When employees are being monitored in the workplace, transparency needs to be provided so that coherence and consistency are both maintained as part of the company. With newer forms of technology now being accessible to individuals, monitoring of employees also becomes crucial with companies having the objectives of maintaining security within the company. Andrew Walls who is the managing Vice President at Gartner explained as being the conference chairman of the Gartner Security and Risk Management Summit that monitoring and receiving feedback is important when employees are being overseen along with maintaining transparency when doing so.
Despite the negative opinion which people seem to have against monitoring of employees, it does have some value attached to it. Most of the time, phone calls, actions through endpoint and/or video and location/motion tracking are the type which take place. The company predicts that by 2018, those companies which engage in the monitoring of their employees will be able to experience a 50% increase in the employee security performance compared to companies which do not engage in such monitoring. The reasons behind which monitoring occurs at companies includes performance which is usually the primary objective, reputation with regard to the behavior of employees on social media in particular, security to check for any breaches in security and discovery and curiosity to be able to find newer ways through which productivity can be achieved.
Despite the value attached to this, how ethical can all of this really be? The answer to this is dependent upon the jurisdiction you are in because there are things which can be done in one country which may not be allowed in another.
As part of any company, security teams and executive stake holders are the ones who develop business cases for monitoring to take place within the company and it is important that they be aligned in their decisions so they can have a strong ethical base for taking any desired action. With respect to matters of monitoring and security, the following 6 questions need to be answered by everyone:
- What is the purpose for which undocumented personal knowledge is being sought?
- Is the purpose for doing so an important one or one which is legitimate?
- Is the knowledge which is being gained through these means justifying the method being used?
- What are the restrictions or any restraints placed on these privacy invading techniques?
- Once the personal knowledge has been acquired, what will be done to ensure that it stays protected?
- Is invading privacy the only way or the least offensive way of obtaining this knowledge?
IT and security leaders need to take a stand and need to see whether ethics matter to them because the ethical framework being used by companies is often looked into. When engaging in employee monitoring, transparency is of utmost importance so that everyone is aware of what is going on. A business should be built which identifies the costs, the benefits, the risks as well as potential problems and for it to be successful; it needs to have a clear and consistent form of governance.