· 4 min read · Features

How to monitor the problem of porn in the office

Published:

With one in five men admitting to accessing porn at work, organisations know they are sitting on a potential time bomb. While accessing porn is not illegal - unless it is explicit - the risks associated with brand damage and employee harassment litigation are significant.

Imposing an outright ban on downloading of images or videos in the workplace is simply not practical. Yet without any controls in place, employees have pretty much been given a green light to abuse the corporate network, regardless of any acceptable usage policy they may have agreed to. Furthermore, for many line managers, this is a difficult topic to discuss with staff; and if they happen to be a top sales person or hold a senior position within the company, this can be even more difficult.

It is therefore essential to put in place a tool that not only monitors all email and flags up those containing suspicious images but also automates the organisation's response - such as an email citing the suspected breach of the usage policy.

By automating the process and taking a non-invasive approach, organisations can enforce the acceptable usage policy and drastically reduce the volume of pornographic images and videos in the workplace, safeguarding the brand and ensuring a harmonious workplace.

For too long the ‘porn in the office' issue has been the elephant in the room: a genuine corporate concern but as it is a difficult issue to tackle many organisations have chosen to avoid addressing it. Business owners know that taking a draconian approach and blocking the downloading and sending of all images or videos makes no business sense and doesn't actually solve the problem - employees will always find a way around restrictions. But without a viable, cost-effective way of checking for image content, organisations have essentially ignored the issue of employee use of the corporate network for the distribution of porn.

However, with the rapid growth in activity, the risk is now simply too great to ignore. A recent survey by The Fawcett Society found that 20% (one fifth) of men questioned admitted to accessing pornographic material within the workplace.

With employees increasingly using legitimate communication tools such as email to send porn across internal and external networks, the issue of brand damage must be addressed. With the majority of businesses now including the company name and logo within all email signatures, pornographic material sent from the corporate email system can damage a company's reputation in an instant.

From brand damage to the risk of litigation and the HR cost of handling disciplinary hearings, the implications of employee use of porn are fast taking centre stage.

The issue is now a board-level concern. Under the Protection from Harassment Act 1997, employers have a legal obligation to prove they are taking all reasonable practical measures to protect staff from inappropriate material. Companies and individual executives face criminal prosecution if employees are found using the company's IT infrastructure to distribute porn, or they fail to prevent employees from downloading child pornography into the workplace.

In order to be able to fulfil their duty of care, directors must be able to easily identify the images and videos that contain inappropriate material. However, the HR department also needs an effective way of managing this problem. No director particularly wants to be the one to have to confront an employee about such matters face-to-face, and with the added financial pressures that the recession has brought, companies cannot afford to embark upon expensive HR reviews.

Furthermore, in confronting this inappropriate behaviour, businesses have to decide upon the correct level of punishment - which, depending on the explicitness of the material, may be dismissal. This means that companies must accept that they may lose a number of key employees who otherwise work very well and are an asset to the company.

And this is key: organisations do not want to lose good, productive employees as a result of their misuse of the corporate network. Instead, they are looking for a solution that reduces the prevalence of porn and reinforces the acceptable usage policy without the need for reviews, punishments or fines.

Adopting a non-confrontational approach can be achieved by using an email monitoring tool that will not only monitor activity but can also be set to automatically respond to the activity in a variety of ways. These range from simply blocking the image to automatically informing both sender and recipient(s) that the acceptable usage policy has been breached, with the email including the relevant policy clause.

With this approach, organisations and indeed the HR department have no need to mention porn or even inappropriate material within the email warning - the users will know what was contained in the image. By demonstrating an awareness of the activity and a willingness to take action, the organisation will rapidly see a reduction in the abuse of the network in this way as employees change behaviour.

Critically, there is no need for uncomfortable discussions or punitive activity. The business has the information required to take the steps it deems appropriate to address this behaviour and, with real-time monitoring in place, can demonstrate it has taken all reasonable steps to create a harmonious workplace and safeguard employees and so adhering to its duty of care.

The merging of the home/office world is complete. From personal emails to social networking and downloading porn, individuals will continue to exploit the corporate network for personal use if they can. And the problem can only get worse if left unaddressed.

Few organisations would expect to ban porn. Instead, they can leverage technology to ensure that employees recognise the difference between appropriate and inappropriate behaviour in the workplace; and gently enforce the acceptable usage policy to mitigate the business risks associated with the existence of pornographic material on the network. Critically, it is about leveraging a dispassionate technology solution to achieve a non-confrontational approach to imposing control over the corporate environment.

By automating the identification of material and notification of the relevant employees, organisations can take control of this serious security issue. With the right tools in place, HR departments can meet the duty of care to employees by taking every possible step to minimise unwanted exposure to this material either through malicious intent or humour, drive down the volume of activity on the corporate network and, critically, safeguard brand value.

Andrew Millington is managing director of Exclaimer Image Analyzer.