Whether it's an SEC official or a Macquarie banker, employees today don't seem to be too worried about Big Brother keeping tabs on online workplace activity. After all, who cares whether the CEO sees your tweets about last night's episode of "Dancing with the Stars" when you're making your numbers?
But companies are increasingly starting to care. And many of the most stringent policies can be found at financial institutions.
"There's a very, very narrow category of internet websites our brokers can access," said Robert Bursky, independent general counsel for John Thomas Financial, a New York-based broker-dealer. "Only certain, news-oriented Web sites are permitted."
Other financial institutions differ on how strictly they limit Web access. Sources at Wells Fargo, Nomura, BofA and HSBC say Youtube, Facebook and Gmail are all off limits. Wells declined to comment, and Nomura and BofA did not respond to requests to comment before press time.
In order to make sure employees adhere to these rules and others, companies use technology like the type provided by Stephen Marsh, the CEO of Smarsh, which offers online monitoring and archiving software. Recently, Marsh said he's seen a new type of clientele: hedge funds. Over the past six months, two dozen hedge fund firms have contacted him about his services.
Smarsh's products, like many others found on the market and offered by companies like Mimecast and SpecterSoft, are highly advanced and can archive every mouse click and keystroke of employees.
Monitoring e-mail has been commonplace for years, but new tools are making it easier for employers keep an eye on everything employees do. Social Sentry, a service from Teneros, a Calif.-based technology security company, allows a company to monitor any information its employees post publicly on Facebook and Twitter -- for just $2 to $8 per employee -- regardless of whether they do it at work or at home.
According to a 2009 survey conducted by ePolicy Institute, an organization that provides information on electronic communications policies, and the American Management Association, 61% of businesses have implemented social networking policies. The percent of companies with policies banning all blog use on company time have increased from 5% in 2006 to 25% in 2009. And it's not just your favorite blog that posts embarrassing celebrity photos: 41% of companies have policies dictating what can be discussed on sites like LinkedIn, for example.
While use of social networking sites has surged in recent years, employers are also responding to increases in usage of other forms of online communication. For instance, workplace instant message use has increased to 42% of employees in 2009 from 35% in 2006. While a quick "let's get lunch" won't trigger any corporate alarm bells, at-work e-mail conversations often veer into dangerous territory. For example, in the same survey, 89% of employees admitted to "using the office system to send jokes, gossip, rumors, or disparaging remarks to outsiders."
It's no surprise, then, that employers are adopting new technologies to go along with their stricter policies.
Companies have found ways to monitor e-mails you haven't even sent, said Tory Johnson, CEO of Women For Hire, a recruitment-services company devoted to women. "Anything you type can be tracked -- even if you ultimately delete it. Keystroke loggers track it all -- what you press, not just what you send." Companies can take screenshots of Web sites visited, see how long you've spent on a site, and, in era of instant communication, can even retrieve text messages from your personal phones, according to Johnson.
Some enterprising employees find ways around those bans and, if they are detected, employers might bring in cyber-ghostbusters who are able to investigate breaches.
One computer forensics company, Silicon Valley-based Digital Mountain, is routinely called in to examine employees' e-mails after they've left the company. In one instance, Digital Mountain CEO Julie Lewis recalled, a woman left the HR recruiting firm she had been working at to start a new firm and e-mailed all of her contacts to her personal e-mail address. Another time, an executive conducted fraudulent real estate transactions on his company computer.
New York-based Global Digital Forensics encountered something worse: multiple cases of child pornography. The company's CEO Joe Caruso said his team had discovered employees who were hosting a child pornography site on their company's servers and actively trading the material.
Even though they know their companies are watching, employees continue to pursue private projects -- legal or not -- on their workplace machines, according to the ePolicy survey and investigations by computer forensics companies. This frustrates recruiters and career coaches, who say employees must take responsibility for their actions and cut down, at the very least, on the job-hunting at work.
"Filters are going to flag words like "resume" and "position" and competitors' names," said Nancy Flynn, the founder and executive director of ePolicy Institute. As a result, employees need to exercise caution and avoid online activity that would cause them to lose their current job before they're guaranteed the next one, says Flynn.
Before zapping off those resumes from your cube, think twice. Your job search could get even more urgent should your boss find you job hunting at work.
-- Porn Incidents at Macquarie and the SEC
Write to Julie Steinberg