Long before the digital era, organizations across the globe focused on one common risk that spanned every size of business and penetrated every industry …

Shortcuts

INTRODUCTION 

Unpredictable Human Behavior

Today, as organizations continue to undergo a massive digital transformation and seek new ways to connect employees, unpredictable human behavior still weighs on the minds of executives, perhaps even more so than ever before.

A Note From Wiretap's Head Researcher

Jason Morgan, PhD

Jason Morgan, PhD

Vice President of Behavioral Intelligence

Open, efficient communication drives innovation in the modern workplace, where it can facilitate knowledge transfer and problem solving, reduce uncertainty, and break down geographic and managerial hierarchies. 

Yet, leaders still hesitate to rollout digital collaboration technologies. After all, these platforms often encourage more informal communication, which can lead to both good and bad behavior.
 
Executives worry that employees will share confidential information (maliciously or not) with people they shouldn't; that these platforms will become conduits for harassment and other toxic behaviors; or that they will just provide another, needless distraction for employees already suffocating under the weight of email and text messages.
 

However, the advantages of collaboration platforms greatly outweigh any perceived risk. Furthermore, the risks associated with collaboration platforms are manageable—certainly more so than trying regulate inappropriate banter around the water cooler.

The following report provides an unprecedented glimpse into how employees communicate on enterprise collaboration platforms. While much of the focus of the report is on gauging risk, the results should also provide encouragement to leaders pushing for broader adoption of collaboration tools.

Some of the results highlighted in the study are unsurprising. For instance, scholars have long known that small groups of heavy users often drive communication networks, and we find the same thing: in our sample, approximately 25% of users author more than 80% of all messages. We also find that toxic behavior is relatively rare and is mostly driven by a small group of employees in private conversation.

Ultimately, this report provides insight that we already know: human behavior is unpredictable. And despite the small population of risky collaboration users, organizations need the ability to identify toxic actors before they ruin company culture. As the idiom goes, one bad apple can ruin a whole pie, or in this sense, your organizational health.

Organizations need to track the sentiment and tone of both public and private conversations in order to get a true pulse on the health of their community and assess any areas of potential risk—and they need to do this efficiently without disrupting an already overworked team.

  

Despite the clear benefits of digital enterprise collaboration platforms such as Workplace by Facebook, Microsoft Teams, Yammer and Slack, organizations sometimes hesitate to fully implement these technologies.

Leaders cite concerns around security against insider threats, regulatory compliance and company policies. 

With frequent data breaches and cloud storage infiltration, CIOs and CISOs are rightly concerned. After all, 53% of data security incidents in 2017 resulted from employees, including factors such as human error. 

Furthermore, leveraging digital enterprise collaboration creates blind spots within an organization; that is, little to no visibility into areas of shared content and conversations amongst employees. This exposes the organization to potential threats such as data loss, inappropriate workplace behavior (think: Uber) and damage to brand reputation.

Companies leveraging digital collaboration gained: 31% faster time-to-innovation, 25% fewer meetings, 20% higher employee retention, 15% increased productivity, 10% revenue growth. Source is from McKinsey Study, marigolds.co.uk, 2016

Potential Threats in Digital Collaboration

To better understand the potential threats within organizational blind spots, we examined three overarching categories:  

Smiley face icon

Sentiment Score 

A measurement of the mood and feelings of employees towards the company, culture, and leadership.

Sneaky hat and glasses icon

Insider Threat Level

 The level of risk presented by individuals within the organization of a potential breach; this includes both inadvertent or malicious actors.

Nuclear symbol icon

Toxicity Score 

A measurement of distracting behaviors that make peers feel unsafe, isolated, and/or harassed.

Let us be clear: this Human Behavior Risk Analysis Report is not intended to scare leaders nor block the full implementation of enterprise collaboration platforms.

This purpose of this report is to expose collaboration blind spots, and illustrate where technology – and rapid advancements in machine learning, in particular – can play a key role in helping to understand and manage collaboration.

HIGHLIGHTS

Observations and Key Findings

Collaboration platforms continue to gain traction in workplaces around the globe.

Employees tend to communicate in a much more casual and candid manner on these tools than more traditional platforms (e.g. email).

This new source of communication data presents your organization an opportunity to not only better understand sentiment, but also to monitor topics, keywords, and shared content that gives your teams the information they need to make better, more informed decisions.

 

Negative Conversations

1 of every 190

Private Messages

1 OF EVERY 280

Public Messages

 

Passwords Shared

1 in 149

Private Messages

1 in 262

Private Messages

 

Confidential Information Shared

1 in 190

Private Messages

1 in 118

Public Messages

 

Negativity Lives in the Dark Corners of Digital Collaboration

 

43%

43% of All Messages Are Private.

135%

Messages in Private Groups Are 135% More Likely to Be Toxic Than Messages in a Public Environment

250%

Messages in 1:1 Conversations Are 250% More Likely to Be Toxic Than Messages in a Public Environment

1 of 7

1 Out of Every 7 People Exclusively Use Private Communication

160%

Messages in Private Conversations Are 160% More Likely to Be Toxic Than in a Public Environment

1 of 170

1 of Every 170 Messages Have Words Associated With Sex

This Includes Public Messages!

In an Organization With 15,000 Employees …

Employees who area sending this harmful content daily could potentially harm workplace productivity, and at worst, cause a major PR crisis and open an organization up to risk of legal action.

9 alarming messages sent per day. 1 to 2 employees sending alarming content per day.
SECTION ONE

Employee Sentiment in Shared Messages

Sentiment is an attitude, thought, or judgement prompted by a feeling. A sentiment analysis aims to determine the attitude of the author within a given message.

On an aggregate level, organizations can audit employee mood and feelings towards the company, culture, and leadership.

The Impact of Sentiment

Sentiment impacts companies in profound ways.

With an understanding of employee opinion, leaders can better determine where to invest in company culture, development, and workplace conditions, which in turn helps to:  

 

Icon of an arrow pointing down

Reduce Employee Turnover

Employees are expensive, especially new hires. Unhappy employees tend to leave companies and, even if not explicitly stated, their digital communications can indicate hints of this sentiment. By understanding employee opinion, companies can implement workplace processes, perks, or changes to keep employee morale high. 

Icon of a checkmark

Improve Customer Experience

Sentiment is a strong indicator of employee engagement and engaged employees are more likely to improve customer relationships, leading to a 20% increase in sales.

Icon of an arrow pointing up

Boost Brand Reputation

Employees are your strongest brand advocates. They know the ins and outs of your organization and its values. It stands to reason that employees with a more positive opinion towards a company speak more highly of the organization when in the community and within their network.

The Power of Positivity

The majority of messages sent each day remain neutral, as scored by Wiretap’s proprietary Sentiment Model. This is expected, as digital collaboration should focus mainly on achieving efficiencies with work. However, approximately 1 of every 5 private messages sent each day score positively; this might include messages of praise for an outstanding team or excitement over a recent initiative.

This number grows to 1 out of every 3 messages, when looking at public conversations. Positive messages, such as these, can help boost employee morale and overall productivity.

Message sentiment and Volume over time - from January to April of 2018


When tracked over time, organizations glean valuable insights regarding employee reaction to major announcements. Alternatively, leaders can identify negative trends quickly and search for a possible cause and appropriate solution.

By drilling down to specific business units or work groups, organizations can identify problem areas that might affect the entire company – or find stellar groups to acknowledge and use as role models. 

 

Fantastic work Team Nash!!! Loving the enthusiasm and passion for our new conversation framework and very much looking forward to seeing you all in person in coming weeks and hearing all about the great customer outcomes you have been delivering!

Thanks John, you’ve done a fantastic job pulling everything and everyone together. And well done to Casey for producing such great activities. It’s going to be a great event, I’m just hoping with all the excitement I remember to keep posting and tweeting!

Negative Messages Cast a Larger Shadow

While negative messages comprise just 0.3% of the daily messages sent, they often cast a much larger, darker shadow on an organization. 

Looking at active contributors (those who sent 10 or more messages), the number of Yammer profiles with the most negative sentiment metrics (shown at L/R, in red) greatly outweigh the users with the most positive sentiment (shown at L/R, in green). 

The negative messages live in the dark corners of digital collaboration.

In fact, only 1 out of every 380 public messages receives a negative sentiment score. As expected, private groups and conversations are even more likely to skew negatively—in fact, 1.5 times more likely.

But when looking at individuals who only communicate via private messages (2 out of every 13 individuals), they are 245% more likely to send negative messages.

For an organization with 10,000 employees …

This translates to approximately 6 negative, potentially-harmful messages a day within public and private conversations. Six messages might not seem like much in the way of volume, but without understanding the context surrounding it, or the content in the message, organizations can’t identify the true detriment or cost to the workplace.

SECTION TWO

Employee Toxicity in Shared Messages

Sexual harassment, bullying, racial slurs – all of these are examples of toxic behaviors. These distracting behaviors make peers feel unsafe, isolated, and harassed. And a toxic employee, one whom engages in these activities, is one of the worst things that can infiltrate the workplace.

Toxicity Is Contagious

Toxic employees have a way of spreading their behavior to others around them, similar to a nasty virus; crippling others morale, performance, and productivity.

While not all employees are toxic, all employees are capable of adopting toxic behaviors and people who are close to a toxic employee are more likely to become toxic themselves.

At Wiretap, We Look at Toxicity in 3 Main Categories:

type-of-toxicitiy-unprofessional

 

 

Unprofessional:

The message uses harsh language, slurs, phrases or innuendo that is not appropriate for a work environment, but wouldn’t necessarily qualify as inappropriate in a personal setting.

Two chat bubbles. One with "WTF? Why is this greasball goon now involving himself in politics?" The other with "P.S. I think everyone has the xmas shits luvbahahahahahaha"

type-of-toxicity-general-harassing

 

 

General Harassing:

The message contains off-color jokes or content that might offend a person or group; the message includes sexual innuendo that may be offensive to others, but is not targeted at the message recipient.

Chat bubble with "…I feel like I'm always compared to that f*kwit,"

type-of-toxicity-discrimination

 

 

Discrimination:

The author expresses strong dislike of a person or group of people; the message contains racial, religious or sexual slurs towards a person or group; the message creates an unpleasant or hostile situation, possibly sexual in nature, particularly if the message is targeted at the recipient or coworker.

Chat bubble with "I hope your halo doesn't fall off when you're riding the f*** out of my big fat c***.

The Impact of Toxicity In the Workplace

Most organizations want to track and understand toxicity in the workplace. Toxicity causes the organization and the employees to suffer: poorly managed work groups are generally 50% less productive and 44% less profitable. And men who worked for toxic managers were 60% more likely to suffer a heart attack.

Tracking individual employee toxicity over time can help identify and differentiate habitually toxic employees from those who begin to trend more toxic than previously.

Using these insights, organizations can dig deeper to understand why an individual might suddenly exhibit toxic behaviors by looking into the context around the toxic messages.

Analyzed by Aware by Wiretap's Enterprise AI: Message Toxicity and Volume Over time. Cyclical volume from January to April 2018

Toxicity In Private Messages

Our data reveals that messages in private groups are 135% more likely to be toxic and messages in private, one-to-one conversations are 250% more likely to be toxic than messages in a public setting. 

Additionally, individuals who only communicate in private groups or conversations are 160% more likely to send toxic messages.

At one organization an individual revealed his or her sexual orientation and was subsequently harassed via private messages from colleagues. Using this scenario, if the harassment continues over time and goes unaddressed, the victim might begin to feel unsafe and unwelcome in the workplace, leading to disengagement and potentially toxic behavior.

However, if an organization quickly identifies the harassment, or begins to see that the victim is trending negatively, leaders can intervene appropriately.

   

Actual message a person sent to an openly gay employee: No such things as a lesbian.
Likelihood of a toxic message, based on a baseline toxicity from public messages. Private group +135%. Private One-to-One Conversations +250%

 With 43% of all messages occurring in private groups or conversations, organizations face the potential for toxic messages to proliferate out of control.

In addition to harassment, employers must also deal with toxic behaviors such as drug usage, discrimination, sexual misconduct and more. As expected, private messages are nearly 160% more likely to contain words associated with illicit and pharmaceutical drugs.

With 43% of all messages occurring in private groups or conversations, organizations face the potential for toxic messages to proliferate out of control.

In addition to harassment, employers must also deal with toxic behaviors such as drug usage, discrimination, sexual misconduct and more.

  • As expected, private messages are nearly 160% more likely to contain words associated with illicit and pharmaceutical drugs.
  • Somewhat surprisingly, 1 out of every 170 messages, including public messages, contains words associated with sex.
  • 1 out of every 132 individuals sent a not-safe-for-work (NSFW) or toxic message within the first quarter of 2018.

In an organization with 15,000 employees, this translates to over 130 individuals who sent a message that could, at best, potentially harm workplace productivity, and at worst, cause a major PR crisis and open an organization up to risk of legal action. 

SECTION THREE

Employee Insider Threats in Shared Messaging

Insider threats are one of the most prevalent threats in an enterprise environment, and are difficult to mitigate. Many of these breaches result simply from human error or negligence, rather than a malicious incident.

Accounting For The Cost Of An Insider Breach

According to Ponemon*, the global average cost of a data breach is $3.62 million, regardless of if the incident stemmed from an intentional or accidental act.
 

Furthermore, an article in the Harvard Business Review estimates that 80 million insider attacks occur annually, a cost that amounts to more than $10 billion in fines, penalties, or operational disruption. That doesn’t even account for the unquantifiable damage to an organization’s brand and credibility.

 

Private conversation messages are: 144% more likely to contain 'confidential' content, 165% more likely to contain identification numbers, and 6 times more likely to use 'password' keywords

Information Sharing is Easier, and More Reckless, Than Ever

As employees become increasingly dependent on digital tools for day-to-day communication, the interactions become more casual and, at times, careless. This creates even more space for breaches or sensitive information sharing.

More and more organizations continue to adopt digital collaboration platforms, but the real-time sharing of unstructured data within these tools creates a critical gap in the overall business security fabric.

While nearly all organizations deploy security measures and data loss protection (DLP) for email and internet usage, few realize the blind spot created by using collaboration tools without proper monitoring and governance in place.

 

Symantec 2018 Shadow Data Report. 13% of all files stored in the cloud are broadly shared, and 1% of these files contain compliance related data. 18% of all PII, 13% of all PCI and 56% of all PHI shared in the cloud is overexposed. 68% of organizations have some employees who exhibit high-risk behavior in their cloud accounts (activities such as data destruction, data exfiltration, and account takeovers)

 

“But… We Only Hire Good People in My Organization” 

Wiretap COO, Greg Moran says that “it is an inconvenient truth that not everyone inside an enterprise is trustable, despite all efforts to hire trustworthy employees.” 

It’s tempting to fall in the trap of thinking, but we hire good people here! We trust our employees.

The unfortunate truth is that nearly every organization will have an employee that is not acting in the best interest of the company.

Actual Messages - Hi Josie, the password is… — If ABA balances were available anyone could submit allocation traders with fake signatures — STRICTLY CONFIDENTIAL - SUBJECT TO- DRAFT.pdf — Can you send me the budget with the 2018 executive compensation forecast
CONCLUSION

Collaboration Tools & Human Behavior Risk

As with any emerging technology, introducing tools like Microsoft Teams, Yammer or Workplace by Facebook exposes organizations to some inherent risks.

These platforms house more informal, frequent correspondences in both private and public forums. Our research very clearly shows that employees do, in fact, behave differently in a public versus private digital environment, and this does introduce a new set of potential risks to the enterprise security ecosystem.

The most unpredictable risk of them all impacts both company security and organizational health: human behavior.

Choose Secure Collaboration

We’ll be the first to say—at Wiretap—we love collaboration and are exhilarated for the future of the digital workplace. We believe in the impact of increased cross-functional communication, enabled innovation, and real-time information sharing.

Sometimes the task of problem-solving for risk mitigation makes it tempting to say no to adopting collaboration tools. However, that could ultimately cost your organization greatly in lost productivity. That’s why we seek to serve as collaboration ‘unblockers’ for enterprises around the globe and refuse to let risk halt innovation and progress.  

We believe in this so strongly that we created a solution that mitigates human behavior risk, while also tapping into a plethora of employee collaboration content in order to offer real-time insights to the organization. 

Monitoring & Compliance Solution for Enterprise Collaboration

Aware by Wiretap

Aware by Wiretap seamlessly integrates with Microsoft Yammer, Teams, and Workplace by Facebook.

The solution delivers exceptional visibility into shared employee content (both private and public); enables compliance with regulations such as GDPR, HIPPA, and FINRA; and facilitates safe collaboration by monitoring shared files and materials for insider threats, harassment and more. 

5 messages Aware by Wiretap would've caught regarding PHI, PCI, HR violation, Threat, and Leak

Attain Actionable, Near Real-Time Insights

Enterprise leaders deserve tools that provide value, making decision-making simpler. That’s why the Aware platform not only enables enhanced visibility, but also leverages a proprietary AI-infused model to offer truly actionable insights from the vast amount of unstructured data housed within an enterprise collaboration program. 

 

 

Smiley face icon

Sentiment Score
A measurement of the mood and feelings of employees towards the company, culture, and leadership.

a icon

Toxicity Score
A measurement of distracting behaviors that make peers feel unsafe, isolated, and/or harassed.

Sneaky hat and glasses icon

Insider Threat Level
The level of risk presented by individuals within the organization of a potential breach; this includes both inadvertent or malicious actors.

 

Enable Timely and Effective Responses 

With a data breach or workplace toxicity, it’s not enough to simply know of the issue. An appropriate, timely response can make or break your organization’s reputation.

That’s why Aware by Wiretap allows leaders to configure custom policies in order to identify and respond to incidents within the collaboration environment. This might include automatically deleting sensitive file-sharing (e.g. information breach), alerting a leader of inappropriate content (e.g. sexual harassment), or simply sending the offending employee a pre-composed coaching communication regarding the infraction.