Employers monitoring their workers' computer keystrokes might seem intrusive, but it's just one of the many ways workplace surveillance is being carried out today.
The short answer for this is that an employer probably doesn’t give a shit about you watching youtube at work, but what they (by they, their IT/security teams) do care about is your account logging in from a new geolocation, or clicking a risky link in an unusual email. If the employer logs everything that occurs (which is required by a lot of areas such as PCI DSS for electronic payment) they can track who’s account was compromised, how it happened, exactly what was done by the actor, and how far it’s spread across the network - if at all. If no logs are kept, then it may as well have never happened.
ETA: there’s a large difference between mouse tracking mentioned by the article and logging though, the former is rather unethical and I’d hope that it’s never used in the name of security, I sure can’t think of a use.
“if you’ve got nothing to hide, you’ve got nothing to fear” was always BS.
The short answer for this is that an employer probably doesn’t give a shit about you watching youtube at work, but what they (by they, their IT/security teams) do care about is your account logging in from a new geolocation, or clicking a risky link in an unusual email. If the employer logs everything that occurs (which is required by a lot of areas such as PCI DSS for electronic payment) they can track who’s account was compromised, how it happened, exactly what was done by the actor, and how far it’s spread across the network - if at all. If no logs are kept, then it may as well have never happened.
ETA: there’s a large difference between mouse tracking mentioned by the article and logging though, the former is rather unethical and I’d hope that it’s never used in the name of security, I sure can’t think of a use.