rediff.com

NewsApp (Free)

Read news as it happens
Download NewsApp

Available on  

Rediff News  All News 
Rediff.com  » Business » Beware! Someone is reading your mail

Beware! Someone is reading your mail

May 30, 2007 11:21 IST
Almost every IT, ITES, banking and financial company pays someone to read employees' outbound e-mails and attachments.

Given the potential legal and business headaches that can arise from employees sending proprietary information or inappropriate material to outsiders via e-mail, it seems justified too.

As per Gartner Research, up to 30 per cent of the top 1,000 global companies faced legal issues for their failure to secure customer data, translating into losses between $5 million and $20 million per business.

Use of bandwidth-clogging applications like streaming media, instant messaging and pop-up ads by employees emerged as the top three IT help-desk issues for India Inc, says a survey by Websense, a web-filtering and web-security provider.

"Your computer is not just a PC but a BC - a business computer," says Surendra Singh, head (Southeast Asia and India), Websense. As such, Singh reasons, employers have the right to review how their resources are being used.

Eddie Chandhok, president, Infogain, a technology solutions provider, does not believe in electronic monitoring of employees but admits that "the need to secure enterprise and client data outweighs my beliefs". Infogain has deployed Netflow, which generates reports to help the company understand the nature of internet traffic on the network.

"This way, we know which sites were accessed at a certain time, and if the company thinks they are inappropriate then the sites are promptly blocked."

If the Websense report, which says that almost 70 per cent of all internet porn traffic occurs during the 9-to-5 work day, is to be believed then Chandhok has reason to worry.

Most people use their work PCs in the same way they do their home computers - visiting adult sites, downloading and installing programmes at random, using file-sharing programmes for downloading music and other multimedia files.

"These activities, along with instant messaging, are among the most common vehicles for viruses, spyware and adware in corporate environments," says MN Srinivasu, director, BillDesk, which creates internet-based products for banks and other financial-products providers.

Most banks or financial institutions, he justifies, monitor data and internet usage "primarily to ensure that official data is used befittingly by employees". No wonder, the global web-filtering industry, which was pegged at $178.8 million in revenues in 2006, is expected to breach the $800 million mark in 2007.

Souma Das, area vice president, Citrix (India), an enterprise software company, is all for internet tracking. "In today's online environment seething with viruses and malicious users, businesses must assume that all access devices are dangerous, all networks are dirty and all access attempts hostile."

Citrix SmartAccess, he claims, can sense who and where a user is, including device and network, then responds with the right degree of access, balancing user freedom and IT control.

Outsourcing and IT companies are more worried about inappropriate content and oversized attachments that get delivered. "At Infogain we have tools that limit the size of mail attachments being zipped to and fro; we also jam personal email sites on individual employee's desktop," informs Chandhok.

Interestingly, the company has also arranged for computers away from the work area where employees can access any website.

Corporates are also known to deploy tools that scan image attachments for adult content. When an inappropriate message is caught, both the sender and recipient get e-mails telling them that the message has been blocked. The e-mail is held until the sender contacts the IT department to explain why it needs to be sent.

"As more businesses provide their staff with internet access, the number of incidents of staff abusing that access will increase too," says Websense's Singh, "And it seems unwise to wait for a major breach or even corporate espionage, before putting controls in place."

In short, if you expect privacy while using the computer at work, think again - you probably don't. More importantly, you shouldn't.

Priyanka Joshi in New Delhi
Source: