How Much Does Your IT Department Know About You?

[Guest]

If you're on a company computer, your employer could be logging your every move. But how much can your company really know?

How Much Does Your IT Department Know About You? : Read more

 

[jkhoward]

Well, I do IT. And at each job I've worked at, the only monitoring we had in place was porn filter. If we wanted to, we could do more. But we really don't care unless it's being asked of us by a manager. If you have a company car, or phone, you could most likely be tracked. But again, that usually never happens unless requested by a manager.

EDIT: TL;DR - Don't do anything that would make your manager need to spy on you.

 

[mwryder55]

I also do IT, and most of what I implement at work is preventing employees from violating various laws that could get the company sued. Our corporate anti-virus blocks porn, gaming, and violence web sites along with preventing the use of USB sticks or phones and CDs. The only real monitoring we do is recording all phone calls, but they are usually only listened to if a problem occurs. We do not allow cell phones in the work place, they have to be locked in a locker.

 

[anbello262]

I just don't use my personal accounts on my work computer. It's work time, not leisure time, and if I happen to need a break I am allowed to have my phone with me.
(Even if I weren't, I would still not use any of my personal accounts, worktime is for work)

 

[AnimeMania]

If I was in IT, I would be most worried about people plugging unknown USB storage devices into their workplace computers.
Can IT remotely turn on your webcams to do a little secret spying, don't use your cell phone while in the bathroom.
it would be good to know what rights workers have here that companies are not allowed to violate.

 

[ekidhardt]

I've worked in IT for 20 years for a variety of companies, from small to large corporate environments.

And in that time, I've never been requested to spy on any employee ever. If an IT guy is asked to do that, there is something fishy going on, maybe something illegal (that the employee is doing).

BUT--as anyone with admin power knows, they can record, find, and do anything they want. I can see any web site they visit, completely monitor every single email, see every printed document--basically anything. And if for whatever reason me, or any IT staff wanted to, we could monitor keystrokes or take screen shots or install monitoring software.

This includes any data or activities on company provided cell phones.

There's nothing that an employee does at work that can't be found out by the IT guy. That's just the reality of it.


But here's the thing--it all sounds like we have a lot of power---and true, we do. But the truth is--we don't care!

I have much, much better things to do than to monitor what websites people go to, or look at print queues, or spy on what people do on their lunch break. If the IT guys working for me had some creepy inclinations to spy on co-workers, I would replace them.

The bottom line is this: just because we can do it, it doesn't mean we're remotely interested in doing it, or that it is time well spent. It's just a waste of time, in virtually all cases.

The only FUNCTIONAL use I have found by having admin power to see what people are up to--is to see who is printing out 20,000 color pages/month for personal reasons, or on occasion, who is attempting to put pirated software on their PC's, or consuming copious amounts of bandwidth.

Apart from that, if your employees are doing such nefarious things that require professional spying to divine the nature of such deeds---then it's probably time for a new employee.

Anecdotally--there was this one time that we had suspicions that our after hours contracted security staff was eating lots of food from our company kitchen, so I setup a laptop in the kitchen, disguised as a carboard box, and installed some motion sensing software--and sure enough! There was this big ass security guy who would come in each night and completely gorge himself on the food in the kitchen. He'd then pack up some beers and sodas and head home

Anywho! On topic: anyone who has been in the trenches in IT would probably say the same: we've got better ways to spend our time.

 

[Blytz]

ah heck all, we don't have internet access or personalized hardware (phone, tablet, laptop)

 

[Brian_R170]

I have a close friend that retired as a Vice President from Honeywell and he told me when they fired an employee, HR would come up with data on internet usage policy violations (which they obviously got from IT) to add to the list of justifications for termination. He implied it was more of a cover-your-a$$ move against getting sued for wrongful termination.

 

[androbourne]

Yeah I'm also a Network/System Engineer and work with a lot of high end enterprise clients.

Normally we do firewall logging to a log server. Then review logs from time to time to make sure users arnt trying to bypass our filters etc...

However, I do have a few clients that wanted more then just that. So there are a few I have installed switch port mirroring tied to Colasoft or other software that can monitor almost everything about any system.

There I have also installed Veriato products at some of these sites instead. It screencaptures months worth of data, can also see browsing history, emails etc...

So in theory, they can know A LOT.

 

[thormejh]

I work in an IT company. With the software we use i could literally get on any ones computer at any time. but guess what. I literally do not care what you do. I have way to many people to fix to care about your information. I have seen countless companies budgets, assets, taxes, etc. Don't care. That is how it should be anyways. I got better stuff to do

 

[shalini.ramakrishnan]

BYOD management solutions create containers which can be accessed and managed by IT admins. But they can't see or access anything personal on the phones or tabs. Only the work related containers are visible to them.

 

[mwryder55]

I work in an IT company. With the software we use i could literally get on any ones computer at any time. but guess what. I literally do not care what you do. I have way to many people to fix to care about your information. I have seen countless companies budgets, assets, taxes, etc. Don't care. That is how it should be anyways. I got better stuff to do

That attitude may work in some companies but not in others. I have to have some control over what is done with the company's computers to protect the company from lawsuits. I block certain types of websites and the use of user downloaded backgrounds to prevent sexual harassment suits. I also prevent the use of USB storage devices, such as USB drives or phones, to prevent the downloading of protected material or the uploading of viruses or hacking tools.
We also have the problem where an employee might have personal information on the computer that is left after he leaves the company. This information is then freely available to the next person to use the computer unless we clean the computer first.