Monitoring Employee Email
Question
If an organization were to monitor their employees' e-mail, it should not:
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Monitoring has to be conducted is a lawful manner and applied in a consistent fashion; thus should be applied uniformly to all employees, not only to a small number.
Source: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 9: Law, Investigation, and Ethics (page 304).
In general, organizations have the right to monitor their employees' email activities, but this should be done with certain considerations and limitations to respect the privacy rights of employees.
Option A is incorrect because monitoring only a limited number of employees may imply unfair treatment or discrimination. If the monitoring is based on certain criteria, such as job function or security clearance, it should be clearly explained and justified.
Option B is the recommended practice since informing all employees that their email activities are being monitored promotes transparency and helps avoid misunderstandings or suspicions. Moreover, employees should be informed about the purpose of monitoring, such as compliance with legal or regulatory requirements, security or productivity concerns, or preventing harassment or discrimination.
Option C is also important because it clarifies who has access to the email content, how it is stored, and how long it will be kept. This information can help employees understand what to expect and how to protect their confidential or sensitive information.
Option D is also a crucial aspect of email monitoring since it sets clear guidelines for what is acceptable use of the email system. For example, employees should be informed that using the company's email for personal or inappropriate purposes may result in disciplinary action.
In summary, an organization should not monitor employees' email activities without proper justification and legal compliance. If monitoring is deemed necessary, it should be done transparently and with clear guidelines and limitations to respect employees' privacy rights.
