It’s a paradox older than hieroglyphics: Organizations want to give employees the best tools for communicating with each other and the outside world, but they are afraid—sometimes with good reason—that people will abuse them.

Today, companies are struggling to balance the Web’s capabilities with some of its very real and public downsides:

  • In 1995, Chevron Corp . paid $2.2 million to settle a suit in which four women claimed they were sexually harassed through the company’s e-mail system.
  • Last year, International Microcomputer Software agreed to pay a former employee $105,000 after she received sexually harassing messages on the firm’s electronic bulletin board, even though the company reported the incident to authorities and launched an internal investigation.
  • Neilson Media Research, Inc. found that employees at three large international companies together visited Penthouse magazine’s Web site almost 13,000 times in a single month in 1996, consuming the equivalent of close to 350 eight-hour days.

In this article, we’ll take a look at the balance companies try to strike when monitoring Internet and e-mail use, and why companies feel the need to do so.
Fearful of lawsuits and the loss of trade secrets, employers are now taking a more systematic approach to monitoring employees’ e-mail and Web-surfing habits. According to the American Management Association , 38 percent of corporate e-mail managers already use monitoring software either regularly or for spot checks. That percentage is growing annually.

Control of trade secrets and other intellectual property represents a major part of the conversation companies are having with their employees. According to a survey by NFO Interactive , a consumer research firm, more than one out of four employees (27 percent) surveyed have accidentally received confidential company data.

That figure has nearly tripled from when the first study was conducted one year ago. Elron Software , which markets Internet Manager, a popular tool in the Internet content management space, commissioned the study.
Anarchy or police state?
While high-tech companies want to recruit Net-savvy workers, those employees who bring their own bookmarks and favorites lists will rebel if they are confronted by heavy-handed filtering and monitoring. On the other hand, some companies, such as insurance firms and government agencies, are bound by regulation to have a somewhat oppressive level of monitoring.

According to analyst Bill Gassman, at Stamford, CN-based Gartner Group, Inc., high-tech companies tend to accept a state closer to anarchy than do brick-and-mortar firms that have recently given their employees access to the Internet. Between the extremes of anarchy and draconian corporate rules, Gassman believes, a reasonable policy can evolve.

“Web filtering, for example, is generally accepted in a corporate setting to restrict access to pornographic and gambling sites,” he said. “But a certain amount of personal Web use is acceptable.”

Monitoring begs the most difficult question: How can your company enforce its policy? What should happen when abuses are uncovered?

Gassman believes that IT security departments are poorly equipped to be disciplinarians.

“Correcting individual employees should be done on the managerial level,” he said. “The first step is a written policy that lays out what is and is not acceptable. The second step is to involve the HR department in the disciplinary process. Then if there are gross violations, they should be dealt with by the individual’s manager.”

  1. Regulatory requirements force some security firms to scan all communications between brokers and customers.
  2. Spam can clog mail servers.
  3. If spammers use your servers as relay points for “spoofing” (masking where spam originates), downstream message recipients, who can prove you did nothing to remedy the problem, may sue for damages.
  4. Healthcare and law enforcement agencies want to keep confidential information from unauthorized people.
  5. Employers may have concerns about employees using e-mail to send pornography or other inappropriate materials.

Are there other reasons why companies should monitor their employees’ use of the Internet? Are there better reasons why they shouldn’t? Post a comment below or send us an e-mail.