1. Barring illegal activities, why do you think that employees in the organizations featured in the case do not realize themselves the dangers of loosely managing proprietary and sensitive information? Would you have thought of these issues?
2. How should organizations strike the right balance between monitoring and invading their employees’ privacy, even if it would be legal for them to do so? Why is it important that companies achieve this balance? What would be the consequences of being too biased to one side?
3. The IT executives in the case all note that outbound monitoring and management technologies are only part of an overall strategy, and not their primary defense. What should be the other components of this strategy? How much weight would you give to human and technological factors? Why?

It’s not what’s coming into the corporate network that concerns Gene Fredriksen; it’s what’s going out. For the chief security officer at securities brokerage Raymond James Financial Inc. in St. Petersburg, Florida, leakage of sensitive customer data or proprietary information is the new priority. The problem is not just content within e-mail messages, but the explosion of alternative communication mechanisms that employees are using, including instant messaging, blogs, FTP transfers, Web mail, and message boards. It’s not enough to just monitor e-mail, Fredriksen says. “We have to evolve and change at the same pace as the business,” he explains. “Things are coming much faster.”