Connect with us

Hi, what are you looking for?


Data Protection

Note to Enterprises: It’s OK to Monitor Computer Activities

It’s OK to Monitor Computer Activities; Employees Accept It, Security and Productivity Require It

It’s OK to Monitor Computer Activities; Employees Accept It, Security and Productivity Require It

Privacy advocates and security experts have long argued over whether employee computer-activity monitoring is an infringement of employees’ rights or a necessary solution to ensure the security of data and the productivity of workers. Regardless of which side of the debate you are on, it is difficult to argue against the fact that in today’s world organizations need to deploy at least some level of activity monitoring to protect themselves against the insider threat, other cyber risks and productivity loss. Without monitoring, it is far too easy for a malicious insider to steal IP or commit fraud, or for workers to visit unapproved and dangerous websites.

Until recently, there have been many barriers to employee computer activity monitoring. In addition to not knowing where to start when it comes to effective monitoring, security and risk professionals have always had a level of implied restraint placed on them due to privacy issues. Fortunately, there are solutions to both problems, one in the form of tangible technologies and the other in shifting employee attitudes towards computer monitoring.

Monitoring Becoming More Accepted

I frequently learn of customers and prospects that recognize the value of monitoring but move forward with trepidation due to privacy concerns. I understand that their worries are valid but also recognize that they are interested in what we provide because they have security and productivity problems that only monitoring can solve.

One key to resolving this dilemma is for them to ensure that their organizations have clear acceptable use policies in place, and that you disclose to employees that the organization has both the right, and the ability, to monitor use of corporate computers. You do not need to disclose the means you use to do so, since disclosing the means can lead to attempts to evade, but by all means tell your employees what they can expect in terms of privacy up front.

We have always demonstrated to this particular group that monitoring — done right — is both legal and ethical, but to shed some light on what the people being monitored think, we conducted a survey. The results show that monitoring is growing in acceptance — even among the monitored.

My company surveyed 300 U.S.-based full-time employees to understand how they felt about having their computer activities monitored by their employers. Ninety-one percent of respondents said they expect, accept and in some cases welcome having their computer activities monitored by their employers. Moreover, of the 49 percent of respondents whose employers actually had monitoring in place, only 9 percent were actually “mad” that their employers monitored their activities.

Advertisement. Scroll to continue reading.

Choosing the Right Monitoring Solution

With the privacy issue now squarely behind us, it is time to focus on monitoring itself. While there are many security solutions on the market that provide a piece of the puzzle in protecting the corporate network from data loss, such as DLP, SIEM, firewalls, secure email gateways and more, none of these “traditional” technologies focus on the biggest security wild card — the human factor. While they do a great job of recording network security events and stopping malicious incoming traffic, they cannot provide the level of deep granularity needed to truly understand what employees are doing on their work computers and devices or to provide the alerts needed to reduce the impact of a potential insider attack.

Effective monitoring fills the gaps that traditional technologies are not designed to bridge. The aforementioned technologies and a host of others cannot be configured to capture, report and alert on every key stroke, all of the various online communications, applications accessed, and files dragged and dropped to the public cloud. While such solutions can provide a great deal of after-the-fact forensic information, they cannot provide video-like recording and playback of everything a malicious insider does while logged onto the corporate network. All the above features are needed in the fight against insider threats, data theft and fraud.

Moving Forward

Now that we have covered the bases on intangible privacy concerns and actual solutions options, it is time organizations to move forward with finding and deploying effective monitoring solutions. There are many on the market, and most are doing a good job at providing at least some level of protection. As you evaluate technologies and brands, there are at least a few things you should keep in mind:

• Make sure the company is proven through longevity and major customer deployments

• Find a solution that allows you to record all computer activity and continually scan for threats

• Make sure it will alert you to threats and provide activity details

• Choose one that provides easy-to-interpret video-style recordings with user details

• Get one that supports Windows and Mac

• Look for solutions that incorporate privacy protections – security and privacy are a balancing act. There are solutions that don’t tip the scales too far to one side at the expense of the other.

Written By

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.