Four Ways to Balance Employee Privacy and Corporate Security

Author

Will Hayes

October 24, 2016

The ability to collect, store, and analyze nearly any dataset means we now have insight into all kinds of previously “invisible” activities and behaviors. For businesses, this means the ability to understand market trends and preferences and, for users, a better customer experience.

Big data also helps keep organizations more secure. Monitoring for compliance violations, insider threats and insight into data loss prevention (DLP) systems are new advantages made possible by today’s big data technologies – and rendered urgent by the increasing inevitability of a breach.

But with every upside comes a potential downside. While these abilities create business advantages, they can also foster a Big Brother-like atmosphere in the workplace. The notion of monitoring – by employers, governments or advertisers – has set fire to some of the most heated controversies of our generation. With this in mind, enterprises must approach employee data collection thoughtfully and with caution. Here are four strategies for dealing with employee data in a way that maintains corporate security without jeopardizing employee trust:

Don’t dwell on the past. Mining web proxy data from the past five years to identify policy violators is a waste of company resources and time. It will enact a witch hunt, and do more damage than good. The past is the past. Focus on what’s happening today, right now.

Embrace transparency. Clearly and constantly communicate corporate policy, informing employees of the specific steps being taken to enforce those policies. Maintain trust with employees by being clear about what you’re monitoring and when, as well as the specific technologies and applications you’re using to do so.

Remove the human element. Nobody likes getting a personal call from HR saying they spend too much time on Facebook or Amazon. Automate violation warnings in order to reduce shame and emotion. Dynamic web filters that automatically update based on employee behavior maintain productivity while giving trust back to the individual.

Don’t collect everything. Many organizations follow the “store all your data” mantra for compliance reasons, but there is no reason to retain all of it. That beefy new Hadoop cluster can capture employee keycard access and run algorithms to determine arrival and productivity patterns, but that doesn’t mean it needs to or should. In general, employees appreciate the need to protect vital corporate information and meet governance policies with legal ramifications (such as PCI, SOX and HIPAA), but they do not appreciate when their every move, both physical and digital, is monitored. Employees are more likely to act like adults if you treat them as such.

The bottom line: Big data should be a tool to create a richer experience for customers and smarter business decision making. Avoid practices that make them seem too eager to condemn employee behavior. While data loss prevention and insider threat detection are truly important, the lengths we go to enforce policy need to reflect a healthy and positive work environment in which trust and transparency are key.

This article was written by Will Hayes from Forbes and was legally licensed through the NewsCred publisher network.

Comment this article

Great ! Thanks for your subscription !

You will soon receive the first Content Loop Newsletter