Jane Doe works as an HR recruiter for a global corporation in Noida. As a recruiter, she takes advantage of her company's flexible work-from-home policy and rarely comes into the office. A specialist in leadership recruitment and retention, she is involved in performing background checks for potential candidates. Jane has access to premium memberships supplied by her firm around the world to recruit senior roles in her organisation. Jane discovered a European consultancy firm eager to use her expertise on a contract basis to carry out senior management recruitment for their clients a few months ago. As a contractual employee, she would be compensated for the success of each leadership role filled and would be paid in euros rather than the currency in her country.

Jane divides her time between India and the EU. She also uses her company's premium subscription to explore suitable European candidates for the consultancy's clients. She has been able to close some high-profile recruitment positions in this fashion. This is how a life of a typical moonlighter looks like. 

Moonlighting has made news in India in recent months, with some prominent IT businesses cutting off staff who were implicated in a breach of contract by moonlighting. While some firms have dismissed employees, who moonlight, and many have either cautioned employees to stop all such activities or provided alternative workarounds for employees who want to use their skills outside of their present projects. Although the emphasis appears to be on IT employees and developers, many other roles in an organisation, including those in marketing, human resources, and operations, are sometimes ignored or underestimated due to preconceived notions.

The legal position of moonlighting in India

Moonlighting is not explicitly permitted or prohibited under Indian law. Dual employment is permitted under the Industrial Employment (Standing Orders) Act of 1946, but it is prohibited under the Factories Act of 1948. Additionally, different states in India have distinct labour regulations that may or may not allow multiple employment. The specific contract between employees and employers must be analysed in the absence of unambiguous guidelines.

Prevent moonlighting

Identifying the fundamental cause of a problem is the best method to solve it. Although moonlighting has been around for a long time, there has been an exponential increase in moonlighting in the last few years due to the Covid-19 pandemic and work-from-home conditions that allow individuals to engage in second employment. Companies can dramatically reduce occurrences of moonlighting by limiting work-from-home regulations.

To discourage moonlighting, enterprises must reconsider their cloud infrastructure regulations and access rules and policies, in addition to prohibiting work from home. Cloud computing technologies have become the most important enablers of dual employment. Employees can quickly access emails, chats, and applications hosted on the cloud using their own personal device or the device of the dual employer because of ease of access. For example, during her EU hours, Jane Doe routinely logs in to her full-time employer's email and chat services using Cloud. She can also use her phone to access her full-time employers' emails and chat messages as these applications are cloud hosted. This way no one suspects her of dual employment as she utilizes the cloud to immediately respond to any emails or chat messages.

Identify moonlighting using technology

Most firms rely significantly on employers’ provident fund data to identify moonlighting in a non-intrusive manner. This strategy, however, is only applicable when both employers offer provident funds to their employees. Employees are often savvy and avoid dual employment with both firms having a provident fund. Furthermore, contractual, or part-time positions are frequently exempt from provident fund contributions, making them a favoured employment conduit for multiple employment.

Moonlighting is best identified with access management solutions that log device-related information such as machine/device name, MAC address etc. Employees indulging in moonlighting often use one corporate device to remotely log into another corporate account or application. Companies can discover instances where employees are logging into their accounts or applications using different devices by logging device-related information.  For instance, Jane Doe frequently logs into the premium subscriptions given by her full-time employer using the laptop of her consultancy firm. By logging device-related information, companies may detect all instances of non-company-provided assets accessing a particular account, application, or subscription.

Furthermore, proxy logs and firewall logs can contain a wealth of relevant information that can be used to detect suspect moonlighting activities. However, even for a mid-sized firm, the amount of data created is huge, and performing an analysis needs significant knowledge.

Prevent data loss despite moonlighting

The most significant risk that moonlighting poses to an organisation is the loss of intellectual property as well as confidential and sensitive data. Customised data loss prevention solutions can be used to limit the risks related to data loss due to moonlighting practices.

Solutions such as Virtual Desktop Infrastructure (VDI) can be used to isolate sensitive data such as design files or software source code. Users can remotely access their virtual desktops while the data remains on the server instead of the endpoint. Access to essential applications can also be routed through the VDI solutions, ensuring that sensitive data does not leave the organization's servers.

Moonlighting isn't going away. Alternative employment arrangements are quite popular in the Western world and have even increased significantly as a result of the emergence of the online platform business. While IT coders and developers have been in the spotlight in recent months, moonlighting is affecting an increasing number of employment roles and profiles. While the legality of the second arrangement is determined by the contractual provisions of the individual's agreement with the engaging entities, companies must be prepared to use technology to detect and prevent instances of moonlighting.