Monitoring employees online: How much is too much?

Technology allows employers to track what their employees do online, but how much is too much?

The Washington Post reports that some federal agencies are using tracking technology so sophisticated it can record “every activity, in complete detail,” according to the website of SpectorSoft, maker of some of the most popular tracking products.

While federal agencies warn employees that they have “no reasonable expectation of privacy,” as stated in a banner that employees see every time they log onto a government-owned system, privacy advocates argue that the government’s legitimate interest in watching for disclosure of classified information or other harmful activity falls somewhere short of being able to reconstruct every keystroke.

A chief concern: The same technology that allows managers to guard against compromises of security could also be used to identify and punish whistleblowers – something for which the Food and Drug Administration is already being sued.

The software available can go far beyond e-mail monitoring, writes Lisa Rein in the Post. " It could be programmed to intercept a tweet or Facebook post. It could snap screen shots of their computers. It could even track an employee’s keystrokes, retrieve files from hard drives or search for keywords."

but should that trouble federal employees? After all, they know that everything they do on government equipment is subject to scrutiny.

“It’s long been known that employees give up some privacy on computer use whether working for government or the private industry,” author and consultant Judy Welles told FCW.

Welles, a former FCW columnist and author of a book for federal employees called “Get a Life, Try This,” said most federal employees are responsible and careful about how they use federal equipment.  “Still, some of the new [monitoring] products may be overly intrusive and can raise a specter of micro-management, causing employees to communicate less and feel they are not trusted,” she said. “The result can be lower morale and less effective workforce.”

There’s another complicating factor involved, said Mary Lamb, chief operating officer at Suss Consulting: The bring-your-own-device phenomenon. BYOD, and other changes to working habits such as telework, mean that agencies might have less control over data, regardless of how they monitor employee activity.

“In any large organization, you have policies and procedures in place for the use of [the employer’s] equipment. When you sign up, you’re aware of that,” she said. “How we work is changing, and given that folks are aware of the policies and procedures, you have to trust that when they bring their own device, they’re going to adhere to whatever policies and procedures” are in place.

It’s precisely that level of trust, though, that appears to be missing at many agencies. Tom Clare, senior director of product marketing for San Diego-based Websense, told the Post that as a general rule, agencies treat any device that accesses government information as a government device for the purposes of monitoring, even if it’s the employee’s personal property.

About the Author

Technology journalist Michael Hardy is a former FCW editor.

Cyber. Covered.

Government Cyber Insider tracks the technologies, policies, threats and emerging solutions that shape the cybersecurity landscape.


Reader comments

Wed, Feb 13, 2013 Aliasgar Babat

Great post regarding employee monitoring. By making use of employee monitoring software’s or having on premise remote support appliance installed such as RHUB appliances, companies can remotely monitor the PC from anywhere while the computer users cannot see and delete the remote session.

Tue, Nov 6, 2012 Deejay

Employers may have the right to monitor employees but they must not do it in excess. There should be a limit into which extent should they be able to monitor their employees. We cannot deplete the fact that there's a possibility of employees doing non-work related activities during working hours. Here's a clear picture of that - But if employers do think that there's a need for monitoring, then they should at least inform their employees about it. Just my honest opinion...

Wed, Aug 22, 2012

Keep BYOD away from me and my agency, don't want it, don't want the intrution, and don't want the hassels. I have no plan to participate in that. Provide me a government smart phone and laptop and I am good to go. Private and government should NEVER share the same space!

Wed, Aug 22, 2012

BYOD is not a right, it's a privilege. BYOD comes with rules of the road. It is the government's responsibility to protect data, therefore it is reasonable that when BYOD is allowed there are ways to protect data. BYOD presents a real risk to the federal government which should be carefully evaluated. It's impossible to retrieve informaiton once it has been posted, lost or misplaced.

Tue, Aug 21, 2012

Is the level of monitoring so fine that I might get in trouble because I took the time to read this article and post a comment? Yikes!

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group