tools.
The conflicts involved were highlighted through recent examples of a small number of organizations requesting Facebook log-in information from job candidates, Walls noted. Although that particular practice will gradually fade, employers will continue to pursue greater visibility of social media conversations held by employees, customers and the general public when the topics are of interest to the corporation. The problem lies in the ability of surveillance tools and methods to produce large volumes of irrelevant information. This personal information can be exposed accidentally or become the target of voyeuristic behavior by security staff.