While monitoring employee computer activity is one of the most effective ways to protect intellectual property and enforce acceptable use policies, many employers hesitate to use this approach. Oftentimes, executives worry that the potential for decreased employee satisfaction and trust might outweigh the security afforded by greater visibility into their activities.
The truth is that the purported backlash against employee monitoring from the rank-and-file is a myth. Statistics have shown that most employees are willing to accept, and expect, monitoring of their activities when using company resources. And with a few common-sense communication steps, organizations that choose to monitor their employees can actually bolster and maintain employee goodwill. It just takes the right approach.
First, let’s look at the statistics: a recent survey we conducted of 200 office workers showed that a full 79 percent reported that they find monitoring of activities on company issued devices to be perfectly acceptable. Beyond that, the same survey showed that if that pool of employees knew about a monitoring program, 59 percent would stop using company devices for personal activities, which cuts down on the chances of a phishing scam penetrating the network.
The truth is that a large majority of employees already understand and accept their employer’s right to monitor activity on devices owned by the company. But some employers don’t just want employees to tolerate policies—they’d like them to embrace them and maintain job satisfaction.
Believe it or not, employee monitoring is capable of fostering this kind of goodwill!
It’s made possible through an explanation of why the monitoring program is in place and what exactly it entails. For example, employees innately understand that they can’t see their co-workers’ human resource files because those aren’t out in the open and accessible with a simple note saying “Please only look at your own file.” Similarly, hard files with details like P&L, salary structure information, and other normally confidential information is generally kept under limited access. Employees understand this and why it’s important to company and employee confidentiality. Considering these typical business practices, employee monitoring to ensure that digital versions of these types of files are also well-secured isn’t a big additional leap. Employees understand that.
Employers that are proactive with communicating explanations of their monitoring policies maintain a much higher satisfaction level among their employees. Taking the time to communicate about employee monitoring heads off negative feelings, including the belief that such measures were put in place autocratically or that they infringe on personal privacy.
You can ease the process and appeal to employees by citing your sources. Explain why monitoring is necessary by using examples from the news of companies taking huge financial hits due to intellectual property loss. Thoroughly explain why monitoring is good for the bottom line—and, consequently, good for everyone’s job security.
When monitoring for security, also explain how privacy won’t be infringed. For example, banking websites can be excluded from monitoring when an organization is using the appropriate monitoring technology. If you go with that option, use it as part of your internal marketing of the monitoring program to show employees you have their best interests in mind, as well as the organization’s.
As you execute your communication plan with your employees, start first with a clear acceptable use policy that explains what is and what is not acceptable activity on company resources. As part of that policy, employers should explain that the employee will be monitored for compliance to the policy. Employees should get a copy of the policy and sign it as a part of the process. Employers can also reinforce communication with high-level statement pop-ups during each log-in that remind employees they are subject to acceptable use policies and are being monitored for compliance. Companies can also better train employees by instituting alerts when it appears they may be violating the policy.
In addition, it doesn’t hurt to use the right leaders and spokespeople when explaining why and how monitoring will be utilized. Where possible, personalize and humanize the communication so that employees understand that the monitoring is simply a part of minimizing risks and that the company values them personally and professionally.
Finally, don’t make employee participation in monitoring decisions an afterthought. The earlier you can get a group of representatives from your user base involved, the more genuine and transparent your communication efforts will be. That way when you’re announcing or presenting program details, you can involve them and they’ll become evangelists to their peers.
Employee monitoring can be deployed efficiently and effectively if the proper steps are taken. Employers shouldn’t let the fear of rejection stop them from doing what’s ultimately best for the company. A company’s data, its customer’s data, and even someone’s job could depend on it.
By Rob Williams, CMO, SpectorSoft
About SpectorSoft
SpectorSoft creates software that protects businesses and families by monitoring and reporting on computer and smartphone activity, providing customers with detailed, timely, and actionable activity information. Founded in 1998, SpectorSoft is headquartered in Vero Beach, Florida, with offices in West Palm Beach, FL, Park City, UT, and Surrey in the UK.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.