Monday, January 22, 2007
Employers increase at-work monitoring
Bob Weinstein's "Tech Watch" (printed in Monday Washington Times "Recruitment Times") column today as "Big Brother Is Watching You."
In fact, when I worked as a site rep for Univac in 1972 at Public Service Gas and Electric in downtown Newark, NJ, I wrote a utility to monitor the system log files and report on each employee's use of every system facility. In olden days, employers actually worried about how many compiles it took a programmer to get a program working (when we had punch cards and one-day turnarounds -- although even then Univac had good terminals for programmers).
Of course, today the term refers to monitoring employees email and Internet access for inappropriate personal use. In the early 1980s, when I worked for Chilton in Dallas, TX, the company warned us early that it audited our accounts for personal use on the Ahmdahl mainframe (at the time, personal computers at home were just coming into wide use -- I bought a TRS-80 in 1981). Even school homework was forbidden. "I you use company resources for any personal purpose at all, you will be terminated," a memo warned.
As Weinstein writes today, the biggest security threat for companies could be employees' visiting dangerous sites and inadvertently loading new malware on their work computers. It gets more complicated when you take a laptop home, but people have been fired when workers' kids have used company laptops without the parents' knowledge. It's even more complicated when you use your own computer (more common as people work at home as contract customer service agents for companies like Alpine).
Some companies solve the problem by limiting the kinds of access possible. When I worked for a debt collector in 2003, we dialed in to a Unix or VAX application and gave an IP address, but the network had no access to the Internet. Pretty safe.
Of course, the modern problem, already written about in previous blog entries, is the reputation incurred by employees with their own blogs or social networking profiles -- and the possibilities that these could indavertently compromise an employer's confidential information.
All of this needs to be kept in perspective. And it is a lot.