Digital workplace ethics: how to manage digital ethics in the workplace

The pandemic has radically reshaped the way we live and work in many ways. Governments and businesses reacted with speed and agility to keep societies moving forward as best as possible. But a potential dilemma for business leaders is emerging. The proliferation of remote working, combined with other possible factors, have created conditions ripe for potential data breaches,¹ security compliance issues, and possible violations of digital ethics in the workplace.

The question then becomes: How should employers conduct themselves to ensure important work is completed to deliver on business objectives while helping to protect the business by staying within ethical boundaries and avoiding activities that potentially could pose insider threats? The answer is not an easy one and will require a combination of technology, legal counsel, and open and frank communication with staff members.

Digital technologies play an increasingly important and complex role in modern society. They connect us with friends, colleagues and providers of essential services like doctors and banks. That's led to a growing interest in digital ethics in the workplace and elsewhere. The concept is simple. Just as "real-world" ethics govern the way groups and individuals treat each other, digital ethics guide the way we interact and resolve issues in the online world.

Notions of digital ethics in the workplace relate to employee use of technologies such as online collaboration and communication platforms, email, social media, productivity and other tools. Depending on their role, employees may have access to highly sensitive IP, corporate or customer data—and theoretically have the power to leak, steal or destroy that information.

The challenge for employers is that ethical codes of conduct only go so far in setting out acceptable use of technology and data. The concern is that, in the digital world, it might be much easier for individuals to make unethical decisions because they feel more detached from the people these decisions will affect. According to the 2020 Verizon Data Breach Investigations Report, a full 30% of reported breaches involved internal actors.

This is clearly a risk employers work to manage. But how do they do so in an ethical way?

Unfortunately, the current crisis may have fomented exactly the conditions that could lead to employees breaching digital ethics in the workplace.

For example, many staff members face a financial crisis that has them concerned about job security and their ability to support their families. More than two-thirds of Americans are not "financially healthy," and millions face "extreme financial hardship," according to an October 2020 report by the Financial Health Network.

At the same time, remote working mandates are making more employees feel lonely and anxious, which could have a negative psychological impact driving them to engage in unethical acts. Additionally, remote work can detach the individual from the consequences of their actions and could chip away at loyalty to one's employer. By working remotely, employees may find it easier to circumvent enterprise controls on data flows and the scrutiny of their managers.

And there are multiple avenues for unethical employees to seek financial gain—from using insider information to gain an advantage on the stock market, to leaking or selling confidential data to rivals.

Detecting malicious insider threats is more challenging than mitigating the risk of negligence or accidental misuse because you have a determined individual whose intent is to stay hidden. It is made still more complex by the distributed nature of today's workforce. However, some technologies and processes can help. These include:

• Establishing physical security for sensitive areas of facilities such as server rooms.
• Screening new starters rigorously to avoid hiring those who have previously engaged in unethical practices.
• Adopting a zero-trust security approach, which will limit employees' privileges to their specific roles, enforce strict multi-factor authentication for remote logins and segment the network to prevent digital snooping.
• Deploying user behavior analytics tools to collect and track user data to establish what "normal" behavior looks like, and then leverage machine learning to flag anything suspicious.
• Establishing clear guidelines for reporting suspicious behavior so that employees can flag anything that doesn't look right.
• Ensuring IT and HR work together closely to rapidly offboard leaving staff members and deprovision network and account access immediately.

To find out more, take a look at this comprehensive guide put together by the Cybersecurity and Infrastructure Security Agency.

While working to manage ethical issues with technology in the workplace among employees, it is important to respect employee privacy.² To avoid such concerns, the key is to be open and honest about your use of any monitoring tools and why they are being deployed.

Here are some final tips on how to uphold digital ethics in the workplace:

• Clearly document the use and extent of any data monitoring, such as user behavior analytics, and communicate that it will be done in a proportionate and legal manner.
• Consult legal counsel to ensure compliance with privacy and workplace laws/regulations.
• Carry out regular training to remind staff of their ethical obligations and the impact on the organization of unethical behavior.
• Survey staff about their attitudes to current security policies and ways to enhance them.
• Maintain an open dialog with staff representatives, HR and other stakeholders for continuous improvement.

Explore how Verizon can support your employee communications and collaboration needs.

The author of this content is a paid contributor for Verizon.