Employees Still Seem to Believe They Have Unmitigated Privacy in the Workplace
Even when employees sign technology usage agreements or data security policies, they still seem to operate under the impression that they have unlimited privacy when using their computer. Employees somehow seem to believe in a number of workplace privacy myths, as much as IT managers remind them otherwise.
As IT leaders work double-time to manage and track usage for computers, laptops, smartphones, tablets and BYODs, they find that they all-too-often need to gently remind—or sternly warn, depending on the nature and frequency of the infraction—employees about agreed-upon policies regarding improper usage of their devices.
With an ever-increasing number of employees working from remote locations, increasingly blurring the lines between the personal and the private, it is more important than ever for IT managers to step up data security efforts.
Why Is It So Important to Implement Non-Mythical Data Security Policies?
Above all else, businesses have the right to require employees to abide by data security policies that they set forth. The HR Examiner cites the various exceptions to the Electronic Communications Privacy Act of 1986 as legitimate reasons for employers to monitor telephone, computer and email use to prevent data breaches or losses.
Basically, if the employer owns the hardware or the system, or both, the employer is allowed to monitor the use of it. Add to the fact that, under most data security policies, employees give permission for them to do so, employers are well within their rights to monitor communications and technology behaviors.
Employers have an obligation to themselves, their employees and customers, and all stakeholders and third-parties to protect their data. Many times, improper usage opens the floodgates to threats.
According to the Claims Journal, the main cause of data breaches is, time and again, human error, including employee negligence.
The Top 7 Myths About Workplace Privacy
The American Management Association (AMA) reports that more than one-fourth of employers have fired workers for misuse of email and nearly one-third have let employees go for improper Internet usage, which shows how dedicated employees seem to be about holding onto the myth of workplace privacy.
Let’s take a look at the top 5 myths about workplace privacy that your own employees often believe:
1. “As Long as I Use My Private Email Account, the IT Department Can’t Read the Contents of My Messages”
Anyone who has used their laptop over public Wi-Fi has probably seen the message alerting them that “Your connection is not private,” so it is strange that employees wouldn’t at least wonder since they are using the company’s Internet provider. Besides, the typical data security policy likely places this information close to the beginning of the agreement, stating something along the lines of “You have no expectation of privacy and all communication systems, including all computer hardware, software, voicemail, the network, all stored data and all real-time data are the property of the company.”
The best option for employees who need to send personal messages during the work day is to use their own device, over their own Internet plan.
2. “As Long as I Clear My Browsing History, No One Will Know the Websites I’ve Visited”
The websites that employees don’t even need to feature any type of unsavory nature. The main reasons that employers monitor Intern usage include:
- Many employers ask IT teams to monitor Internet browsing to encourage productivity. It may be more accurate to say that it is meant to discourage the misuse of company time and resources.
- In the event of a system virus, IT can track everyone’s browsing behavior to help pinpoint the root of the problem.
Employees should know that risks abound on the Internet, leaving the company vulnerable to the whims of cyber criminals. The less work IT needs to do to comb through long and complex browsing histories to find the source of a data breach, the better.
3. “I Need to Remember to Erase Everything on My Computer Hard Drive Before Leaving the Company”
The company owns all work that an employee performs while using the employer’s equipment. Continuing to believe this myth could result in an employee being named in a civil complaint for a breach of contract. Everything from emails to PowerPoint presentations and Excel spreadsheets belong to the employer, and the employer is going to need those left right where they are.
When employees are planning to leave the company, they should not delete or modify anything on the hard drive, including any personal files. Basically, employees shouldn’t put anything on their work hard drive that they aren’t willing to leave behind.
4. “I’ll Just Make a Copy of a Few File or Two Before I Leave”
This myth goes hand-in-hand with number 3. While employees are leaving the data intact in the employer’s computing system, they are basically stealing the intellectual property of the employer by copying it to their own personal storage space.
5. I’m Sure I would Know if My Employer Were Monitoring My Computer Usage
There is a broad range of computer monitoring equipment that a company may buy that allows them to observe an employee’s technology usage without their knowledge, according to Privacy Rights Clearinghouse.
Even then, employees should know that employers are monitoring their system behavior since it is often noted in the data security policy that every employee must read and sign as terms of usage.
How Can You Help Clear Up Any Lingering Workplace Privacy Myths and Issues with Your Employees?
At I.S. Partners, LLC., we frequently work with employers who need help getting their employees up to speed on appropriate technology usage. Our information security professionals are always working to find new ways to help everyone, at every level, understand the critical importance of data security.