How to stay clean if your employer is monitoring your online activities

My friend got pulled up by his boss recently for a random tweet. His company felt it could have an adverse impact on its relationship with a client. Indeed, most companies do much more than just monitor the social media activities of their employees. Leading research firm Gartner's data reveals that by 2015 around 60 per cent of global corporations will have programmes to monitor social media accounts - including Facebook, Twitter, YouTube, and LinkedIn - for security breaches and data leaks.

T. Muralidharan, Chairman of TMI Group, a Hyderabad-based HR services firm, says every company has a strict Internet and email policy, which clearly sets out what an employee can do and can't on social networks. "Every employee should be aware that he or she cannot get away with breach of trust. Everyone is watched." Your employer may monitor your online behaviour randomly or spy on you systematically, following some specific incident. "Most companies in India have policies, but no monitoring system. They use the policy only when they hit upon something," says Muralidharan.

Companies have some tools that can track you both at the device and the network level. And once you resign, your employer usually scans your mail for the last month in office to see if you sent out any confidential information. "This is necessary because many companies handle confidential assets of customers. They must ensure employees are not selling or exchanging information with anyone," adds Muralidharan.

The proliferation of personal devices in the workplace is, however, making it increasingly difficult to monitor employee behaviour. "With more and more emphasis on workplace flexibility as the key to productivity and employee well-being, it is difficult for organisations to define boundaries and be autocratic about IT policy. What organisations therefore need to focus on is educating their workforce to better understand the intricacies involved in using vulnerable platforms," says Ritesh Chopra, Country Sales Manager, Norton by Symantec. He says the company policy has to be precise and spell out exactly what an employee is supposed to do or not do. "When using company resources to access Internet sites or to download, display or disseminate information or materials, users are expected to comply with the company's information security, and social media policy." Also, your company owns the office computer you use, and thus the emails and data generated from it. It doesn't need permission to access them.

Remember, you are not expected to spend more than five per cent of your office hours for any personal activity. Browsing the web or a social network, chatting with a friend, using a messaging client, or even taking a personal phone call is considered personal work and is not productive for the company. If you break this rule consistently, chances are that your company has already started monitoring you.

Don't panic now. Simply follow the dos and don'ts below to keep the 'Big Brother' at bay.
 
-Never include in private communications any confidential information belonging to your employer or to third parties that is not yet known to the public.  
-Never do anything that could be construed as discrimination, harassment, retaliation, or online
impersonation.
-Never post anything that could be viewed as defamatory, insulting or deceptive to any individual or organisation.
-Never use company resources to access, download, display or disseminate inappropriate material - be it pornographic, sexist, violent, or otherwise offensive in nature.
- Never share your network username and office passwords.
-Never install unapproved software on company resources, such as peer-to-peer software, because these can expose company resources and information to potential breach or theft.