Remote Work's Cyberstalking Problem
With record high numbers of employees shifting to remote work in the wake of the pandemic, organizations are rightfully concerned about isolation and burnout among their workforce. There’s another issue that receives less attention but can be equally devastating for employees and employers: cyberstalking.
Federal law defines cyberstalking as crimes committed on the internet that place a victim in reasonable fear of death or physical harm or causes emotional distress to the victim or the victim’s immediate family.
Just as technology is ubiquitous in our everyday lives, cyberstalking has become more prevalent and more complex. Perpetrators use an array of increasingly sophisticated apps and tools to repeatedly, unwantedly and disruptively break into the life of an individual, group or organization with the intent to cause fear and harm. Examples of cyberstalking range from false accusations, defamation, slander and libel to emptying bank accounts or ruining a victim’s credit score.
It's not just a problem for employees in their personal life. The technology tools and platforms they use to perform their jobs can make them vulnerable to cyberstalking. That's not to mention a disgruntled employee who can use those same tools to victimize co-workers and an entire organization.
The bottom line is organizations need to recognize the threat in this period of remote work and be able to address and prevent stalking in the digital age. IT and HR departments will each play a critical role.
Related Article: 4 Collaboration Habits That Open the Door to Security Breaches
Cyberstalking Is a Growing Problem
One in four of approximately 3.3 million victims have been stalked by a perpetrator using email, instant messaging, GPS or spyware, according to the Bureau of Justice Statistics Stalking Victimization in the United States report.
Cyberstalkers research victims using search engines, online forums, bulletin and discussion boards, chat rooms, blogs and social networking sites. It’s especially easy to engage in workplace cyberstalking with many employees’ contact information easily available on websites and company-wide email directories. Harassing e-mails, viruses, malware and spyware can be delivered in a matter of seconds.
Anonymity leaves the cyberstalker in an advantageous position. Unbeknownst to the target, the perpetrator could be in another state, around the corner or in the next cubicle at work. Cyberstalkers within the workplace may be current employees posing as their bosses to post explicit messages on social networking channels, sending repeated insulting or threatening e-mails to other employees, monitoring or disrupting employees’ e-mail use, and using an employee’s account to send e-mails to others posing as the employee. Former employees, customers, vendors and strangers are easily capable of carrying out these same crimes and may use digital tools to harass an organization for financial gain or revenge.
Social media platforms provide a wide-open door for cyberstalking, particularly to employees who post and access social media content in connection with their work. It’s important to inform employees and remind them regularly of your organization’s IT policy regarding use of social media, with guidelines and resources for reporting harassment and cyberstalking.
Because of the relative anonymity of social media and how easily fake accounts can be established, reporting abuse will fall on the employee. If an employee is receiving unwanted contact, let the IT department know immediately. Because of the proliferation of technology, digital footprints can be large and complicated to navigate. There is not an easy resolution to these issues.
Related Article: CIO Priorities: IT Operations, Cybersecurity, Leading With Empathy
Educate Employees and Enforce Policy
HR departments should have clear, proactive measures to respond to and prevent cyberstalking. These basic tenets can serve as a starting point or a refresher for your organization’s approach.
Institute a strong digital media policy designed to prevent cyberstalking.
Remind employees their digital footprint is vast and easily traceable, and make sure they understand and comply with the organization’s acceptable use standards to protect themselves. The policy should also address the consequences for employees who commit cyberstalking. When employees have no outlet for their grievances, they often take to social media, blogs and other sites to complain about the organization and specific employees. Providing them with a vehicle to express their frustrations with HR or company leaders can prevent incidents of harassment and defamation on digital platforms.
Remind employees often to take digital security seriously.
It may seem obvious, but continually advise them to never open any files or links from an unknown, suspicious or untrustworthy source, and delete spam and other junk email without forwarding them. It goes without saying that computers should be equipped with anti-virus software and apps to prevent cyberstalking but never assume that the organization’s threat protection software will prevent all damage or data leakage.
If cyberstalking has occurred, work with the impacted employee to record and report all instances.
Providing evidence to law enforcement ensures an investigation can be conducted and the perpetrator can be charged. In addition, make sure employees understand the organization has a zero-tolerance policy for these activities and if they occur, charges will be filed. A cyberstalking conviction can result in criminal penalties including jail and significant fines.
In the new reality of remote work and blurred lines between workers’ professional and personal activities, it’s more important than ever to be vigilant against cyberstalking within your organization. By taking a shrewd, strategic approach, organizations can prevent criminal activity and keep employees safe.
About the Author
Karen Adams is training manager for Appriss Insights, where she educates crime victims, service providers, advocates, law enforcement and criminal justice professionals about technology and other victim safety issues. A 30-year veteran administrator, trainer and mediator, Karen is a certified master trainer and has a master's in management and leadership from Webster University and an undergraduate degree in management from University of Louisville.