The statistics can be frightening. According to IDC, 30 percent to 40 percent of Internet activity at work isn’t work related. Just in case there’s any real question about what the nonwork activity is about, consider this: SexTracker reports that 70 percent of Internet pornography views occur during the nine-to-five workday.
There are various reasons for businesses to restrict nonbusiness Internet use, ranging from productivity concerns to workplace-liability issues. So businesses are working to place limits on how their employees use the Internet.
The American Management Association says that more than three quarters of U.S. businesses monitor their employees’ Internet use, phone calls, correspondence, and activity. Sixty-three percent monitor employee Internet connections and 47 percent store employee e-mail for review by IT staff. For most companies, the question isn’t whether to monitor employee activity, but how to implement monitoring.
Courts have repeatedly ruled that companies have the right to monitor employee activities while they’re at work. Many companies reinforce this with plain wording in the employee handbook. If new employees are explicitly told that they’ll be watched, there is less room for legal challenge after the fact. The threat of monitoring will have some effect on employee behavior, but to be most effective, you must actually check activity on a regular basis.
A bigger question for most organizations is precisely what to monitor. Many companies have found that establishing alerts based on keywords or particular behavior patterns is the most cost-effective way to monitor activity. When an employee types a word or address that has been flagged as suspicious, the IT staff is alerted and full-scale monitoring may begin.
Using full-time, human monitoring of every employee's activities is simply too expensive. The combination of constant keyword and activity alerts with all-activity monitoring when warranted makes for a cost-effective way to minimize exposure to Internet misuse.