We don’t like to generalize, but for the sake of this blog post, we’re going to divide everyone in the world into two distinct groups:
- Those who monitor IT user activity. These people know the facts. They live and breathe IT security. They are by far the smaller of the two groups.
- Those whose activities are monitored. Basically, everyone else. This group is plagued by a fictitious view of user activity monitoring.
Perceptions of user activity monitoring are vastly different depending in which group you reside. In this post, we want to bridge the gap; to help everyone understand the mechanics, and more importantly, the motives for monitoring user activity. Let’s separate fact from Myth.
Myth: My employer is keeping track of how much time I spend on social media.
Fact: This is unlikely. For one, many jobs require interaction with social media channels (such as sales and marketing). Secondly, if a company wanted to prevent you from spending time on Facebook or Twitter, they can block it outright. The security professionals within your company probably don’t care that much about your personal life. What they are interested in is suspicious activity (records downloaded, transactions copied, files forwarded to personal accounts). And in nine out of 10 cases, that’s what they are keeping track of.
Myth: Using User Activity Monitoring Systems within the company is not compliant with KVKK / GDPR and may result in penalties.
Fact: It may vary depending on the structure of the User system you use. If the risk is not desired, it is one of the conditions of the personal data protection law that the KeyLogging feature is not turned on and the user has the right to delete their own private times / screenshots. In addition, the transparency of the system, sharing what information the user has collected and the purpose of collecting this information reduces your risk in this regard.
Myth: It is illegal to use User Tracking Systems and the company may face legal action.
Fact: It expects company employees to perform duties in accordance with the job description and spend time related to the company during working hours. Therefore, it is the basis of the employee-employer relationship, and the employer has the natural right to monitor that the employee uses his / her time correctly. Both parties are obliged to fully fulfill their responsibilities in the employment contract.
Myth: I’m always under surveillance.
Fact: Yes and no. While your activity is always being recorded (at least with Processera) you’re not constantly being watched. In fact, the only time you’ll get on the collective radar of the IT department is in the event of a suspicious activity. Otherwise, it’s business as usual.
Myth: I could get away with anything if I wanted to.
Fact: Technology tools make this scenario far less likely that it once was. Sadly, there are some employees and third-parties who know their activity is being monitored, but they still try to get away with illegal or unethical activities. In some cases, they succeed. But with the right technology solution in place, no harmful deed will go undiscovered. Soon, it will be extremely rare for a breach to go unidentified.
Myth: I don’t have to worry about security if my activity is being monitored.
Fact: Wrong. We’ve long stressed the importance of educating an entire company on security best practices, not just those in the IT department. Despite the presence of security software, there’s still the chance to download a virus or to make a mistake in transferring a file outside the appropriate channels. Prevention and education are still the best ways to address the growing number of security breaches. No software will ever eliminate these instances.
Myth: Only the biggest companies monitor user activity.
Fact: False. Big companies do monitor user activity (employees and vendors) but we’re starting to see this becoming a point of emphasis for smaller companies as well. Why? Unlike the large players, many startups and medium-sized enterprises literally cannot afford the costs associated with a security breach – loss of trust, compliance fines and other financial hits. Security isn’t just for the big players anymore.
These are just a handful of the many myths that persist in the realm of user activity monitoring, but they are some of the more prevalent ones. What other security myths have you encountered in your daily work lives? Be sure to share in the comments section below.
Popular Blogs in User Activity Monitoring
Let Our Solutions Architect find Right Solutions for your Enterprise
ProcessEra having a product portfolio with different vendors to response your requirement depending your business and system architecture. You can get right quote with right solution and right price in one place.