Worried your boss is spying on you on Twitter and Facebook? You probably should be, as companies are planning to plan to step up routine monitoring of employees via social networks.
By 2015 almost two thirds of companies (60 per cent), will monitor what staff say on social media sites for posts that leak sensitive information or could otherwise damage the company, according to research by Gartner. Today, fewer than 10 per cent of businesses have implemented such surveillance programs.
Organisations will need to monitor what staff do online outside of work, the report Conduct Digital Surveillance Ethically and Legally said, because of the way that technology is blurring the line between workplace and personal activity, with people using the same social media accounts to talk to friends and colleagues inside and outside of work.
"Given that employees with legitimate access to enterprise information assets are involved in most security violations, security monitoring must focus on employee actions and behaviour wherever the employees pursue business-related interactions on digital systems," said Andrew Walls, research VP at Gartner.
"The development of effective security intelligence and control depends on the ability to capture and analyse user actions that take place inside and outside of the enterprise IT environment."
The most common approach that companies take when monitoring what employees say on social networks is "continuous monitoring", the report said, due to the high volume of data and the speed with which the data changes.
However, when companies monitor employee behaviour there is danger that managers will abuse information available through social networks and act in a way that breaks employment regulations, the report said.
"Multiple Gartner clients have indicated that managers have been caught using public social media to determine that an employee or job candidate is pregnant, is ill, is a member of a religious group or has a particular sexual orientation," the report said.
Walls referred to a recent case where a US employee was told to give their employer their Facebook log-in details, saying it highlighted the need for businesses to tread carefully when monitoring employees if they want to avoid violating employee privacy.
The report recommends various steps for companies to take when drawing up monitoring and surveillance plans, including: limiting data that is collected, restricting access to that data, seeking advice from legal counsel, HR professionals and senior management and being mindful of differing employment and privacy laws worldwide.
Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.