“Bossware”: what is this software that spies on employees?

“Bossware”: what is this software that spies on employees?

Bossware makes it possible to monitor an employee’s activity remotely. The use of spyware is more widespread than you might think, especially since the advent of teleworking and AI. How can they be detected and what are the risks? 

What is bossware?

Bossware” is the term used to describe software designed to monitor employees. Installed on the workstation, it collects a maximum amount of data on the worker’s activity, with the aim of obtaining an overview of their productivity. This spyware can record all online activity, keystrokes, mouse movements and even, in some cases, take random screenshots and record audio or video.

Widely used since the widespread deployment of teleworking in 2020, it enables managers to keep an eye on their employees from a distance. Now, with the development of artificial intelligence, surveillance can go even further. For example, some “bossware” software, such as Veriato, is capable of analysing worker data to assign them a “risk score” for the company’s security. Others can send alerts if the worker does not seem to be behaving appropriately at their post.

Spyware not always detectable

Bossware can be deployed visibly or silently. With visible surveillance, workers are aware that their activity is being monitored. In certain configurations, they can even act on the software by pausing it, for example. Conversely, with silent surveillance, employees are not aware that they are being “spied on”. The software may therefore have been installed remotely on their workstation without their consent.

Authorised in the United States: and in Europe?

In the United States, employers can easily force employees to install this type of software on their workstations. However, laws are now being introduced to limit their use by requiring companies to be transparent.

The GDPR also protects employees

In Europe, employee surveillance is not clearly legislated. Nevertheless, the General Data Protection Regulation (GDPR) can serve as a reference on the subject. This regulation defines the conditions for the collection, use and transfer of personal data and provides a framework for data processing operations, including those relating to employee monitoring. In this way, employee consent to the processing of their data is absolutely required. However, as the European report ” Employee monitoring and surveillance: The challenges of digitalisation “it is up to each [EU] Member State to put in place specific data protection provisions“.

Controversial but still used

In France, “bossware” is highly controversial, but it is still widely used. According to a study carried out by Vanson Bourne for VMware, “63% of French companies with more than 500 employees have implemented surveillance tools”. Nevertheless, the French Data Protection Authority (CNIL) regularly issues warnings about the use of this software. It points out that such surveillance must not “undermine respect for employees’ rights and freedoms”. Employees must therefore be informed before any surveillance tool is put in place. Surveillance in the workplace is one of the main reasons for complaints to the CNIL.

But Europe’s leading country for employee surveillance is Spain. According to the same report, “40% of Spanish companies have installed spyware”, compared with 15% in Germany and 26% in the UK.

The different ways of detecting bossware

According to TechTarget, bossware can be detected by carrying out a few checks.

Check the task manager

If an unrecognised piece of software with a name containing a number of random numbers and letters is running in the background, it may be bossware. Note that many spyware programs are not detectable in Task Manager.

Download antispyware

If you are suspicious, anti-spyware software can be useful. It will scan the device and be able to identify the “bossware” as malicious software. 

Monitor outgoing Internet traffic

Some Internet traffic monitoring software can detect unusual traffic and confirm suspicions.

What are the risks of using bossware to monitor employees?

Impact on employee productivity and well-being

The introduction of employee monitoring tools demonstrates a blatant lack of trust on the part of management towards employees working remotely. And yet, this mutual trust is essential if employees are to remain committed to the company and retain their loyalty. Surveillance, when it is visible, puts constant pressure on employees, pressure that can lead to exhaustion and burn-out. While management would like to control and act on their productivity, it is harming the well-being of its teams.

Data theft and breach of privacy

In France, employees have rights regarding the processing of their data, particularly under the RGPD. They should be aware of this and not hesitate to alert their representatives if they have any doubts about spyware in their company. The use of “bossware” leads to massive processing of personal content and data, which undermines respect for employees’ privacy. If this software is not perfectly secure, it can be targeted by cyber-attacks. As a result, data concerning both the employee and the company is liable to fall into the hands of malicious parties. Employers must protect employee data, whether it has been collected for recruitment, security or business monitoring purposes.

Conclusion: to combat bossware, promote trust and communication

In conclusion, bossware has been used a lot since the health crisis and is tending to develop with artificial intelligence. However, their effects can sometimes be harmful to employee well-being and undermine team performance.

On the contrary, the use of spyware should never be systematic for remote collaboration. It is essential that teleworking is offered in a climate of trust, in order to reap all the benefits in terms of productivity and quality of life at work. To achieve this, appropriate and secure management and communications tools are essential.

Preserving your company’s cybersecurity

The security risks of “bossware” are real. They can lead to the loss of personal data and have financial repercussions for the company.

Employees must remain aware of their rights regarding the protection of their privacy and personal data, and not hesitate to contact their representatives if they have any doubts about the use of bossware.

To find out more about teleworking : https://www.tixeo.com/en/discover-tixeo-video-conferencing/security/white-paper-on-secure-teleworking/

“Bossware”: what is this software that spies on employees?

“Bossware”: what is this software that spies on employees?

Bossware makes it possible to monitor an employee’s activity remotely. The use of spyware is more widespread than you might think, especially since the advent of teleworking and AI. How can they be detected and what are the risks?

 

What is bossware?

Definition and origin

Bossware is the term used to describe software designed to monitor employees. Installed on the workstation, it collects a maximum amount of data on the worker’s activity, with the aim of obtaining an overview of their productivity. This spyware can record all online activity, keystrokes, mouse movements and even, in some cases, take random screenshots and record audio or video.

Widely used since the widespread deployment of teleworking in 2020, it enables managers to keep an eye on their employees from a distance. Now, with the development of artificial intelligence, surveillance can go even further. For example, some bossware software, such as Veriato, is capable of analysing worker data to assign them a “risk score” for the company’s security. Others can send alerts if the worker does not seem to be behaving appropriately at their post.

Spyware not always detectable

Bossware can be deployed visibly or silently. With visible surveillance, workers are aware that their activity is being monitored. In certain configurations, they can even act on the software by pausing it, for example. Conversely, with silent surveillance, employees are not aware that they are being “spied on”. The software may therefore have been installed remotely on their workstation without their consent.

Authorised in the United States: and in Europe?

The RGPD also protects employees

In the United States, employers can easily force employees to install this type of software on their workstations. However, laws are now being introduced to limit their use by requiring companies to be transparent.

In Europe, employee surveillance is not clearly legislated. Nevertheless, the General Data Protection Regulation (GDPR) can serve as a reference on the subject. This regulation defines the conditions for the collection, use and transfer of personal data and provides a framework for data processing operations, including those relating to employee monitoring. In this way, employee consent to the processing of their data is absolutely required.

However, as the European report ” Employee monitoring and surveillance: The challenges of digitalisation “it is up to each [EU] Member State to put in place specific data protection provisions“.

Controversial but still used

In France, “bossware” is highly controversial, but it is still widely used. According to a study carried out by Vanson Bourne for VMware, “63% of French companies with more than 500 employees have implemented surveillance tools”. Nevertheless, the French Data Protection Authority (CNIL) regularly issues warnings about the use of this software. It points out that such surveillance must not “undermine respect for employees’ rights and freedoms”. Employees must therefore be informed before any surveillance tool is put in place. Surveillance in the workplace is one of the main reasons for complaints to the CNIL.

But Europe’s leading country for employee surveillance is Spain. According to the same report, “40% of Spanish companies have installed spyware, compared with 15% in Germany and 26% in the UK.

 

The different ways of detecting bossware

According to TechTarget, bossware can be detected by carrying out a few checks.

1. Check the task manager

If an unrecognised piece of software with a name containing a number of random numbers and letters is running in the background, it may be bossware. Note that many spyware programs are not detectable in Task Manager.

2. Download antispyware

If you are suspicious, anti-spyware software can be useful. It will scan the device and be able to identify the “bossware” as malicious software. 

3. Monitor outgoing Internet traffic

Some Internet traffic monitoring software can detect unusual traffic and confirm suspicions.

 

What are the risks of using bossware?

Impact on employee productivity and well-being

The introduction of employee monitoring tools demonstrates a blatant lack of trust on the part of management towards employees working remotely. And yet, this mutual trust is essential if employees are to remain committed to the company and retain their loyalty. Surveillance, when it is visible, puts constant pressure on employees, pressure that can lead to exhaustion and burn-out. While management would like to control and act on their productivity, it is harming the well-being of its teams.

Data theft and breach of privacy

In France, employees have rights regarding the processing of their data, particularly under the GDPR. They should be aware of this and not hesitate to alert their representatives if they have any doubts about spyware in their company. The use of “bossware” leads to massive processing of personal content and data, which undermines respect for employees’ privacy. If this software is not perfectly secure, it can be targeted by cyber-attacks. As a result, data concerning both the employee and the company is liable to fall into the hands of malicious parties. Employers must protect employee data, whether it has been collected for recruitment, security or business monitoring purposes.

A few ways to avoid bossware

Promoting trust and communication

In conclusion, bossware has been used a lot since the health crisis and is tending to develop with artificial intelligence. However, their effects can sometimes be harmful to employee well-being and undermine team performance.

On the contrary, the use of spyware should never be systematic for remote collaboration. It is essential that teleworking is offered in a climate of trust, in order to reap all the benefits in terms of productivity and quality of life at work. To achieve this, appropriate and secure management and communications tools are essential.

Preserving your company’s cyber security

The security risks of “bossware” are real. They can lead to the loss of personal data and have financial repercussions for the company.

Finally, employees must remain aware of their rights regarding the protection of their privacy and personal data, and not hesitate to contact their representatives if they have any doubts about the use of bossware.

To find out more

In this white paper, find out how you can boost the productivity of remote workers and improve the cybersecurity of teleworking.

white paper on teleworking security

How can we reinvent and secure remote working in 2023?

How can we reinvent and secure remote working in 2023?

Remote working is now a popular option for many employees and companies. But at a time when cyberthreats are on the increase, how can teleworking be made truly effective and its security strengthened within organisations?

Quiet quitting, digital nomads… A new vision of work

In France, as in Europe, the relationship with work has changed considerably. For many employees today, the priority is to hold a position in a company that is in line with their values, where their well-being will really be taken into account. This is what emerges from the latest barometer from the Actineo observatory. We learn that 45% of those questioned think that their employer is not concerned about their well-being at work, whereas this should be a priority for 84%.

The “quiet quitting” movement and the growing number of digital nomads demonstrate a clear desire for greater freedom and quality of life.

The benefits of teleworking  

Teleworking seems to be an appropriate and effective response to these new expectations, offering a better balance between professional and personal life. What’s more, teleworking is even said to increase employee productivity, according to a report by the French National Productivity Council. A better quality of life? Not just that, since the success of teleworking also depends on the support and appropriate management of teams.

How can teleworking management be rethought?

white paper on teleworking security

Combining collaborative performance and data security

In 2023, the introduction of teleworking will require careful thought to be given to data and communications security. When employees work remotely, the risks of cyber-security are greater and the consequences more costly.

In the IBM report, we learn that in 2022, the average cost of a data breach was 4.34 million dollars in France. When teleworking is a factor in the attack, $1 million is added to the bill. The consequences are therefore primarily financial, but they also damage the reputation of the targeted organisation for its lack of reliability.

Protecting the teleworking environment, installing a VPN, MFA (multi-factor authentication) or subscribing to a sovereign cloud service are all choices that need to be made to ensure that employees have simple, secure access to company resources.

What tools should be put in place to secure data?

Quels sont les risques de sécurité informatique principaux en télétravail ?

livre blanc sécurité du télétravail

The importance of IT hygiene training for teleworkers

Raising awareness of IT security among teleworking teams is fundamental to preventing cybersecurity risks. In fact, the human factor is always the primary cause, despite the massive increase in the security of information systems. Employees need to be made aware of the risks, but also of the best practices to be implemented to protect their equipment, particularly when they are on the move.

In addition, the deployment and use of a high-performance Secure by Design video collaboration tool remains essential for team collaboration, especially when working 100% from home. It is important to train teleworkers and raise their awareness of this tool, particularly to reduce the risks of shadow IT, which is becoming increasingly common.

The case of Tixeo, 100% augmented teleworking

For the past 8 years, Tixeo has been moving towards 100% ‘augmented teleworking’. Thanks to the TixeoFusion mode of its secure videoconferencing solution, Tixeo teams work together in a virtual open space on a daily basis. The result: simple, reliable and user-friendly communication that erases the distance between employees and strengthens collaboration.

How has Tixeo's 100% augmented teleworking model become sustainable?

white paper on teleworking security