Bossware makes it possible to monitor an employee’s activity remotely. The use of spyware is more widespread than you might think, especially since the advent of teleworking and AI. How can they be detected and what are the risks?
What is bossware?
Bossware” is the term used to describe software designed to monitor employees. Installed on the workstation, it collects a maximum amount of data on the worker’s activity, with the aim of obtaining an overview of their productivity. This spyware can record all online activity, keystrokes, mouse movements and even, in some cases, take random screenshots and record audio or video.
Widely used since the widespread deployment of teleworking in 2020, it enables managers to keep an eye on their employees from a distance. Now, with the development of artificial intelligence, surveillance can go even further. For example, some “bossware” software, such as Veriato, is capable of analysing worker data to assign them a “risk score” for the company’s security. Others can send alerts if the worker does not seem to be behaving appropriately at their post.
Spyware not always detectable
Bossware can be deployed visibly or silently. With visible surveillance, workers are aware that their activity is being monitored. In certain configurations, they can even act on the software by pausing it, for example. Conversely, with silent surveillance, employees are not aware that they are being “spied on”. The software may therefore have been installed remotely on their workstation without their consent.
Authorised in the United States: and in Europe?
In the United States, employers can easily force employees to install this type of software on their workstations. However, laws are now being introduced to limit their use by requiring companies to be transparent.
The GDPR also protects employees
In Europe, employee surveillance is not clearly legislated. Nevertheless, the General Data Protection Regulation (GDPR) can serve as a reference on the subject. This regulation defines the conditions for the collection, use and transfer of personal data and provides a framework for data processing operations, including those relating to employee monitoring. In this way, employee consent to the processing of their data is absolutely required. However, as the European report ” Employee monitoring and surveillance: The challenges of digitalisation “it is up to each [EU] Member State to put in place specific data protection provisions“.
Controversial but still used
In France, “bossware” is highly controversial, but it is still widely used. According to a study carried out by Vanson Bourne for VMware, “63% of French companies with more than 500 employees have implemented surveillance tools”. Nevertheless, the French Data Protection Authority (CNIL) regularly issues warnings about the use of this software. It points out that such surveillance must not “undermine respect for employees’ rights and freedoms”. Employees must therefore be informed before any surveillance tool is put in place. Surveillance in the workplace is one of the main reasons for complaints to the CNIL.
But Europe’s leading country for employee surveillance is Spain. According to the same report, “40% of Spanish companies have installed spyware”, compared with 15% in Germany and 26% in the UK.
The different ways of detecting bossware
According to TechTarget, bossware can be detected by carrying out a few checks.
Check the task manager
If an unrecognised piece of software with a name containing a number of random numbers and letters is running in the background, it may be bossware. Note that many spyware programs are not detectable in Task Manager.
If you are suspicious, anti-spyware software can be useful. It will scan the device and be able to identify the “bossware” as malicious software.
Monitor outgoing Internet traffic
Some Internet traffic monitoring software can detect unusual traffic and confirm suspicions.
What are the risks of using bossware to monitor employees?
Impact on employee productivity and well-being
The introduction of employee monitoring tools demonstrates a blatant lack of trust on the part of management towards employees working remotely. And yet, this mutual trust is essential if employees are to remain committed to the company and retain their loyalty. Surveillance, when it is visible, puts constant pressure on employees, pressure that can lead to exhaustion and burn-out. While management would like to control and act on their productivity, it is harming the well-being of its teams.
Data theft and breach of privacy
In France, employees have rights regarding the processing of their data, particularly under the RGPD. They should be aware of this and not hesitate to alert their representatives if they have any doubts about spyware in their company. The use of “bossware” leads to massive processing of personal content and data, which undermines respect for employees’ privacy. If this software is not perfectly secure, it can be targeted by cyber-attacks. As a result, data concerning both the employee and the company is liable to fall into the hands of malicious parties. Employers must protect employee data, whether it has been collected for recruitment, security or business monitoring purposes.
Conclusion: to combat bossware, promote trust and communication
In conclusion, bossware has been used a lot since the health crisis and is tending to develop with artificial intelligence. However, their effects can sometimes be harmful to employee well-being and undermine team performance.
On the contrary, the use of spyware should never be systematic for remote collaboration. It is essential that teleworking is offered in a climate of trust, in order to reap all the benefits in terms of productivity and quality of life at work. To achieve this, appropriate and secure management and communications tools are essential.
Preserving your company’s cybersecurity
The security risks of “bossware” are real. They can lead to the loss of personal data and have financial repercussions for the company.
Employees must remain aware of their rights regarding the protection of their privacy and personal data, and not hesitate to contact their representatives if they have any doubts about the use of bossware.
To find out more about teleworking : https://www.tixeo.com/en/discover-tixeo-video-conferencing/security/white-paper-on-secure-teleworking/