The Privacy Lawyer: Don't Wait Until An Employee Is Cyberstalked Before You Act
Make sure you're able to log intrusions and communications in real time and capture IP addresses of correspondents, Parry Aftab says.
Cyberstalking in the workplace is a growing problem. How well protected are you?
What would you do if an employee came to you and told you she was being cyberstalked and cyberharassed at work? Who within the company would you inform? What would you tell the employee? What actions would you instruct the IT department to take? Like all online risks in the workplace, the time to think about this is before something like this happens, not after.
Cyberstalking comes in many forms. It might carry a veiled threat, as in an E-mail that reads: "I know where you live," or "I know the way your children walk home from school." A stalker might also post offensive messages about the victim or, by guessing or sniffing the victim's password, masquerade as the victim and send threatening or inappropriate E-mails to co-workers or the victim's supervisors. Or in that guise the stalker might post comments on the Internet that do harm to the victim's workplace, such as informing a chat group that the stalker has access to customers' account numbers or that the company's CEO is molesting his teenage son. (Visible, Vulnerable Target is a story of one cyberstalking victim's plight.)
To make sure you're in a proactive rather than reactive position, you need to do some due diligence before a cyberstalker targets one of your employees. Ask yourself:
Does your acceptable-Internet-use policy refer to cyberstalking and online threats?
Do you use monitoring software to capture incoming and outgoing online communications with employees?
Do you capture IP addresses of correspondents?
When an employee leaves the company, do you immediately block his access to the intranet or group E-mail addresses within the company?
Can you log intrusions and communications in real time?
Does your sexual-harassment policy reference Internet communications?
Just as most employers are addressing workplace-safety and crime-prevention issues, they must address cyberstalking as well. It may be the precursor to an offline attack of an employee or the beginning of attacks against a company or that company's executives.
Providing a safer work environment isn't only good risk management, it's good human-resource management and a morale booster.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.