Spying On Social Networking On The Rise

Spying On Social Networking On The Rise

Blanket bans on social networking in the workplace are stupid, but even workplaces which encourage the use of Twitter or Facebook worry about what their employees are getting up to. Presumably that explains why we’re going to see a rise in the monitoring of social networking tools by IT security departments.

Picture by jmcar.net

According to Gartner, while just 10 per cent of organisations currently monitor social media for potential security breaches, that figure is expected to rise to 60 per cent by 2015. This is a quite distinct activity to monitoring social media for consumer reactions, a role usually performed by marketing departments. However, it creates additional challenges, as Gartner analyst Andrew Walls points out:

There are times when the information available can assist in risk mitigation for an organisation, such as employees posting videos of inappropriate activities within corporate facilities. However, there are other times when accessing the information can generate serious liabilities, such as a manager reviewing an employee’s Facebook profile to determine the employee’s religion or sexual orientation in violation of equal employment opportunity and privacy regulations . . . The problem lies in the ability of surveillance tools and methods to produce large volumes of irrelevant information. This personal information can be exposed accidentally or become the target of voyeuristic behaviour by security staff.

Do you always assume that what you do on a social network while at work might be monitored? Or do you stick to using your phone? Tell us in the comments.


  • Why is it bad to ban the use of social networking at work? Aren’t we supposed to be working while we’re at work?

    Anyway if someone is so desperate they can always use their smartphone, just as they do with private calls, SMS and email.

  • Nothing worse then some customer service rep saying just a minute , i gotta finish updating my status. I laugh at people when they get fired for using Facebook, serves ya right for wasting your employers time. If you don’t like it then start your own company and do what you want.

  • Depends what kind of monitoring.

    Type A: packet-sniffing traffic going through the work network. You can bypass basic methods by just using https, but they can always escalate – using a MITM or just monitoring what’s visible on your screen. It’s questionable but you can avoid it by using facebook on your phone instead.

    Type B: Directly monitoring profiles. The staff members have their accounts identified and followed by a company keeping an eye out for leaking data. If you lock down your profile, they will try to friend you to get in (or one of your friends for friend-of-friend access). They’ll check everything you post inside and outside work, and will automatically store everything for later. They’ll build a psychological profile on you that includes a risk assessment entirely from how you use facebook, and be able to immediately pull down a list of anything you’ve done lately that could be ‘interesting’. And your manager will have a nice dashboard for looking at all this.

    It might violate the terms and conditions of the sites, but there’s no technical reason type B monitoring can’t be mostly automated for a reasonable price…and it’s only a matter of time before it’s available.

Show more comments

Log in to comment on this story!