We’re in the midst of a major shift in the way we work. As many employees struggle with higher levels of social isolation, stress and burnout since the pandemic, organizations are also seeing a rise in digital stalking.
While most workplaces have information technology (IT) security and acceptable use policies in place, the shift to remote work can make employees more vulnerable to external perpetrators who use an array of increasingly sophisticated apps and tools to repeatedly, unwantedly and disruptively break into the life of an individual, group or organization with the intent to cause fear and harm. At the same time, an employee can use those same tools to victimize co-workers or an entire organization.
Employees need guidance on how to recognize, address and prevent digital stalking, particularly in a work-from-home environment. As a training leader, it is important to offer resources for maximum impact and help your team avert these disruptive behaviors.
Employers Must Be Proactive
According to a 2015 survey by the U.S. Centers for Disease Control, about 3.7% of U.S. women and 1.9% of U.S. men were victims of stalking in the previous 12 months. The term “digital stalking” refers to the use of online technologies such as email, text and voice messaging, and social media to harass or stalk another person, sometimes in conjunction with other forms of stalking.
Organizations must be diligent rather than waiting to react to a digital stalking incident after it has occurred. Because technology-enabled stalking may occur while the victim or perpetrator is working and may involve work resources — such as an employer-provided computer, phone or internet access — employers have a duty to provide a safe workplace and address employees’ potentially criminal behavior.
The best and most comprehensive way to ensure a healthy and safe work environment — even when employees are working remotely — is to enact and enforce the organization’s appropriate and acceptable use policy for employer-provided technology resources to and clearly communicate the procedure to follow if an employee violates the policy and the potential consequences of doing so.
Technology Protocols to Avert Cyberstalking Behaviors
As a training leader, you can help identify gaps in the curriculum and documentation for your organization’s digital security acceptable use policies. With many employees working remotely and potentially facing burnout and online meeting fatigue, consider offering content in a bite-sized, microlearning format that is reinforceable. Make that content readily accessible, at employees’ fingertips.
Your organization can discourage digital stalking behaviors by sharing its policy on prohibited activities. Those activities should include:
- The installation or distribution of pirated or other software products that are not appropriately licensed for use by the organization.
- Revealing account passwords to others or allowing use of an account by others.
- Using a generic account that cannot be tied to a specific individual.
- Using company computer equipment to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws.
- Making fraudulent offers of products, items or services from any company account.
- Causing security breaches by logging onto a server or account and accessing data for which the employee is not the intended recipient.
- Executing any form of network monitoring that will intercept data, unless the activity is part of the employee’s job.
- Circumventing user authentication or security of any host, network or account.
- Using any application or sending any messages with the intent to interfere with or disable a user’s network session.
- Sending unsolicited messages via email or other online applications to individuals who did not specifically request such material.
It’s also important to address social media, while acknowledging that it is a gray area for employers, because social media activity extends beyond the workplace and the employer’s resources. Advise employees to use social media applications carefully and responsibly. For example, users may want to limit the amount of personal information they share. They might not know they can disable “geotagging” to prevent a potential stalker from viewing their physical location or realize that it’s OK to decline invitations to connect from someone who is unknown or makes them uncomfortable.
Conversely, employees who initiate contact through social media must follow all company policies for interaction and engagement with co-workers. In no instance should employees use these channels to circumvent the organization’s established communication resources and applications.
Detection of Cyberstalking Activity
How can you convey the importance of this topic when online meeting fatigue is growing in your workforce? Think about why it’s important to educate your employees about digital stalking, especially at this point in time, and use microlearning to reduce cognitive load.
Here are eight proven strategies employees need to know about to detect and inform their IT department about cyberstalking activity:
- Installing software not approved by the IT department is prohibited. Such software often harbors hidden malicious intent and may result in the inadvertent introduction of malicious code.
- Configure threat protection software to automatically check for updates on company laptops, tablets and smartphones to protect employees from hackers.
- Never open any files or macros attached to an email from an unknown, suspicious or untrustworthy source. Check with the IT department before proceeding.
- Delete spam and other junk emails without forwarding them.
- Avoid direct disk-sharing with reading and/or writing access unless there is a business requirement to do so.
- If the threat protection software displays a message saying it found a threat, stop using your device, and disconnect it from all wired and wireless networks.
- Never assume that your threat protection software will prevent all damage or data leakage.
- Contact your IT department or administrator if you suspect cyberstalking, whether of you or of a colleague.
With the work-from-home model on the rise, it’s more important than ever to be vigilant against digital stalking within your organization. To be effective in preventing criminal activity and to keep workers safe, make sure all employees understand that security is everyone’s responsibility.