The Privacy Lawyer: Don't Wait Until An Employee Is Cyberstalked Before You Act
Make sure you're able to log intrusions and communications in real time and capture IP addresses of correspondents, Parry Aftab says.
Cyberstalking in the workplace is a growing problem. How well protected are you?
What would you do if an employee came to you and told you she was being cyberstalked and cyberharassed at work? Who within the company would you inform? What would you tell the employee? What actions would you instruct the IT department to take? Like all online risks in the workplace, the time to think about this is before something like this happens, not after.
Cyberstalking comes in many forms. It might carry a veiled threat, as in an E-mail that reads: "I know where you live," or "I know the way your children walk home from school." A stalker might also post offensive messages about the victim or, by guessing or sniffing the victim's password, masquerade as the victim and send threatening or inappropriate E-mails to co-workers or the victim's supervisors. Or in that guise the stalker might post comments on the Internet that do harm to the victim's workplace, such as informing a chat group that the stalker has access to customers' account numbers or that the company's CEO is molesting his teenage son. (Visible, Vulnerable Target is a story of one cyberstalking victim's plight.)
To make sure you're in a proactive rather than reactive position, you need to do some due diligence before a cyberstalker targets one of your employees. Ask yourself:
Does your acceptable-Internet-use policy refer to cyberstalking and online threats?
Do you use monitoring software to capture incoming and outgoing online communications with employees?
Do you capture IP addresses of correspondents?
When an employee leaves the company, do you immediately block his access to the intranet or group E-mail addresses within the company?
Can you log intrusions and communications in real time?
Does your sexual-harassment policy reference Internet communications?
Just as most employers are addressing workplace-safety and crime-prevention issues, they must address cyberstalking as well. It may be the precursor to an offline attack of an employee or the beginning of attacks against a company or that company's executives.
Providing a safer work environment isn't only good risk management, it's good human-resource management and a morale booster.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.