The Privacy Lawyer: Don't Wait Until An Employee Is Cyberstalked Before You Act
Make sure you're able to log intrusions and communications in real time and capture IP addresses of correspondents, Parry Aftab says.
Cyberstalking in the workplace is a growing problem. How well protected are you?
What would you do if an employee came to you and told you she was being cyberstalked and cyberharassed at work? Who within the company would you inform? What would you tell the employee? What actions would you instruct the IT department to take? Like all online risks in the workplace, the time to think about this is before something like this happens, not after.
Cyberstalking comes in many forms. It might carry a veiled threat, as in an E-mail that reads: "I know where you live," or "I know the way your children walk home from school." A stalker might also post offensive messages about the victim or, by guessing or sniffing the victim's password, masquerade as the victim and send threatening or inappropriate E-mails to co-workers or the victim's supervisors. Or in that guise the stalker might post comments on the Internet that do harm to the victim's workplace, such as informing a chat group that the stalker has access to customers' account numbers or that the company's CEO is molesting his teenage son. (Visible, Vulnerable Target is a story of one cyberstalking victim's plight.)
To make sure you're in a proactive rather than reactive position, you need to do some due diligence before a cyberstalker targets one of your employees. Ask yourself:
Does your acceptable-Internet-use policy refer to cyberstalking and online threats?
Do you use monitoring software to capture incoming and outgoing online communications with employees?
Do you capture IP addresses of correspondents?
When an employee leaves the company, do you immediately block his access to the intranet or group E-mail addresses within the company?
Can you log intrusions and communications in real time?
Does your sexual-harassment policy reference Internet communications?
Just as most employers are addressing workplace-safety and crime-prevention issues, they must address cyberstalking as well. It may be the precursor to an offline attack of an employee or the beginning of attacks against a company or that company's executives.
Providing a safer work environment isn't only good risk management, it's good human-resource management and a morale booster.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.