Feeds

38% of large US companies have full-time email monitoring staff

Dept of snooping and personnel

Choosing a cloud hosting partner with confidence

Nearly four in ten companies have staff whose main job is to monitor the outgoing email of colleagues, according to US data security research. More than a third of the companies surveyed hired staff to perform only that monitoring function.

Email security company Proofpoint interviewed email chiefs at 220 companies which employed more than 1,000 people. It found that companies were so worried about employees leaking information via email that 38 per cent of them paid other employees to monitor communications.

"An increasing number say they employ staff to read or otherwise analyze the contents of outbound email (38 per cent, up from 29 per cent in 2008)," said a Proofpoint statement. "The pain of data leakage has become so acute in 2009 that more US companies report they employ staff whose primary or exclusive job is to monitor the content of outbound email (33 percent, up from 15 percent in 2008)."

The survey suggested that companies have reason to be careful. Proofpoint said that 43 per cent of the companies told it that they had investigated email leaks of confidential information in the past year. "Nearly a third [of companies], 31 percent, terminated an employee for violating email policies in the same period (up from 26 per cent in 2008)," said Proofpoint's statement.

Blogs are also increasingly a source of concern for companies. The survey found that 18 per cent of the companies it spoke to had conducted an investigation into employees' use or blogs or message boards and 17 per cent had disciplined an employee for breaking company rules on their use. Workers had been fired over blog and message board use at 9 per cent of the companies interviewed.

The research also uncovered the dissemination of sensitive or valuable company information through social networks such as LinkedIn, Facebook or MySpace. It found that 17 per cent of companies had had information exposed through those channels, and that 8 per cent had fired employees because of it.

Proofpoint said some data leaks being experienced by companies are related to the economic downturn. It found that 18 per cent of companies believed a leak was related to an employee who was leaving the company, and that 42 per cent of firms believed that increasing layoffs at their firm created an increased risk of data leakage.

Morag Hutchison, an employment law expert at Pinsent Masons, the law firm behind OUT-LAW.COM, said that if companies in the UK want to take action against individuals relating to their email or internet use then they have to have clearly spelled out at the outset what is and is not allowed.

"We advise employers to ensure that they have a email and internet use policy setting out what, if any, personal use of the internet and email is allowed at work," said Hutchison. She said that any policy had to be actively communicated to have any effect.

"It is important that this policy is clearly communicated to all employees and that the employer monitors compliance of it and takes the appropriate enforcement action if they discover a breach. The internet policy should also cross reference the disciplinary policy that the employer is required to follow," she said. "It is also important that the policy is consistently applied, and not just applied to people the company wants to let go."

Copyright © 2009, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Intelligent flash storage arrays

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.