Spyware-For-Business Company Thinks Concerns About 'Medical Bills' Are Indicators Of An 'Insider Threat'

from the terminated-for-googling-'student-loans' dept

It’s no secret that many companies monitor their employees’ computer use. But things are going much further than simply ensuring the normal “don’ts” — file sharing, porn viewing, etc. — are tracked for disciplinary reasons. Companies are now on the lookout for the next “insider threat.” Some companies are viewing the Snowden saga as the ultimate cautionary tale, albeit one that results in more surveillance rather than less. (via Dealbreaker)

Guarding against such risks is an expanding niche in the security industry, with at least 20 companies marketing software tools for tracking and analyzing employee behavior. “The bad guys helped us,” says Idan Tendler, the founder and chief executive officer of Fortscale Security in San Francisco. “It started with Snowden, and people said, ‘Wow, if that happened in the NSA, it could happen to us.’?”

But the effort to find — and prevent — the next “insider threat” from damaging his or her company seems to be just as misguided as the government’s efforts to do the same. Looking for potential threats often results in viewing almost everything as an indicator of future treachery.

One company cited “changes in email habits” as being indicative of an “insider threat.” Others, like Stroz Friedberg, aren’t as selective. The company, started by former FBI agent Edward Stroz, veers into the same dangerous territory the government does when rooting out “threats.” In its hands, normal activities are viewed with suspicion by its monitoring software.

The software establishes a base line and then scans for variations that may signal that an employee presents a growing risk to the company. Red flags could include a spike in references to financial stresses such as “late rent” and “medical bills.”

And what better way to tackle “late rent” or “medical bills” than suddenly finding yourself unemployed simply because re-purposed FBI analytic software thinks any small sign of (possibly temporary) financial instability indicates your next move will be to steal something. Millions of people in the US deal with these realities frequently — especially the latter. And yet, millions of employees still find other ways to tackle these problems instead of dipping their hands in the tills or running off with sensitive documents.

Stroz’s software also thinks — like the government — that an unhappy employee is a malicious employee.

He offers the scenario of a star trader at a bank who’s disappointed with the size of her annual bonus. Instead of being blindsided when she defects to a rival, a bank using Scout could identify her discontent early and make sure she doesn’t take sensitive data or other team members with her.

Or, the company could try to work with the employee rather than just secretly track her until her eventual exit. Once again, unhappy employees leave companies all the time without taking anything with them. Sure, a few do, but the deployment of software like this will generally produce more false positives (and a further strain work relationships) than insider threats. And there’s nothing like firing people for something they haven’t done (but might!) to endear a company to its remaining employees.

Despite all of this, Edward Stroz believes his company’s predictive employee policing software is just another way for companies to show their employees how much their staff means to them.

He’s still careful when discussing the software, describing it as a way to help employers build a “caring workplace.”

Oh, it’s anything but. While employees will often accept monitoring of their internet/computer usage as being a necessary part of the employee-employer relationship, they’re not going to be happy to find out that searching for information about medical bills might see them lose a source of income. And they’re definitely not going to be thrilled to learn that expressing displeasure about company practices and policies may result in the same thing. If a company wants to foster a “caring workplace,” it should be addressing employee discontent, not monitoring it. But what do you expect from companies — and the entities that provide them with spyware — that view the Snowden leaks as justifying increased surveillance?

Oh, and employees had better believe their file sharing use will be actively monitored (and used against them). Stroz Friedberg may be making enterprise pre-crime software now, but its past as an RIAA lobbying firm (and its slightly-later past as a Six Strikes “independent expert“) has been well-noted.

Filed Under: , ,
Companies: fortscale security

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Spyware-For-Business Company Thinks Concerns About 'Medical Bills' Are Indicators Of An 'Insider Threat'”

Subscribe: RSS Leave a comment
Violynne (profile) says:

The Stroz Analysis Engine is a powerful tool for your business. Recently established in Fortune 500 companies, all but two are now bankrupts as the software positioned 99.9% of employees as threats.

“At Stroz, we believe to be human is to be a threat, so we’ll ensure all your employees are either ‘happy’ (to have a job, willfully bending to corporate policy) or fired.” – Stroz

*rolls eyes

PS: Walmart, think twice before using this software. It’s bad enough you only have two checkouts open at any time. This software will reduce that number to zero.

That Anonymous Coward (profile) says:

Gee why does this level of disconnect from reality not shock me. See Also: “Independent” Review of CCI

This maybe just maybe helps highlight the amazing disconnect between those on top and those who provide them that living.

Workers are seen as threats no matter what, oh something horrible happened to them… QUICK LOCK THE FILES!!
Once upon a time a business would find out about troubles befalling their workers and extend some reasonable aid, because a happy worker is more productive and committed to the company.

Now everything is viewed from the viewpoint of those “on top” where if you see a weakness, you pounce and destroy. And living with this constant fear of takeovers, SEC investigations, etc where everyone is after them they become paranoid. They spend MILLIONS of dollars, that they got by cutting into the compensation for the workers, propping up the sales pitch of if you do not do this your workers will destroy you… ignoring that these sorts of actions will do very little to catch people committed to your downfall, and increases the sheer number of people who will grow to despise you and will help the one who decides you need to go down.

See also: Every stupid plan the **AA’s have ever put forth.
Punish those who pay them, chasing imaginary dollars.

Anonymous Coward says:

It's a scam!

The only company that will make money from this software is the one that sells it.

It’s feeding on the combined beliefs that computers can now perform acts of wizardry in the eyes of the non-specialists and that ‘predictive’ algorithms are actually accurate enough to pinpoint “threats” because lettersoup-organizations keep trying to convince the public that they are…

To me it sounds like someone trying to sell snakeoil…

Rich Kulawiec (profile) says:

Email content scanning doesn't work

We’ve learned that — painfully — over 20+ years of trying to detect spam, phishing, and malware.

If you haven’t been working in these areas, let me summarize: the code which attempts to do this requires daily updates in order to have a decent chance of yielding results with acceptable FP (false positive) and FN (false negative) rates. And even with all that constant, meticulous attention to detail, it still fails miserably all day, every day. It really is a horrible mess.

The reason is simple: it’s an attempt to “enumerate badness”, which is aptly described by Marcus Ranum in The Six Dumbest Ideas in Computer Security as Dumb Idea #2. Stroz’s software isn’t exempt from this problem — but given their marketing pitch, which is geared toward naive customers who only care about FN rates and not FP, they’ll probably just ignore it.

Paul Renault (profile) says:

Re: (deeply indebted to the AC)

re-running risk analysis, with volume set to 11

Target: Employees, Stringers, Guests, Staff, Consultants, The Barista at StarBucks, etc, Of Techdirt

Status: Risk

Recommendation: Fire them all. Shut the business down. Move to Ittoqqotoormiit, learn to love dried ammasat and raw caribou liver.

No more insider, outsider, or bystander threats.

That’ll be $300,000, please.

Andy says:

Right, I’ve got an idea, bear with me, I’ve only just thought of this…

How about companies (and Gov agencies etc) stop doing things that need to be whistleblown about?

Is it possible that just this one small change in philosophy could prevent these many whistleblowers who are just waiting for that one scandal they can break?

I know, I must be crazy right… who would consider actually functioning like a civilised human being!

Thrudd (profile) says:

Re: Re: Re:... what they are afraid of

Is not underhanded snake strangling scum. Those they can deal with by either promotions or stock options. What scares them are people who have a conscience and will blow the whistle on them. It is the Dudley Dorights that have them terrified.
Maybe I should get into the discount torch pitchfork tar and feather distribution business? I hear that it will be a seller’s market.

TRX says:

This isn’t the first time the question of personal mail on a work account has come up. I first encountered articles on it in the late 1980s.

Nowadays, with most people having mail at home, or even a smartphone, I have trouble understanding why the question even comes up.

Nothing good can come out of using your employer’s machines for mail.

Jack says:

While insider threats can actually be a problem for SOME businesses, by far the biggest “insider” threat to a business is due to the fact that employees are lazy as hell and don’t adhere to security protocols. They download anything, open every attachment in their email, and do generally stupid things on their work machines. This opens the door and gives a potential hacker a pivot point on the network. That is by far the biggest insider threat.

Spending big dollars on this software (and this type of software is absurdly expensive)is stupid, intrusive, and isn’t going to do anything for security. The fact they characterize insider threats as “hard up” for money or have medical bills or are unhappy shows a complete lack of understanding of the vast majority of insider problems. The typical threat is far more mundane – just pure curiosity. People with keys wanting to see what is behind the all the doors they can open. IT admins reading management emails and things like that.

ECA (profile) says:


More stupid thoughts..

Dont companies and corps get w write off for Estimated theft?
With this software I would NOT give them a write off.

Its Standard procedure in all business to anticipate a Loss prevention of Upto 10% of sales.
Anything below 5% is great..
but with the Over priced goods in the USA, they are anticipating a Net loss of 30+%..(which means goods are 3 times the price)

Anonymous Coward says:

Or you know...

Sit down and talk to your employees regularly like real people…

God forbid we actually have conversations with our fellow coworkers to see how they’re feeling about life and work. Establishing a trusting personal relationship will go a lot further toward discouraging malicious behavior than some spying software and the untrusting management of suspicious employees.

Blackfiredragon13 (profile) says:

Time for sarcasm.

Tim you must be joking! Of course those with medical problems are a threat! Why else would TSA give those people trouble and search them in disturbing and invasive ways? Everyone knows that those with medical conditions and horrific injuries leaving them mute are Islamic terrorists just waiting to crash a plane into the new World Trade Center! Just the other day I saw police hassling an old woman with a walker; clearly she has the codes to the president’s launch codes.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...