Monitoring employee behaviour in digital environments is rising with 60% of corporations expected to implement external social media monitoring programs by 2015, according to Gartner.
Although many organisations engage in social media monitoring, less than 10% currently use these same techniques as part of their security monitoring program, said the analyst firm.
Andrew Walls, research VP at Gartner, said: “The growth in monitoring employee behaviour in digital environments is increasingly enabled by new technology and services. Surveillance of individuals, however, can both mitigate and create risk, which must be managed carefully to comply with ethical and legal standards.”
According to the firm, traditional monitoring if internal infrastructure is inadequate for guiding decisions regarding the security of enterprise information and work processes due to the impact of IT consumerisation, cloud services and social media.
Walls explained that security monitoring must focus on employee actions and behaviour wherever the employees pursue business-related interactions on digital systems. The popularity of consumer cloud services, such as Facebook, YouTube and LinkedIn, provides new targets for security monitoring but surveillance of user activity in these services generates additional ethical and legal risks, said the firm.
Walls added: “The conflicts involved were highlighted through recent examples of a small number of organisations requesting Facebook login information from job candidates. Although that particular practice will gradually fade, employers will continue to pursue greater visibility of social media conversations held by employees, customers and the general public when the topics are of interest to the corporation.”
Services such as social media monitoring have emerged to support these actions and security organisations are beginning to see value in the capture and analysis of social media content to detect potential threats – either physical or attacks by hacktivists.
Walls concludes: “The problem lies in the ability of surveillance tools and methods to produce large volumes of irrelevant information. This personal information can be exposed accidentally or become the target of voyeuristic behaviour by security staff.”