Christmas may be a time when we can all let our hair down, but we shouldn’t let compliance slip. Especially when it comes to the workplace. Christmas parties and jumpers a-plenty create the perfect photo opportunity. Whether it’s the arrival of a Christmas tree on your floor or the light-up santa on your desk, snapping a photo and uploading to social media is a reflex that most of us wouldn’t think twice about. But what do these images really show? Your colleagues enjoying the festivities? Or market sensitive information not quite masked by your light-up santa?
Images like these can expose a whole range of information that can be focused in on and exploited:
Balancing employee privacy, data protection and company reputation
When you look at your LinkedIn newsfeed, this month in particular, you’ll undoubtedly see how companies are making good use of social media to export and re-enforce their brand values via their key asset; their employees. Nothing says that a company is good to do business with as much as a group of smiling employees enjoying their workplace and doing good deeds. But along with this opportunity comes the greater responsibility to prevent inadvertent leaks of sensitive or secure information your management, clients and shareholders are trusting you with.
Employer concerns over breaching employee rights and GDPR, when trying to monitor and prevent data loss, are obvious. As a result some organisations have banned social media from the workplace rather than trying to balance data protection regulations, employee privacy, company reputation and the business / brand opportunity that social media presents. Until now there hasn’t been any way of sufficiently addressing all these concerns.
Fortunately there’s now a silver bullet – Deepview’s ImageGuard. It’s the first, and only, employee endorsed solution to provide protection from accidentally posting videos, images or text that contain information that may land their employer a hefty fine, loss of confidence in the market & share price or with their clients. Oh, and their job!
DeepView looks for real time breaches that reach the public domain, hence not contravening GDPR. When it comes to following (monitoring) private accounts, there has to be what lawyers call ‘legitimate cause’ for employers to do so, a simple contract of employment on it’s own won’t suffice. So DeepView enables organisations to customise monitoring to only those with privileged access to highly secure information. As this protects the employee as much as the business, there’s an acceptance by those in such positions.
Monitoring encrypted channels
But what about what you don’t see?
For example, the use of WhatsApp in work conversations really varies from business to business, and often those charged with safeguarding the business might not have the whole picture on how it’s being used. As a social communications tool it’s use between employees, and with clients, is often rife and unprotected. Indeed, it’s becoming apparent that it’s a common vehicle for insider trading, as well as more innocent communications.
It’s a fuzzy area and no more so than at this time of year when invitations to Christmas drinks and other seasonal hospitality are also pinging into WhatsApp groups and direct messages. This amounts to a compliance and HR nightmare if a founded accusation crops up. But it’s encrypted, so how can you monitor and archive these communications?
We’ve addressed this issue too with DeepView’s ChatGuard. This monitoring solution has a simple opt in from employees to select which chats are best defined personal and which are business related and therefore should be monitored for potential breaches. How long before social media channels used for business communications require the same retention policies as the rest of their client communications i.e. email? Well DeepView can archive these for you too, but that’s for another post…
So until then, enjoy the festivities and check behind you before you selfie in the office!