One-Third of U.S. Companies Read Employee E-Mail

Move over, NSAT&T: A new study suggests that more than one-third of US companies pay someone to read employees' outbound e-mail.

The figures come from a new study (PDF file) by Forrester Consulting done on behalf of Proofpoint, an e-mail security company in Cupertrino, Calif. Given the potential legal and business headaches that can come from employees sending proprietary information or inappropriate material to outsiders via e-mail, I'm surprised that number isn't higher.

Many employers also monitor instant messages. The study found that more than a quarter of companies were monitoring content in IM traffic, and another 21 percent said they planned to deploy monitoring technologies within the next year.

Far too many people use their work PCs in the same way they play on their home computers -- visiting adult Web sites (how people think they won't get busted for this is beyond me), downloading and installing random programs, even using peer-to-peer file-sharing programs. These activities, along with instant messaging, are among the most common vehicles for viruses, spyware and adware in corporate environments. A monitoring policy is generally intended to mitigate a variety of legal risks for the employer, but more importantly it helps protect the health and security of the corporate network.

Most companies today require new hires to sign a piece of paper saying that violations of company information-security policies (and all of the above activities usually count as violations) may get them fired. Indeed, the report found that out of nearly 300 companies pollled, almost one-third had terminated an employee for violating e-mail policies in the past year, and more than half had disciplined an employee. One-third said they investigated a suspected e-mail leak of confidential or proprietary information in the same period.

In short, if you think you have any expectation of privacy while using the computer at work, think again -- you probably don't. More importantly, you shouldn't.