What is Employee Monitoring? In broad terms, employee monitoring is watching the activity of an individual on the job. In earlier days, this might have been limited to a surveillance camera trained on the retail or shop floor. Today, the industry has grown to include devices such as smart badges and employee monitoring software.
Employee monitoring software (sometimes referred to as user activity monitoring or data loss prevention software) refers to the use of software to watch the online activities of employees. And this industry is seeing significant growth.
In this guide, we’ll review:
- The capabilities and features of employee monitoring software
- Statistics on the growth of this industry
- The three main factors driving industry growth
Features of Employee Monitoring Software
Broadly speaking, employee monitoring software gives organizations the ability to:
- Analyze user behavior to determine a baseline of expected or normal activities with an eye toward detecting anomalies or deviations from normal patterns.
- Create and send alerts based on activity such as access of sensitive data, download of data, or a visit to a prohibited website.
- Capture visual evidence (for live viewing or playback) to serve as an audit trail or for use in after-action follow up.
To deliver these capabilities, typical employee monitoring software includes features such as:
- Activity analysis: classify website and applications as productive vs. unproductive to analyze use and track active vs. idle time
- Smart rules and alerts: configure rules and alerts to notify, block, redirect, log out, or lock-out a user depending on the severity of the action
- Live views: see a real-time view of activity on a user’s desktop
- Recorded playback: capture and archive keystrokes and actions taken within applications
- Monitoring: track actions across email, website, applications (whitelist and blacklist applications), and text/instant messaging
- Keystroke logging: track, capture, record and log all keyboard activity by a user
- File transfer tracking: receive notifications of file upload to cloud storage or download to mobile storage devices
- Remote control: override manual inputs by a user to prevent sensitive data from being altered and data breaches from occurring; use remote control as a training aid between dispersed offices.
Employee monitoring software packages typically provide both on-premise and cloud installation options.
Top Posts in Data Security
- How Often Do Data Breaches Occur? [Infographic]
- 6 Impactful 2017 Email Phishing Campaigns, so far
- Dangers of Public (wifi) Insiders
- How to Manage Third-Party Cyber Risks
Employee Monitoring Is On the Rise
An American Management Association survey found that nearly 80% of major companies now monitor employees’ use of e-mail, Internet, or phone. This figure represents a sharp rise from 1997 when only 35% percent of companies monitored employees.
When looking at monitoring in the context of online activity specifically, a 2017 Crowd Research Partners survey of 472 cyber security professionals reported the following:
- The use of user behavior monitoring is accelerating; 94% of organizations deploy some method of monitoring users (compared to 42% the previous year) and 93% monitor access to sensitive data.
- Respondents said that they leverage user activity monitoring (UAM) (44%) as their top solution to manage user behavior within core applications.
The Trends Behind the Rise in Monitoring
The rise of the employee monitoring software industry is being driven by three main trends.
Proving Compliance to Meet Regulations
Organizations who must comply with regulations (for example, SOX, HIPAA, FISMA) or report activities for audit purposes turn to employee monitoring software to aid during compliance audit.
A compliance audit looks to prove adherence to regulatory guidelines and to ensure that organizations have sufficient oversight systems in place in the event of a data breach or fraud case. Employee monitoring software – with its ability to capture, replay, and retain screen snapshots – allows organizations to trace online activity, obtain documentation for evidentiary purposes, and hold users accountable for any illegal activity.
The software can also allow administrators to intervene and stop a data breach in progress. Keystroke monitoring for privileged users and external vendors can be a crucial step towards meeting compliance standards and regulations.
Sample Scenario: A large hospital must ensure the security of protected health information (PHI) as part of HIPAA compliance. HIPAA rules mandate the use of hardware, software, and/or procedures to record and examine activity within systems that contain or use PHI. When June, a human resources assistant at the hospital, is detected accessing PHI (an activity not in her job profile), her supervisor receives an immediate notification and can intervene. By capturing the screen recordings of June’s activity, the hospital can prove HIPAA compliance and respond quickly in the event of an audit.
Ensuring Productivity in a Remote and Gig Workforce
The rise of the remote workforce and the so-called gig economy (an environment in which temporary positions are common and organizations contract with independent workers for short-term engagements) has brought increased focus on the need to monitor output and ensure productivity amongst a dispersed workforce. Gone are the days of a manager being able to monitor activity by walking around.
Recent Gallup surveys found that 43% of Americans did some or all of their work from home in 2016 compared to 39% in 2012. In the same time period, the amount of people who only worked remotely jumped from 15% to 20%.
Organizations are turning to employee monitoring software to get indicators on attendance, break duration, applications used, and time spent actively working on current tasks. The data helps paint a picture of typical user behavior which, in turn, can be used to highlight instances of atypical behavior.
Many organizations look to employee monitoring software to give them key insights into team productivity and performance, such as:
- Employee time spent in applications designated as productive vs nonproductive
- Software features or workflows that may be hampering productivity and may signal a need for more training or process streamlining
- Customer service quality as measured by reviewing email and chat Interactions with customers
When using employee monitoring software to assess productivity, the ability to customize activities by user group is crucially important. An application that is classified as productive for one role may be considered unproductive for another. For example, a social media manager spending all of his time on Facebook and Twitter is productive work that is central to the job function. A sales manager spending many hours a day on Facebook and Twitter is probably an example of unproductive activity and should result in an alert.
Sample Scenario: In the course of a typical day, Bill – a customer service representative – sends 25 emails and is active in the support portal for 6 hours per day. Over the course of recent weeks, his supervisor notices that the average emails sent has dropped to 5 emails per day and the in-portal activity has dropped to 2 hours per day. His supervisor schedules a meeting to discuss the productivity findings and determine a cause and resolution.
Protecting Against Insider Threats
Company insiders – employees, vendors, partners – can pose a threat to sensitive data, intellectual property, and corporate infrastructure. Insider threats can be classified into two main types: those with malicious intent who want to ‘get back’ at the institution and those with negligent intent who are duped.
Verizon’s 2017 Data Breach Investigations Report found that internal actors were behind 25% of the breaches studied in the report. This classification covers both negligent insiders and those with malicious intent (including privilege misuse). Another 2% were attributed to partners – another type of insider.
End users choose convenience. The need for speed and the mandate to increase productivity results in dangerous workarounds. A 2017 report that surveyed over 1,000 workers found that:
Conventional security techniques are typically focused on the perimeter, so they fail to identify insider threats or attacks in progress within the network. Organizations are turning to employee monitoring software to protect against insider threat through visibility into online activity across critical IT systems.
By creating a baseline and understanding normal activity patterns around emails, instant messages, file transfers, and USB use, employee monitoring software pinpoints anomalies within computer usage patterns and identifies insider leaks and data compromises. The software also delivers proactive support by blocking potentially threatening activities from occurring.
Sample Scenario: Sally is a software tester who does not access customer data in order to perform her job tasks. However, employee monitoring software has detected her downloading large amounts of customer data one day. The monitoring software sends an alert to an administrator, who immediately intervenes via remote desktop control to halt the download. Corporate counsel can then review the activity for evidentiary purposes.
Top Posts in Insider Threats
- Employee Bypass! How Insiders are Getting Around Security Protocols
- Businesses Grow More Vulnerable to Insider Threats
- How Insiders Drive Darknet Data Demand
- How to Increase Cyber Security Efforts Without Hiring Additional Personnel
Employee privacy is a topic that is typically addressed during the planning and initial implementation of employee monitoring software by determining who and what activities will be monitored and when organizations will monitor. The prevalence of global workforces and the upcoming EU General Data Protection Regulation (GDPR) means that organizations should ensure monitoring activities are in accordance with relevant privacy laws.
Many employee monitoring software products provide organizations with options to address privacy concerns, such as the ability to make apparent or hide the presence of the monitoring agent; to record only business applications, and to disable recording for specific websites and applications.
To learn more about what employee monitoring software can deliver to your organization – and find out why Teramind was voted the best in employee monitoring by PC Magazine UK – check out The Best Employee Monitoring Software of 2017.