Betting Against Employee Monitoring

5:45 PM -- Employee gambling may be costing you millions. This from Chronicle Solutions, a U.K.-based firm specializing in "networking content monitoring" -- or using technology to track what workers are doing on the corporate intranet.

"Internet gambling is becoming increasingly popular and without a monitoring system in place, it is likely that a significant minority of a company's employees will go online to gamble during the working day," said Nick Kingsbury, Chronicle Solutions' CEO, in a prepared statement.

That claim seems a bit woolly. Call me naive, but I don't know anybody on our intranet who gambles online, let alone does it on company time. What's more, I assume other businesses, like publishing, have deadlines or other production goals that keep one from idling away the workday.

As one IT pro recently put it: "Controlling browsing, knowing whether an employee's productivity went down because they spent too much time on the Internet... that's what you have managers for." (See Websense to Buy PortAuthority.)

Chronicle Solutions, an early-stage company that competes against Websense and Surfcontrol, thinks a company needs electronic insurance against employee shiftlessness. Its netReplay appliance (which starts at about $98,000) tracks email, Web mail, IM, blogs, and VOIP on Fibre Channel or Ethernet networks in order to make sure everyone's busy in productive ways. All communications are indexed for easy searching -- in case you need to build a case for dismissal, for instance. Chronicle claims more than ten customers, including a major U.S. federal agency, a U.S. East Coast university, and a retail chain in Europe.Notably, Chronicle doesn't do any active filtering or protection of incoming or outgoing data -- at least not yet. This means it stops short of snagging damaging email before it goes out, or nabbing incoming viruses. (See Cisco Buys IronPort and Stop That Email!.)

One could argue that without these features, its longevity is questionable. After all, as HP's board has demonstrated, there isn't much future in paranoia for its own sake.

"Im not sure I see the point of this technology for enterprise companies," opines Chis Evans of storage consultancy Brookend Ltd. In his view, firms that haven't taken steps to secure in- and outbound data routes on their networks, via email gateways and proxy servers as well as encrypted connections, have a problem on their hands that monitoring alone can't solve. And he sees a "huge challenge" in interpreting and managing the results of monitoring.

"I’d be concerned by the volume of data this kind of service could require – how long to you keep it? What are the rules regarding its use? How does it apply legally?" Evans asks.

I'd wager (offline, of course) that these kinds of tools will find their niche. But in the larger context of data protection, their value is limited. Rat-catching has its place, but it's hardly a solution that will foster employee creativity and good will -- which are key to creating corporate value.— Mary Jander, Site Editor, Byte and Switch