Every morning a report lands on Tony Bisulca's desk with information he needs but wishes he didn't have to know. As he takes a sip of Earl Grey tea, he opens the multi-page document full of networking traffic stats from the previous day. He knows who the top bandwidth users were, the top surfers and chatters, where they went and when, what they downloaded and how long they stayed. This particular morning, he discovers that a co-worker, who is also a friend, tried to access a white supremacy site the previous night.
|To view our complete multimedia package, visit our risk management supercast.|
Bisulca's routine underscores what is increasingly no secret: When it comes to workplace computer use, someone is watching, and it's probably the CIO.
But as furtive as employee monitoring sounds, as paranoid as employees might feel about being watched, as covert as employers might think they're being (and no matter that everyone knows someone who knows someone who got fired for surfing porn), the fact is, watching what employees do is now standard practice, even at many midmarket companies.
But that doesn't mean CIOs are entirely comfortable with it. In fact, many are finding themselves at the center of a cultural shift as they fine-tune a monitoring middle ground that suits their organizations. Where do they draw the line when it comes to determining what's blocked or who's monitored?
Today, more than three-fourths of organizations are monitoring workers' Internet usage, up 27% since 2001, according to the American Management Association (AMA). Sixty-five percent use software to block connections to inappropriate Web sites, a practice called URL filtering. Experts say that by 2010, everyone will use some combination of blocking and monitoring.
This was first published in January 2007