|
Top-level
In any case, software vendors influence and shape how these systems are used. Microsoft recommends that customers monitor all employee communication at least for “harassment or discrimination detection”. It is doubtful whether intrusive surveillance, which opens the door for applying it other purposes, is an appropriate solution here. It may rather represent an intrusive technological pseudo-fix for issues that are deeply embedded in corporate cultures and deserve much more serious attention. 2 comments
The findings of the report suggest that the security+risk profiling systems offered by Forcepoint/Everfox, Microsoft and other vendors help normalize pervasive employee surveillance and contribute to its expansion. Unions, worker representatives and work councils can only be advised to carefully discuss and negotiate the potential deployment of SIEM, UEBA, DLP, insider risk or communication monitoring systems with employers. Several features can probably not be deployed in Germany or Austria. |
Gregory's Server
More problematic, Microsoft systematically incentivizes employers to expand risk surveillance.
Its 'compliance manager' uses quantification/metrics, game mechanisms and recommendations to tell organizations that they should set up and configure various security, risk and compliance products, some of them involving extensive employee monitoring and profiling.
This includes extensive personal data processing and profiling just to show customers how Microsoft can analyze extensive employee data.