To prevent, detect and remediate security incidents, IT security organizations have traditionally focused attention on the monitoring of internal infrastructure, according to the Gartner study.

The popularity of consumer cloud services, such as Facebook, YouTube and LinkedIn, provides new targets for security monitoring, but surveillance of user activity in these services generates additional ethical and legal risks, the study says.

There are times when the information available can assist in risk mitigation for an organization, such as employees posting videos of inappropriate activities within corporate facilities. However, according to the press release, accessing the information can generate serious liabilities, such as a manager reviewing an employee's profile to determine his or her religion or sexual orientation in violation of equal employment opportunity and privacy regulations. 

A wide range of products and services have emerged to support these actions and many public relations firms provide social media monitoring as a standard client service, the Gartner release said.

Security organizations are beginning to see value in the capture and analysis of social media content, not just for internal security surveillance, but also to enable detection of shifting threats that impinge on the organization, according to Gartner, Inc. This might be physical threats to facilities and personnel revealed through postings concerning civil unrest, or it may be threats of logical attacks by hacktivists.

Early detection of shifting risks enables the organization to vary its security posture to match and minimize negative impacts, the release reported.

More of the report, "Conduct Digital Surveillance Ethically and Legally: 2012 Update," can be read on the Gartner website.