Be afraid. Be very afraid as India Inc. turns big brother. While snooping on employees is as old as the hills, new-age deterrence and detection methods strategically placed in the work environment make even innocent banter seem like evidence. As corporates get increasingly suspicious of their workforce, they are shopping for surveillance gizmos and even hiring private detective agencies to tail their employees.
The recent mobile phone theft at Patni Knowledge Centre at Noida is a case in point wherein samples were sent to the IT company by an international client to develop a prototype for a handphone. Mysteriously, one of the samples went missing. The company naturally panicked. Reputation was at stake. Instead of the cops, it hailed the services of Globe Detective Agency, which in turn did an IMEI (International Mobile Equipment Identity) tracking-fortunately, the company retained the IMEI number-and the thief was nabbed. He was none other than one of the security guards of the company. “The case in question was not that of an IP theft but an indiscreet act by one of the security guards. The client asset was promptly recovered and we have taken necessary legal action against the concerned person in line with the company policy,” says a Patni spokesperson, adding how the company has beefed up security with an extensive network of surveillance cameras, access control measures with shrill alarms to prevent unauthorized entry, maintenance of daily inventory of high-value items and awareness programmes with teams on IP and security-related issues. “Anti-management activities like pilferage, theft and unionization are rampant these days, for which companies have an eye on all levels,” claims Sachit Kumar, a director at the Delhi-based Globe Detective Agency.
If the Patni case turned in a blue-collar worker, in its neighbourhood, a financial services company which goes by the name of an alpine fruit turned up five middle managers who were found meddling with the name and contacts of a client of the company last year. They contacted the company’s client and ran a parallel business from the basement, like in last year’s Bollywood release Rocket Singh. This case too went to a detective agency that used CCTV footage to make them confess. Incidentally, new-age surveillance cameras have gotten much smarter. The 360-degree cameras are all the rage, often equipped with audio, and quite unlike the static or swivel cameras of the past.
Going by the KPMG Fraud Survey 2010, the heightened sense of security among companies is justified. Among 1,000 respondents from Indian companies, 45% say fraud has increased in their organisations and as much as 81% say financial statement fraud is a growing syndrome. The survey also gives a roadmap for key risk areas in the future – computer-related fraud, intellectual property theft, bribery and corruption.
“The level of skepticism has gone up post-Satyam and there is leakage in the whole supply chain side. Corporates want to make the system more efficient,” says Deepankar Sanwalka, Executive Director-Forensic Services, KPMG and the architect of the survey.
The security business is booming, particularly after the downturn. “People now want to ensure that their money is well-spent and so they go in for due diligence at the top and senior levels,” says Ajay Trehan, CEO of screening and due diligence experts Authbridge Research Services. Most cases that land up at Authbridge these days pertain to either employees who are responsible for high-value investments or high value/volume procurement. “The promoter wants to be doubly sure before trusting his employee.”
Perhaps that explains why Pramoud Rau, the 52-year-old MD of the Rs 450-crore Zicom Electronic Security Systems, is laughing all the way to the bank. Over the years, particularly in the last few months, he has seen his business grow in the security and surveillance space. Rau clearly draws a line between the two. “If it is a BPO, then more of surveillance is required over security as a lot of incidents of indiscipline take place in the night shifts and also the top management wants to keep a tab over the quality of calls employees make or receive … .however, banks prefer enhanced security over surveillance with heightened demand for gadgets like CCTVs and access control systems,” he says. Some companies deploy a complete one-size-fits-all solution with CCTVs and access controls linked to payroll. It not only prevents unauthorised entry but also logs in the time of entry and exit and calculates the number of hours the employee has put in on the workstation all in full glare of the camera. Again, information leaks in highly confidential meetings are commonplace. This is when mobile jammers come into play. In top secret board meetings, mobile phones of the participants are jammed to maintain confidentiality. Even the sales force and service teams are tracked. “Typically, small GPS boxes are thrown into their bags to ensure verity,” says Rau.
But the demand for enhanced surveillance can be offset by, say, an acquisition as Zicom found out. It was providing CCTVs to an IT client for almost 12 years when the company got acquired by an American MNC. As the writ of the multinational started running, it ordered all CCTVs be removed from workstations and put in the common area since the global policy of the company did not allow employee scrutiny at workstations. When the top managers of the Indian arm raised objection, they were told that the MNC was running such partial surveillance successfully in 100 countries and India was no exception.
While such respect for individual privacy is rare, other companies are wiring up with Building Management Systems, a network with smart equipment that talk to one another. “Access control devices, CCTVs, intrusion detection systems are all linked to each other in the control centre and video analytics is woven into modern-day cameras that can identify the minutest of details in the image and sends out alarms,” says Gaurav Taneja, Director, Crisis and Security Consulting at Control Risks. Besides, data can never be erased. “When forensic analysis of hard disks is done, a mirror image of the PC is taken, which provides a complete image of the data in that PC … .a procedure is followed wherein it stands in a court of law, and of course, there is software to retrieve that data,” he adds. Computer forensics is SK Sharma’s favourite subject of conversation. Sharma, a director at Premier Shield Security Solutions, deployed computer analytic for his clients six months back and claims that accounts for 10-12% of his company’s revenue share. “We have tracked cases where employees have copied office material on pen drives and opened the same elsewhere … .remote tracking is also a possibility with computer forensics,” says Sharma. He feels that the most interesting zones in offices are the common areas. “Water coolers, canteens, smoking alleys, common zones in wash rooms are the hotbed of rebellion,” he chuckles.
At Genpact, India’s largest BPO company, voice-based and transactions-based jobs are monitored separately. “In phone jobs, we have dialers or distribution centres that throw calls to all agents on the floor and monitor the number of calls whereas in transactions, we measure the transactions but not the time spent on them since a good worker will be able to churn out a certain amount of transactions per day,” explains Piyush Mehta, Sr. VP-HR, Genpact. With 41,000 people on its rolls worldwide, the Gurgaon-based Genpact cannot afford slippages. While it has hired Brian Connor, who served in the British Army’s Intelligence Corps for 23 years, as its global security officer, there are certain inbuilt security processes-paperless and printer-less financial services floors and access controls. In fact, mobile phones too are barred on these “sensitive” floors and there is only intranet for company online.
Even at enterprise communication service provider Tulip Telecom, monitoring is a habit. “In sales, we’ve customised salesforce.com to our advantage and the software can monitor every move of our 220 sales agents across the country from targets to something as granular as calls they make daily,” says Deepinder Bedi, Executive Director, Tulip Telecom. Besides, the IT team at Tulip screens every laptop before it leaves the premises so that company-specific information stays within the four walls. Interestingly, the company started using a service last month that remotely wipes off details from mobile phones. “If you use Microsoft Exchange and BlackBerry and have company-specific emails and directories stored on your mobile phone, all that information can be wiped off remotely accessing Microsoft Exchange and BlackBerry enterprise servers,” says Bedi.
For JK Karan, VP-Consultancy and Investigation, Security and Intelligence Services (SIS), tapping employee conversations is no rocket science. “It all has to do with the corporate connection, wherein the company claims that the connection is its very own as the employee is being reimbursed for the service. So if the company has suspicion on any particular worker, it zeroes in on the staff with the service provider and a cop to tap into the talk,” he says. Nearly a year back, his company was called in after tenders went missing at an NCR-based IT firm. The SIS team analysed CCTV footage for three days. “One frame of the footage threw up a black point (that particular point of the room that the camera doesn’t pick) and clearly the miscreant was aware of this lapse … but we spotted a shady figure in the very next frame and nabbed the person … the very next day, the tenders were back,” says Karan
True, legislation on telephone tapping is still pending before Parliament as only some judicial pronouncements on the subject have been made. Even the Data Protection Bill is hanging fire as a Standing Committee is currently debating on it. But clearly, laws regarding data protection, privacy and confidentiality now form part of employment contracts. “Although that empowers an employer to gather information on an employee and his family, the latter should not be victimised by the employer on the basis of such information. That is unfair treatment,” says Dharmesh Shrivastava, Partner-Employment & Labour Laws, Fox Mandal Little. Top firms tend to adhere to global practices when it comes to privacy. For instance, according to Ronesh Puri, MD of search firm Executive Access, right at the onset, some banks mention in their employment letters that emails of employees will be monitored. Ostensibly, Deutsche Bank is among those that do it.
While such transparency is laudable, most corporates take advantage of opaque privacy laws in India to spy on workers. However since in 90% of the cases the reputation of the company is at stake, filing an FIR is the last resort. As much of the cases go unreported, companies largely depend on hired hands like private eyes or security agencies or even ‘freelancers’ who ply the trade as former IB or Army personnel. And though surveillance levels vary depending on occupations within the workplace, even a well-meaning employee unwittingly comes under the scanner.
AuthBridge helps you with fast, friendly, and comprehensive background and due diligence solutions – smarter in every way.