More employers track their employees' every digital move

Published 6 April 2010

More and more companies are more and more interested in what their employees are doing with their PCs, laptops, and smartphones while in the office; sophisticated tracking and monitoring solutions allow employers to monitor any information its employees post publicly on Facebook and Twitter, and read e-mails and instant messages (even those you typed but decided not to send)

Companies are increasingly starting to care about what their employees are doing with their PCs and laptops in the office — and many of the most stringent policies can be found at financial institutions. “There’s a very, very narrow category of internet Web sites our brokers can access,” Robert Bursky, independent general counsel for John Thomas Financial, a New York-based broker-dealer, told FINS’s Julie Steinberg. “Only certain, news-oriented Web sites are permitted.”

Other financial institutions differ on how strictly they limit Web access. Sources at Wells Fargo, Nomura, BofA, and HSBC told Steinberg that Youtube, Facebook, and Gmail are all off limits. Wells declined to comment, and Nomura and BofA did not respond to her requests to comment.

In order to make sure employees adhere to these rules and others, companies use technology like that provided by Portland, Oregon-based Smarsh, which offers online monitoring and archiving software. Stephen Marsh, the founder and CEO of the company, said that recently he has seen a new type of clientele: hedge funds. Over the past six months, two dozen hedge fund firms have contacted him about his services.

Steinberg writes that Smarsh’s products, like many others found on the market and offered by companies like SpecterSoft and London-based Mimecast, are highly advanced and can archive every mouse click and keystroke of employees.

Monitoring e-mail has been commonplace for years, but new tools are making it easier for employers keep an eye on everything employees do. Social Sentry, a service from Mountain View, California-based Teneros, allows a company to monitor any information its employees post publicly on Facebook and Twitter — for just $2 to $8 per employee — regardless of whether they do it at work or at home.

According to a 2009 survey conducted by ePolicy Institute, an organization that provides information on electronic communications policies, and the American Management Association, 61 percent of businesses have implemented social networking policies. The percent of companies with policies banning all blog use on company time have increased from 5 percent in 2006 to 25 percent in 2009. Steinberg notes that it is not just your favorite blog that posts embarrassing celebrity photos: 41 percent of companies have policies dictating what can be discussed on sites like LinkedIn, for example.

Use of social networking sites has surged in recent years, but employers are also responding to increases in usage of other forms of online communication. For instance, workplace instant message use has increased to 42 percent of employees in 2009 from 35 percent in 2006. While a quick “let’s get lunch” will not trigger any corporate alarm bells, at-work e-mail conversations often veer into dangerous territory. For example, in the same survey, 89 percent of employees admitted to “using the office system to send jokes, gossip, rumors, or disparaging remarks to outsiders.”

It is thus no surprise that employers are adopting new technologies to go along with their stricter policies. Companies have found ways to monitor e-mails you haven’t even sent, said Tory Johnson, CEO of Women For Hire, a recruitment-services company devoted to women. “Anything you type can be tracked — even if you ultimately delete it. Keystroke loggers track it all — what you press, not just what you send.” Companies can take screenshots of Web sites visited, see how long you have spent on a site, and, in era of instant communication, can even retrieve text messages from your personal phones, according to Johnson.

Even if you leave the company, this is not the end. One computer forensics company, Silicon Valley-based Digital Mountain, is routinely called in to examine employees’ e-mails after they have left the company. New York-based Global Digital Forensics examines the company’s servers to see whether employees have left anything there that should not be there.