Several chief information officers (CIOs) have announced support for employee monitoring software.
Former Government CIO and CISO John Suffolk, Martin Taylor, CIO for the London Clearing House, and Duncan Hine, head of security for the National Air Traffic Control Service and former head of security for the Home Office Identity and Passports Service, have announced their support for the software. They are aiming to grow corporate awareness and understanding of why closer monitoring of employees' use of sensitive corporate data is critical to reducing the spiralling ‘insider threat'.
Suffolk said: “This is not simply about reducing the honest mistakes of the majority; it's about identifying and preventing the dishonest actions of the minority as well. Data leaks have become considerably more malicious as the value of personal and corporate data has risen dramatically.
“Employees are constantly being targeted to assist criminals in the theft of sensitive information. Total visibility of their work activities is now a requirement for data security. We need to make more corporate leaders aware that monitoring employees' access to data with considerable granularity is not just acceptable, it is encouraged by both the government and regulators.”
Chris Burke, former CIO for Vodafone UK, is also supporting the campaign, along with vendor Dtex Systems that provides software that enables companies to gain greater internal visibility of their employees' activities at work to help reduce data leaks.
Burke said: “Getting the balance right of information access and information security is crucial. Conventional system access or file oriented security tools are too easy to exploit in this day and age. The data held by mobile companies is not simply valuable, but is also subject to comprehensive regulation.”
Ed McNair, CEO of Overtis, told SC Magazine that it was important to monitor but to tread carefully and not for organisations to leave themselves open to privacy issues.
“There is a whole area of vicarious liability and you have got to make sure the organisation is responsible for what employees do,” he said.