Question Company Admin onmicrosoft

Joe the meek

Honorable
Jan 18, 2017
20
0
10,510
Hi All

I'm writing a short story and I need some technical help. So this guy is working for a company and he signs onto an onmicrosoft account for his local company. He finds out that company is up to nefarious actions. Can the company have added spyware to the account to track him or use any programs in Microsoft enterprise to do it? I know you can get an admin but I'm not sure how much control they could have if they don't play by the rules. Any help would be appreciated.
 

Joe the meek

Honorable
Jan 18, 2017
20
0
10,510
He is using a company provided PC or laptop?
Connected to the company network?

Monitoring software on the PC, turn the camera on, log what websites you go to, how much bandwidth you consume, keylogger on the PC, etc, etc.

Thanks for your reply its helpful. I'm torn between a BYOD or if he is an outside contractor I know Microsoft have a Activity log in their 365 software but not sure what that could give the admin.

In the story he gets sent an email that he shouldn't have. I wanted to know current tech as thinking if he has to download third party software or I can explain it away without that option.
 

Joe the meek

Honorable
Jan 18, 2017
20
0
10,510
Thanks for your reply its helpful. I'm torn between a BYOD or if he is an outside contractor I know Microsoft have a Activity log in their 365 software but not sure what that could give the admin.

In the story he gets sent an email that he shouldn't have. I wanted to know current tech as thinking if he has to download third party software or I can explain it away without that option.
For a company PC, the company can absolute add tracking software to make sure the employee isn't wasting company time or getting into nefarious activities. The system administrator can add this software at any time.

Just be careful with accusations like that.

Hi

Thanks for you reply. I won't be accusing anyone I'll use an ACME office software but I'm interested in knowing how the current tech works or if i need to invent something. I know 365 has an activity report but not sure how detailed that it is from an administers perspective. I just want something my MC doesn't expect to lead to him after he is sent sensitive papers.
 

USAFRet

Titan
Moderator
Thanks for your reply its helpful. I'm torn between a BYOD or if he is an outside contractor I know Microsoft have a Activity log in their 365 software but not sure what that could give the admin.
BYOD has its own issues.

The company and their network is trusting that the device is not riddled with viruses.
The employee has to trust that the company will not scrape and slurp up the entire contents of the device, or install their intrusive software.
 
  • Like
Reactions: Joe the meek

Joe the meek

Honorable
Jan 18, 2017
20
0
10,510
Hi

So how would the BYOD be downloaded by the third party software? Is it when they connect via the Network or do they sign to accept it. I read that 365 they use a onmicrosoft account which means if you upload to the cloud its viewable by admin but I don't they can load third part software via that method but I heard it has an activity tracker so not sure if they can scan the device at home or only on the work network.

I'm planning he gets a confidential email at home and the company can see that he has a classified file by its name but I'm unsure if they would get the name of the recipient. I want to use tech that is current as set in the present and I can understand. I will use an ACME company name but something like the activity report he might overlook.
 

USAFRet

Titan
Moderator
BYOD would be preceded by an agreement between employee and employer. Written and signed.
"By connecting your device to our network, you allow us to....."

For emails sent between you and me, the email address on both ends is absolutely known by all the servers in the chain.
The Sender can be changed/obfuscated, but the recipient must be known.

The contents of the email may be completely unknown. An attachment could be encrypted, the decryption key known only to the recipient.

Some file uploaded to "the cloud" (microsoft/google/amazon) may be similarly encrypted, contents completely unknown to anyone except sender and recipient.
 

Joe the meek

Honorable
Jan 18, 2017
20
0
10,510
BYOD would be preceded by an agreement between employee and employer. Written and signed.
"By connecting your device to our network, you allow us to....."

For emails sent between you and me, the email address on both ends is absolutely known by all the servers in the chain.
The Sender can be changed/obfuscated, but the recipient must be known.

The contents of the email may be completely unknown. An attachment could be encrypted, the decryption key known only to the recipient.

Some file uploaded to "the cloud" (microsoft/google/amazon) may be similarly encrypted, contents completely unknown to anyone except sender and recipient.

Sorry for the late reply. Thanks this is perfect. So the sender could if using a laptop at home have the emails viewed if someone known to them sent something. The contents wouldn't be known but the sender would be.