'E' for exposed? Email and privacy issues

In March 1996, American Libraries featured a piece about a librarian at the University of California/Irvine whose supervisor intercepted her e-mail while she was absent on medical leave. As a result of this, UC's Office for Academic Computing began a review of e-mail privacy on the nine-campus system. This article and UC's reaction prompted my research into this topic

Refining the PoinTER “human firewall” pentesting framework

PurposePenetration tests have become a valuable tool in the cyber security defence strategy, in terms of detecting vulnerabilities. Although penetration testing has traditionally focused on technical aspects, the field has started to realise the importance of the human in the organisation, and the need to ensure that humans are resistant to cyber-attacks. To achieve this, some organisations “pentest” their employees, testing their resilience and ability to detect and repel human-targeted attacks. In a previous paper we reported on PoinTER (Prepare TEst Remediate), a human pentesting framework, tailored to the needs of SMEs. In this paper, we propose improvements to refine our framework. The improvements are based on a derived set of ethical principles that have been subjected to ethical scrutiny.MethodologyWe conducted a systematic literature review of academic research, a review of actual hacker techniques, industry recommendations and official body advice related to social engineering techniques. To meet our requirements to have an ethical human pentesting framework, we compiled a list of ethical principles from the research literature which we used to filter out techniques deemed unethical.FindingsDrawing on social engineering techniques from academic research, reported by the hacker community, industry recommendations and official body advice and subjecting each technique to ethical inspection, using a comprehensive list of ethical principles, we propose the refined GDPR compliant and privacy respecting PoinTER Framework. The list of ethical principles, we suggest, could also inform ethical technical pentests.OriginalityPrevious work has considered penetration testing humans, but few have produced a comprehensive framework such as PoinTER. PoinTER has been rigorously derived from multiple sources and ethically scrutinised through inspection, using a comprehensive list of ethical principles derived from the research literature

On the poverty of a priorism: technology, surveillance in the workplace and employee responses

Many debates about surveillance at work are framed by a set of a priori assumptions about the nature of the employment relationship that inhibits efforts to understand the complexity of employee responses to the spread of new technology at work. In particular, the debate about the prevalence of resistance is hamstrung from the outset by the assumption that all apparently non-compliant acts, whether intentional or not, are to be counted as acts of resistance. Against this background this paper seeks to redress the balance by reviewing results from an ethnographic study of surveillance-capable technologies in a number of British workplaces. It argues for greater attention to be paid to the empirical character of the social relations at work in and through which technologies are deployed and in the context of which employee responses are played out

Whoʼs Watching Us at Work? Toward a Structural-Perceptual Model of Electronic Monitoring and Surveillance in Organizations

Nearly 80% of organizations now employ some form of employee surveillance. This significant level of use infers a salient need for additional theory and research into the effects of monitoring and surveillance. Accordingly, this essay examines the panoptic effects of electronic monitoring and surveillance (EM/S) of social communication in the workplace and the underlying structural and perceptual elements that lead to these effects. It also provides future scholarly perspectives for studying EM/S and privacy in the organization from the vantage point of contemporary communication technologies, such as the telephone, voice mail, e-mail, and instant messaging, utilized for organizational communication. Finally, four propositions are presented in conjunction with a new communication-based model of EM/S, providing a framework incorporating three key components of the panoptic effect: (a) communication technology use, (b) organizational factors, and (c) organizational policies for EM/S

Workplace Violence and Security: Are there Lessons for Peacemaking?

Workplace violence has captured the attention of commentators, employers, and the public at large. Although statistically the incidents of workplace homicide and assault are decreasing, public awareness of the problem has heightened, largely through media reports of violent incidents. Employers are exhorted to address the problem of workplace violence and are offered a variety of programs and processes to prevent its occurrence. Many techniques, however, conflict with values that are critical to achieving sustainable peace. We focus on types of workplace violence that are triggered by organizational factors. From among the plethora of recommendations, we identify those responses that are most and least consistent with positive peace. We find that processes that promote privacy, transparency, and employee rights hold the most promise for peacemaking. We submit that such structures and processes can be transportable beyond the workplace to promote peace locally, nationally, and globally.http://deepblue.lib.umich.edu/bitstream/2027.42/39920/3/wp535.pd

2017-18 VCU Faculty Handbook

The VCU Faculty Handbook contains information about the university, its campus and the surrounding community. The Handbook is not a complete guide to academics, research and other services, but is intended as a reference guide to orient new and continuing faculty to the university and provides additional sources for information. For detailed school or department information, please reach out to the specific departmental office. The VCU Office of Faculty Affairs is committed to updating the Handbook on a yearly basis

IMPROVING SOCIAL CORPORATE RESPONSIBILITY: THE CASE OF BULLYING BEHAVIOR

This article highlights moral harassment at the workplace as a form of corruption in organizations. This form of corruption has cost organizations billions of dollars each year. A theoretical model is presented in this paper, which explains the main factors that affect bullying processes impact on organizations. Suggestions are provided in this paper, as tools to eliminate bullying within the workplace.

Monitoring Employee Behavior Through the Use of Technology and Issues of Employee Privacy in America

Despite the historic American love for privacy that has enhanced innovation and creativity throughout the country, encroachments on privacy restrain individual freedom. Noticeable, advances in technology have offered decision makers remarkable monitoring aptitudes that can be used in numerous tasks for multiple reasons. This has led scholars and practitioners to pose a significant number of questions about what is legitimate and illegitimate in the day-to-day affairs of a business. This article is composed of (a) research about electronic monitoring and privacy concerns; (b) definitions of, critiques of, and alternatives to electronic performance monitoring (EPM); (c) motives behind employee monitoring and leadership behaviors; (d) advice that makes monitoring less distressful; (e) employee monitoring policies; (f) reviewing policies and procedures; (g) the role of human resource development (HRD) in employee assessment and development; and (h) conclusion and recommendations for further studies

Should Employers Have the Ability to Monitor Their Employees Electronically?

The purpose of this paper is to answer the question of whether or not employers should have the ability to electronically monitor their employees in the workplace. It stresses both the monitoring of computers, and also telephone wiretapping. The topic is examined through a legal, behavioral, and ethical perspective, to gain a more complete idea of the extent of the concern with electronic monitoring. Court cases were used to explain the different facets of the legal struggle between the employer’s right to monitor and the employee’s right to privacy. Several theories, including panoptic theory, were used to explain the behavioral effects of employer surveillance. Finally, the ethical issues with regards to electronic monitoring were explained through the idea of social control, and the balance of the needs of the employer and the needs of the employee