Tuesday, January 19, 2010

Employees increasingly found to be downloading illegal files (source: Infosecurity.com)

Employees increasingly found to be downloading illegal files
15 January 2010

As if companies have not had enough IT security headaches already, it seems that a growing number of firms have problems with their staff illegally downloading copyrighted files whilst at work.
Research just published by ScanSafe, the software-as-a-service specialist, shows there has been a 55% increase in employees attempting to download illegal software, especially MP3 files, in the workplace over the last three months.

Worryingly, the firm says, all too often an employer will be held legally responsible for any wrongful acts committed by an employee "in the course of their employment" even if it is expressly prohibited by the employer. The report, says the company, should act as wake up call for companies to ensure that they are not at risk for legal liabilities.

To compile its figures, ScanSafe says it now processes data across more than 100 countries for millions of employees, giving it the industry's most significant insight into the latest trends in web traffic and malware.

The report comes as a US student, Joel Tenenbaum, has just been been fined $675,000 for illegally downloading music.

The court case, says Spencer Parker, ScanSafe's director of product management, focused on 30 tracks that Tenenbaum admitted downloading – he was subsequently fined $22,500 per song. Over the years, he said, consumers have taken a carefree approach to illegally downloading music, not expecting to be held accountable for their actions.

High-speed internet connections have enabled even faster illegal downloads and, alarmingly, more and more people are choosing to do so in the workplace.

"Employees mistakenly assume they can use the internet at work in exactly the same way as they use it at home and this is potentially one of the reasons for this steady increase in illegal download attempts over recent months," he said. "Inappropriate internet use in the workplace can put the employer at risk for legal liabilities," he added.

According to Parker, often an employer will be held legally responsible for any wrongful acts committed by an employee "in the course of their employment". This phrase, he explained, is very widely constructed – "an act may be considered" in the course of employment even if it is expressly prohibited by the employer.

This, he says, is `vicarious liability', which means that, even if a legal claim is unsuccessful, dealing with claims can make very substantial demands on management time and involve quite significant legal costs.

"Downloading illegal content is a double whammy for employers as not only does it put them at risk legally, but it also puts the company network at risk of being infected with malware. A large majority of free illegal downloading websites are often riddled with malware." he said.

Because of these issues, Parker argues that organisations should formulate internet usage policies and educate employees on the goals of their policies, including making clear the potential consequences of non-compliance. Employers, he says, should also require staff to sign and acknowledge their understanding of acceptable web use during working hours.



This article is featured in:
Compliance and Policy • Internet and Network Security

No comments:

Post a Comment