Everyone is talking about the latest college admissions bribery scandal that not only implicated Hollywood celebrities, but has also named prestigious universities and institutions, i.e. Yale, SAT and ACT, as guilty players in the scheme.
The damage done to these organizations’ reputations is severe, and in most cases – there is only one guilty employee who is to blame. In fact, federal prosecutors have not charged any universities with wrong doing.
So what’s the lesson here? How can organizations protect themselves from letting one employee, out of thousands, have the ability to destroy their reputations?
EMPLOYEE MONITORING 101 – Past and Present
Employee monitoring is a broad term that includes monitoring employee’s computer activity, triggering alerts on policy violations and analyzing behavioral baselines to discover user behavior anomalies. Traditionally, most organizations operated under the preconceived notion that employee monitoring is only for the following two business use cases:
–Productivity – making sure staff isn’t spending too much time pointlessly browsing the web or visiting “disreputable” sites.
–Insider Threat Data Security – making sure staff doesn’t access or share sensitive data, such as IP, customer info, trade secrets, finance info and more.
Though it certainly does cover those issues, the industry is discovering that the benefits monitoring employee computer activity extends far beyond productivity and security. Even the most productive employee, who would never share company secrets – might be tempted (by bribery or blackmail) to break the rules. The same tools you use for employee productivity monitoring and insider threat detection and monitoring would also allow you to detect a potential bribery issue way before it becomes a national headline.
EMPLOYEE MONITORING 322 – Intro to Applications and Methods
An important method of Employee Monitoring is User Behavior Anomaly detection, which can notify employers if there is a significant abnormality in the employee’s behavior, either by deviating from their own baseline or the normal activity of their peer groups. Perhaps if Georgetown had been monitoring its athletic directors, they may have noticed an unusual amount of personal, webmail communications between the coach and William Singer (accused of acting as an intermediary between parents and coaches). That behavioral anomaly might have been the red flag they needed to notice their tennis coach was recruiting non-athletes.
Had the SAT’s been monitoring their employees access to systems and applications, they may have noticed that certain proctors were manipulating the room assignments – making sure that specific students would be assigned to the room they proctor. By reviewing what employees do when they access systems, they would have easily noticed a trend of proctors “cherry picking” their students.
EMPLOYEE MONITORING – Getting Started
Protecting your organization from the reputational damage of bad insider threats starts with employee monitoring. To find out how easy it is to start monitoring and recording user activity on your employee’s endpoint, start your free 7-day trial.