Firms expected to cyberstalk for security

Firms expected to cyberstalk for security

Summary: Employers are beginning to monitor social media, not just to safeguard their brand, but also to maintain security, according to research from Gartner.

SHARE:

Employers are beginning to monitor social media, not just to safeguard their brand, but also to maintain security, according to research from Gartner.

(THINK before you image by ToGa Wanderings, CC BY 2.0)

The research and advisory organisation recently published a report into conducting digital surveillance ethically and legally, and found that 60 per cent of corporations will be monitoring social media channels for security breaches and incidents by 2015. At the moment, Gartner reports that less than 10 per cent of organisations are doing so.

"Security monitoring and surveillance must follow enterprise information assets and work processes into whichever technical environments are used by employees to execute work," said Gartner research vice president Andrew Walls.

"Given that employees with legitimate access to enterprise information assets are involved in most security violations, security monitoring must focus on employee actions and behaviour wherever the employees pursue business-related interactions on digital systems. In other words, the development of effective security intelligence and control depends on the ability to capture and analyse user actions that take place inside and outside of the enterprise IT environment."

Gartner reports that tapping into social media channels could allow organisations to identify physical threats to facilities and personnel, or threats by hacktivists, allowing them to adapt their security posture to minimise any negative impacts.

The Australian Federal Police (AFP) has already been using a contracted third party to conduct open-source intelligence activities, which includes trawling through publicly available information on social media sites for threat information, but it is a relatively new activity for corporations.

Walls warns that if employers opt to monitor their employees, they should be aware that although there are security benefits, there's also a swathe of issues surrounding privacy.

"Surveillance of individuals ... can both mitigate and create risk, which must be managed carefully to comply with ethical and legal standards," Walls said.

Even the accusation of spying on business emails has drawn the ire of user groups, such as the Systems Administrators Guild of Australia, which defended claims that almost half of all IT email administrators and IT managers are spying on employees.

Gartner further warned against organisations overstepping their bounds and covertly monitoring staff. While it may produce hard evidence of inappropriate or illegal behaviours, it might also violate privacy laws, and surveillance activities may be seen as a violation of policies or cultural expectations.

Topics: Security, Government AU, Privacy

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion