More organisations monitoring employees’ digital behaviour

Wednesday, 15 August, 2012

Sixty per cent of corporations are expected to implement formal programs for monitoring external social media for security breaches and incidents by 2015, according to Gartner. Many organisations already engage in monitoring as part of brand management and marketing, but Gartner believes less than 10% currently use these same techniques as part of their security monitoring program.

According to Andrew Walls, Research Vice President for Gartner, the impact of IT consumerisation, cloud services and social media renders the traditional approach of monitoring internal infrastructure for security incidents inadequate for guiding decisions regarding the security of enterprise information and work processes.

“Given that employees with legitimate access to enterprise information assets are involved in most security violations, security monitoring must focus on employee actions and behaviour wherever the employees pursue business-related interactions on digital systems, whether inside or outside of the enterprise IT environment,” Walls added.

Security organisations are beginning to see value in the capture and analysis of social media content, not just for internal security surveillance but also to enable detection of shifting threats that impinge on the organisation, such as physical threats to facilities or logical attacks by ‘hacktivists’ - loosely defined as politically motivated hackers. Early detection of shifting risks enables the organisation to vary its security posture to match and minimise negative impacts.

The popularity of consumer cloud services, such as Facebook, YouTube and LinkedIn, provides new targets for security monitoring that can both mitigate and create risk, but Gartner warns surveillance of user activity in these services generates additional ethical and legal risks and must be managed carefully to comply with standards.

“There are times when information can assist in risk mitigation for an organisation, such as employees posting videos of inappropriate activities within corporate facilities,” Walls said.

“However, there are other times when accessing the information can generate serious liabilities, such as a manager reviewing an employee’s Facebook profile to determine the employee’s religion or sexual orientation in violation of equal employment opportunity and privacy regulations.”

Gartner also warns that while automated, covert monitoring of computer use by staff suspected of serious policy violations can produce hard evidence of inappropriate or illegal behaviours, it might also violate privacy laws. Gartner said organisations should be aware of the laws that restrict the legality of interception of communications or covert monitoring of human activity, such as Australia’s Telecommunications (Interception) Amendment Bill 2006.