Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Note to Enterprises: It’s OK to Monitor Computer Activities

It’s OK to Monitor Computer Activities; Employees Accept It, Security and Productivity Require It

It’s OK to Monitor Computer Activities; Employees Accept It, Security and Productivity Require It

Privacy advocates and security experts have long argued over whether employee computer-activity monitoring is an infringement of employees’ rights or a necessary solution to ensure the security of data and the productivity of workers. Regardless of which side of the debate you are on, it is difficult to argue against the fact that in today’s world organizations need to deploy at least some level of activity monitoring to protect themselves against the insider threat, other cyber risks and productivity loss. Without monitoring, it is far too easy for a malicious insider to steal IP or commit fraud, or for workers to visit unapproved and dangerous websites.

Until recently, there have been many barriers to employee computer activity monitoring. In addition to not knowing where to start when it comes to effective monitoring, security and risk professionals have always had a level of implied restraint placed on them due to privacy issues. Fortunately, there are solutions to both problems, one in the form of tangible technologies and the other in shifting employee attitudes towards computer monitoring.

Monitoring Becoming More Accepted

I frequently learn of customers and prospects that recognize the value of monitoring but move forward with trepidation due to privacy concerns. I understand that their worries are valid but also recognize that they are interested in what we provide because they have security and productivity problems that only monitoring can solve.

One key to resolving this dilemma is for them to ensure that their organizations have clear acceptable use policies in place, and that you disclose to employees that the organization has both the right, and the ability, to monitor use of corporate computers. You do not need to disclose the means you use to do so, since disclosing the means can lead to attempts to evade, but by all means tell your employees what they can expect in terms of privacy up front.

We have always demonstrated to this particular group that monitoring — done right — is both legal and ethical, but to shed some light on what the people being monitored think, we conducted a survey. The results show that monitoring is growing in acceptance — even among the monitored.

Advertisement. Scroll to continue reading.

My company surveyed 300 U.S.-based full-time employees to understand how they felt about having their computer activities monitored by their employers. Ninety-one percent of respondents said they expect, accept and in some cases welcome having their computer activities monitored by their employers. Moreover, of the 49 percent of respondents whose employers actually had monitoring in place, only 9 percent were actually “mad” that their employers monitored their activities.

Choosing the Right Monitoring Solution

With the privacy issue now squarely behind us, it is time to focus on monitoring itself. While there are many security solutions on the market that provide a piece of the puzzle in protecting the corporate network from data loss, such as DLP, SIEM, firewalls, secure email gateways and more, none of these “traditional” technologies focus on the biggest security wild card — the human factor. While they do a great job of recording network security events and stopping malicious incoming traffic, they cannot provide the level of deep granularity needed to truly understand what employees are doing on their work computers and devices or to provide the alerts needed to reduce the impact of a potential insider attack.

Effective monitoring fills the gaps that traditional technologies are not designed to bridge. The aforementioned technologies and a host of others cannot be configured to capture, report and alert on every key stroke, all of the various online communications, applications accessed, and files dragged and dropped to the public cloud. While such solutions can provide a great deal of after-the-fact forensic information, they cannot provide video-like recording and playback of everything a malicious insider does while logged onto the corporate network. All the above features are needed in the fight against insider threats, data theft and fraud.

Moving Forward

Now that we have covered the bases on intangible privacy concerns and actual solutions options, it is time organizations to move forward with finding and deploying effective monitoring solutions. There are many on the market, and most are doing a good job at providing at least some level of protection. As you evaluate technologies and brands, there are at least a few things you should keep in mind:

• Make sure the company is proven through longevity and major customer deployments

• Find a solution that allows you to record all computer activity and continually scan for threats

• Make sure it will alert you to threats and provide activity details

• Choose one that provides easy-to-interpret video-style recordings with user details

• Get one that supports Windows and Mac

• Look for solutions that incorporate privacy protections – security and privacy are a balancing act. There are solutions that don’t tip the scales too far to one side at the expense of the other.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...