Do you know what your employees are doing this very minute?
A survey by the American Management Association revealed that 76 percent of organizations have monitored their employees' Web activity. The need for higher productivity, coupled with growing anxiety about information security, has whet CIOs' appetite for technologies that track user activity across hosts, networks, USB ports, even desktops.
According to Gartner Inc., a research firm in Stamford, Conn., sales of content monitoring and filtering products generated $40 million to $60 million in 2006 -– a comparatively small market, but one that could increase exponentially during the next few years. Early adopters include companies in financial services, health care, consumer goods and education.
"What the majority of companies are doing is URL filtering to block access to inappropriate sites or [doing] some type [of] outbound filtering on email to make sure people aren't sending out huge attachments," said Arabella Hallawell, a Boston-based research analyst at Gartner.
"In terms of technology that actually monitors peoples' time, it's not happening that frequently, and that's because the technology is not very good," Hallawell said.
Improvements in the offing
But that may be changing. Vendors say they are feeling pressure from CIOs to provide integrated tools and services for monitoring employee activity across multiple protocols.
"Up until a couple years ago, almost all attention in network security was focused on the perimeter. Now security managers want to make sure they cover [threats posed by] the users, both inside and outside the network," said Eric Lundbohm, vice president of marketing at Orange, Calif.-based 8e6 Technologies, a Web filtering and monitoring vendor.
Indeed, companies of various technology stripes are jockeying for position in the monitoring space. They include email and instant messaging security companies, network appliance makers and providers of host-level applications.
Planning and compliance
Despite the Big Brother-related implications, few companies appear interested in using monitoring tools to actively spy on their employees. Rather, the impetus appears to be the desire for a clearer view into how network resources are being used. That such analysis often shines a light on network abusers is an added bonus.
The need for higher productivity, coupled with growing anxiety about information security, has whet CIOs' appetite for technologies that track user activity across hosts, networks ... even desktops.
The American Association of Airport Executives, a professional organization near Washington, D.C., has been exploring ways to harden its internal networks. Having secured the perimeter with intrusion detection, antispam and antivirus tools, the organization recently implemented a combined hardware/software monitoring product by Annapolis, Md.-based eTelemetry Inc.
The goal "is not so much for monitoring the employees themselves, but for monitoring my bandwidth," said Patrick J. Osborne, vice president of IT. "If I can identify where my biggest bandwidth users are, whether it be servers, applications or individuals, then I can design a better network."
However, Osborne soon realized another unexpected advantage: the ability to track instant messaging online, right down to an individual user's desktop. One recent report revealed an individual who exceeded the acceptable threshold for personal use by about three hours -– prompting a friendly reminder about acceptable-use policies (and potential consequences).
"Every six months, I stand up in front of the entire staff and show them what I see about their usage habits. It's a great deterrent" to network abuse, Osborne said.
Complying with government regulations is also driving adoption of monitoring technologies. The Board of Cooperative Education Services provides Internet services to more than 50 school districts across three counties in upstate New York. By using content filtering products from 8e6 Technologies, technical support manager Fred Lawrence now tracks each IP address to individual workstations to spot breaches or unacceptable use of network resources.
That's important because "we have to adhere to certain [state and federal] guidelines to keep kids from accessing inappropriate sites," especially the Child Online Protection Act, Lawrence said.
Deciding what to monitor and how seems like an obvious question, yet many organizations apparently fail to take their organization's internal temperature.
"Network admins know that bad things are happening and want to be able to monitor their systems. But this is really a management issue" involving input from legal, human resources, operations and other key departments, said Kevin Beaver, a security expert at consulting firm Principle Logic LLC in Atlanta.
Too often, he said, IT "ends up doing the monitoring and enforcement, and that can create legal issues," especially when upper management is unaware that violations have even occurred.
Gartner's Hallawell said companies should brace for an uptick in administrative work as they implement new monitoring tools. Specifically, CIOs should weigh two questions before they even begin interviewing vendors:
"The No. 1 question for CIOs to ask is, 'What is the business imperative to monitoring?' And No. 2 is, 'Will it require a fundamental change in the way our business units operate?'"
Garry Kranz is a freelance writer based in Richmond, Va. He can be reached at firstname.lastname@example.org.
This was first published in February 2007