So - say I got really mad and in a fit of vented annoyance, I posted a slight rant about our resident corporate IT person onto my online blog in a locked entry.

What are the chances that if she wanted to, she could find out what I typed? Does it save a copy of it on my hard drive?

She's at our corporate office, I'm at one of the divisions. I should have just voice posted it on my own cell phone - but I was sitting at the computer and just felt my fingers fly.

Should I be worried?

If you used your work computer to do so, she can find you.

so how do i fix it?

Do you think your job is at risk for expressing an opinion about a fellow employee on a personal Blogg?


Edit: If I found out that my IT manager can or worse DID see what I had typed on a blog - he or she is potentially in more trouble than I. I'd be disgusted. I'd be able to take the company to court for invasion of privacy.

Not that I've ever bad-mouthed my IT manager on here. I've bad mouthed fellow employees for sure.

Not that this is a blog. Same thing though.

There's very little chance that she will see it. Someone would have to pull the log of your internet usage and recognize that you visited a blogging site. They would also have to see that you made an entry into the blog by examining the URLs (the log probably only contains the URLs you visited, not the text of the pages). Then they would have to somehow hack into your blog to see the locked entry. To bother doing all of this, they would have to have some reason to suspect that your blog contained information worth discovering. If you are the only person who knows that you made that blog entry, there's about zero chance that anyone would go looking for it.

There may be a cached copy of the blog entry on your computer but, again, someone would have to have reason to look for it in the first place. Unless they are closely monitoring your internet usage already for some reason, they will never know what you did. But delete the entry anyway. It was a dumb thing to do.

Unfortunately, once you've sent it through your work's internet connection, all bets are off. Even if you completely destroy your work computer, it could still be sitting on a server.

However, it's unlikely anyone will see it, unless someone in IT is out to get you.

I suppose they could have a keystroke logger on your PC, which nabs everything you type. But I think the odds of that are quite small. Depending on the size of your company, I really doubt they're logging everyone's keystrokes. And unless you're already under suspicion for something Pretty Bad, it's unlikely they'd single you out for logging. So, I doubt they have any way to see what you typed on your blog.

It's not out of the realm of possibility that they could find out, but you're probably safe.

Edit: If I found out that my IT manager can or worse DID see what I had typed on a blog - he or she is potentially in more trouble than I. I'd be disgusted. I'd be able to take the company to court for invasion of privacy.
.

Company PC means anything on it is company property. No invasion of privacy. They provided you with it, you used their property and their bandwidth. So if I went onto your system to find something like that, I might be breaking a company policy, but it wouldn't be invasion of privacy. Your PC at home, different story.

Company PC means anything on it is company property. No invasion of privacy.

IANAL, but I believe workers in the UK have more privacy protection than those in the US.

IANAL, but I believe workers in the UK have more privacy protection than those in the US.

Whoops, didn't see that. Yeah, I don't know about the UK.

Edit: If I found out that my IT manager can or worse DID see what I had typed on a blog - he or she is potentially in more trouble than I. I'd be disgusted. I'd be able to take the company to court for invasion of privacy.Here's a line from my company's policy on computer usage:

Employees should have no expectation of privacy with respect to any use, including use for personal purposes, of the electronic communication facilities and services provided by the Company.I expect that any company worth its salt has enacted a similar policy. It's entirely legal and is a smart policy for them to have.

Edit: I didn't catch that you're not in the US.

It depends indeed. We have software that tracks Internet usage very thoroughly. If she got wind of the blog entry and had access to this tracking software she could see what you posted and verify you did it from work. This also assumes that the software is scanning and recording the Internet usage at your office. In our case the outside people are not being tracked and they have a different and separate Internet access unless they are using our terminal servers. In this case what they do on the Internet is being tracked.

Does your company have any policies regarding Internet usage? Is she in the position do cause you any real grief?

Jim

Here's a line from my company's policy on computer usage:

I expect that any company worth its salt has enacted a similar policy. It's entirely legal and is a smart policy for them to have.

Edit: I didn't catch that you're not in the US.

Not a problem. The OP is in the US and this is about the OP not me.


Anyway, It doesn't sit well with me that anyone would consider it a good thing that an employee has no privacy while he's within the confines of the company he works for. To me that's a bad thing.

Edit: But I am currently reading a book set in post-war communist russia where privacy is virtually non-existent, so maybe I am being influenced by that :)

Edit: If I found out that my IT manager can or worse DID see what I had typed on a blog - he or she is potentially in more trouble than I. I'd be disgusted. I'd be able to take the company to court for invasion of privacy.

The OP is in the US, where we have no expectation of privacy when using our employer's computers.

As a security analyst and system administrator, I am entitled to and able to read your emails and "personal" files, not to mention observe your Internet usage as your activity goes through several servers between your desktop and the outside world. In reality, with roughly 200,000 user accounts on the network, we flat-out don't have the time to do that.

It depends indeed. We have software that tracks Internet usage very thoroughly. If she got wind of the blog entry and had access to this tracking software she could see what you posted and verify you did it from work.

I might have misunderstood the OP. What is a "locked" blog entry? I am not a blogger. Is that an entry that only logged-on users can access? If so, and if IT doesn't have access to the entry, they still wouldn't be able to see melodyharmonius' entry with internet tracking software, would they? Or do you mean, they'd see he (she?) was on melodyharmonius.blogwhatever.com between 8:00 and 8:30, and they'd see the fiery post at 8:29, and then put two and two together?

...
Or do you mean, they'd see he (she?) was on melodyharmonius.blogwhatever.com between 8:00 and 8:30, and they'd see the fiery post at 8:29, and then put two and two together?

Yes, this part.

I don't think any company* would record everything going in and out as the disk usage is prohibitive but even that is not technically out of the question.




* exceptions of the Federal Government, IBM, Microsoft or Google type entities with seemingly unlimited resources.

Anyway, It doesn't sit well with me that anyone would consider it a good thing that an employee has no privacy while he's within the confines of the company he works for. To me that's a bad thing.If the company
Provides a computer to do your work
Provides access to the internet at their expense for work related purposes
Is paying you to perform the tasks they have assigned
Should they not have the right to ensure that their resources are being used for the purposes that they intended?

If the company
Provides a computer to do your work
Provides access to the internet at their expense for work related purposes
Is paying you to perform the tasks they have assigned
Should they not have the right to ensure that their resources are being used for the purposes that they intended?


Technically yes. I'm just saying it's not a positive thing from the employee's point of view. And I am on the side of the employee.

In many types of job it is naive to expect the employee to use their computer for nothing but work purposes.

And some people's assigned task is to be present in case something happens. What are those poeple supposed to do when there is nothing work-related to do? Read a book? Knit? Play tiddly-winks?

And some people's assigned task is to be present in case something happens. What are those poeple supposed to do when there is nothing work-related to do? Read a book? Knit? Play tiddly-winks?

Yeah. Do what people did 5-10 years ago and beyond, or what non-office people do during downtime. The Internet is not a right.

Technically yes. I'm just saying it's not a positive thing from the employee's point of view. And I am on the side of the employee.

In many types of job it is naive to expect the employee to use their computer for nothing but work purposes.

And some people's assigned task is to be present in case something happens. What are those poeple supposed to do when there is nothing work-related to do? Read a book? Knit? Play tiddly-winks?
Playing Devil's Advocate mainly:

The companies have the rights to track what the employees are doing in the office on office equipment.

In the cases where the person is hired to just be there most of the day, then the company will usually not care what the employee does on the computer as long as it in no way makes the company liable for any complaints. Have fun surfing work safe message boards or reading the London Times online or whatever takes your fancy. Even here they reserve the right though to verify that, "Yes as reported employee Lobsang was surfing porn at work. Give him a warning this time and let him know that a second offense is cause for termination as we don't wish to get sued by another employee."

The bottom line is that your presence on the internet is almost assuredly tracked, but not actively monitored. You probably have a web filter in place to prevent you from going to the non-business sites they want to block. Typically, your usage would only be investigated down to the sites you visit if a request was made by someone (your manager, etc.) Even if they saw that you visited the blog site, it would be highly unlikely they would have any record of the entry you made. (This assumes you're working directly on the website and not creating a file on your PC and moving it to the website.)

Some solutions in use in what is a decent size business that did not exist 10 years ago.

www.SpectorSoft.com
WebWatcherNow.com/Internet_Monitor
www.MonitoringAdvisor.com
www.StBernard.com
www.workexaminer.com

The main use is to spot check employees when suspicions are had and to locate heavy users if the network is slowing down. Companies have had a lot of trouble with streaming video and audio applications using up too much of a shared resource.

Yes, this part.

I don't think any company* would record everything going in and out as the disk usage is prohibitive but even that is not technically out of the question.

Yeah, I agree. I could only imagine doing that if we already suspect someone of something.

Companies have had a lot of trouble with streaming video and audio applications using up too much of a shared resource.

We block streaming video/audio for this reason. Unfortunately, there is a trend toward online training using streaming video. So, more and more often, people who have a legit business need for a certain training product are complaining that they can't get to their streaming lecture or whatever. It's not a huge deal for us right now, but I see it soon becoming a huge pain to try to whitelist all the legitimate sites and still block all the unnecessary stuff.

Conversely - I'm not sure if a locked blog entry requires a password to view, but if it does, you can ignore this. If your IT person does a vanity search on her name, and it is in your blog, she can find you.

I think the above can be summarized into: She can, but she probably won't.

The IT department usually has all the information necessary to trace your steps, on one layer or another. URLs, IP-addresses, activity logs and so forth. However, barring an active suspicion and severe dedication to the task, she will probably not have installed a key-logger on your work computer and even if she did, the day-by-day output would be prohibitive to read through. This information is pretty much the only thing that could be indexed easily enough to run a non-specific vanity search through (I.e. "IT," "Co-worker" and so forth.

She could scan your visited URLs, detect you were maintaining a blog (if it's a x.blogspot.com address, for instance) and investigate from there, but in my experience nothing short of an active suspicion of severe abuse could motivate an IT employee to even consider doing this. I'm not talking about the ethical implications here, just the amount of work.