I always hear people talk about how their company “monitors their email and internet use at work”. This sort of implies that there is some person or persons in some control room in the bowels of the IT department…I don’t know…watching banks of monitors until someone goes to the wrong site. Presumably an alert is then raised and appropriate action is taken.
I’m pretty sure no company works like that. I worked in computer forensics and electronic discovery consulting for years I never met a “director of monitoring everyone’s email”.
The way it works is your email is saved on an MS Exchange or Lotus Domino server somewhere. Periodically those servers are backed up to a tape and the tapes are shipped off somewhere (a company like Iron Mountain). Now there is software that activly archives, monitors and censors emails, but they generally are expensive. Unless you work in financial services or some other high security field, your company probably doesn’t have it. Now all those emails exist somewhere so someone can get to them if they have to. But it’s often a time consuming and expensive process and most people get dozens of email a day and companies can have thousands of employees.
I’m not as familiar with web, but I’m sure the web site you visit could be stored on a server log somewhere. Yours and every other person in the company. So what I’ve usually seen is company’s simply block porn, social networking, games and other non-work related sites.
Any time I’ve seen someone “get in trouble” for email or web use, it’s either because they sent the email to the wrong person (ie Replay All: Dear Asshole!) or they are already being investigated for something. At that point, the expensive consultants get called in and have to bother the IT department for days, pulling emails off of the servers and trying to locate tape backups from six years ago.
In my experience, IT departments are too busy just keeping the wheels on the bus to spend time and resources spying on their own employees.
Then again, my experience does not include every single company on the planet. So has anyone ever known anyone to get called into the bosses office because of a website they visited or an email they sent?
Yes. I know a guy who got fired for visiting poker sites. I do not believe that he was caught by someone looking at IP addresses, I think someone saw him playing poker at work and, as always, the boss always has the nuts.
Military hospital about 1999. Civilian contractor was escorted out of the building. She reportedly went to porn sites, not once, but several times. We were all told that server logs were checked periodically, and that instead of locking down the servers, we were expected to behave appropriately. Apparently, she did not.
It really depends. My coworker twice visited a porn site. She had this nasty habit of typing addresses right into the address bar, instead of googling for them. And sometimes the address would be incorrect.
Of course the habit was broken pretty quickly, but no one ever fired her or even talked to her. I think if you make it a regular thing AND your boss is complaining about your work.
I know I’m here a lot. But I work pretty damn hard, too. I get no complaints for my boss.
I’ve never heard of anyone being “called on the carpet” for the offense of visiting some specific no-no site, but I wouldn’t be surprised if this information is shared secretly with supervisors and used to make decisions behind the person’s back such as selection for an upcoming layoff.
This is probably true in a lot of places. If you are getting all of your work done and at least meeting expectations but IT is saying that you surf message boards all afternoon, they probably don’t care enough to take official action or even mention it to you.
The likely scenario is not that the IT department calls up your boss and tells him that you’ve been visiting clown porn sites all day.
What usually happens is that you’re visiting your clown porn sites, and your boss or coworker looks over your shoulder and gets annoyed. And then your boss asks the IT department for your browsing history.
I knew some guys that worked in an office together and preferred to keep the door shut. Somebody eventually found out they were watching porn all day. Not pretty. I’ve also heard of people getting in trouble for running games. Both of those examples happened when people discovered them, not because their monitor caught them.
I imagine a periodic spot-check would be more feasible than examining every single website in the IP log.
We recieved this email in 1999, apparently the employee was let go.
I have to assume that the monitoring/logging has become more sophisticated since then.
There are a number of websites that trigger a reminder page that surfing is tolerated at best, that streaming media websites are not allowed, and that specific websites are off-limits. I suspect that these are all reported somewhere as well.
I have a friend who is in Corporate Compliance for a financial institution and reads employee email on a regular basis. “You don’t want to read personal emails.” was his comment. I didn’t have a chance to ask him about the process, but I would think that there are specific keywords that trigger those to appear on his desktop.
I helped defend a colleague who was accused of visiting porn sites from a work computer. He was confronted with a list of porn sites he had supposedly been visiting and the times he had visited them, from a log. The times were in the middle of the night, when he wasn’t at work.
It turned out that the culprit was a screen saver called Webcollage that pulls random images from the Web, and doesn’t (or didn’t at that time) filter out pornographic images or sites. Red Hat’s default screen saver on our machines was a mix of all the available screen savers, including that one (it was installed by default).
I pointed this out to our IT people, and they uninstalled it from everybody’s machines. I gave a talk that I called “How Not To Get Fired For Choosing The Wrong Screen Saver”, in which I explained about Webcollage and how to make sure you weren’t using it. My colleague’s name was cleared.
Our prez came out with a strict no-surfing policy around 2007 (enforced by a Barracuda filtering device). His second move, the following day, was to exempt himself from the rule. Over the next 18 months, about 2/3 of the company came up with some reason to be exempt too.
I did sit in a couple of meetings where the prez was examining who had surfed where, and I had to explain that this-particular-subordinate wasn’t really clicking a news site every 5 minutes, it was just sitting idle in a minimised window and refreshing every 5 minutes. So yes, had I not intervened, this guy would have been in trouble.
Eventually, the following year, I managed to get the filter taken out altogether.
I have seen email trigger-words before. I was downrange using a US Army computer, and just using certain security words or terminology would automatically kick the email to the G6 for review. They would then look at the context to decide if you had violated the security policies.
As the example above, it is much more efficient for certain URLs or key words to trigger an alarm, rather than actually trying to monitor every single sit the employees use.
My computer at work now will limit certain websites (humor, games, etc). Sometimes I will visit a site one day, and then the next day it will be blocked. I can only presume that someone saw what I was looking at and then decided it should be added to the list of blocked URLs. I imagine if someone repeatedly tried to access blocked materials it might provoke a response, but I have never attempted to test this theory.
Got busted for surfing about 5 years ago. What I saw a copy of was emails from IT to the HR director. It said something like there was a bunch of [surfing] from my department, while we were only authorized to view something like the weather/local news, etc… while doing our other work offline. The IT guy came by and said something about a ‘red flag’. I didn’t surf for porn, but I’m not sure about the other guys, and there had been no mention of it, so, I’m guessing the IT guy usually had little to do, so decided to see if anybody had visited cheapslutsandtheirmoms.com, or something similar.
HR came out and explained that my indiscretions could lead to my being fired beaucoup quick, so…
When apparently too many people visited a social netwoking site to play one of those games that were big last year (farm…something?) that particular website was blocked. I don’t recall anyone getting in real trouble.
I got caught using a web proxy to bypass my company’s work filter. I’d set the proxy up after the filter was installed because it blocked any web forum like experts exchange and google groups. As a fledgling server admin, I found it impossible to troubleshoot issues without having access to web forums. Boilerplate company response was that I could request exemptions for specific sites, but the process would take weeks, so I went around the system and set up a cgi proxy on my home server. I spread the URL around the office and was declared an office hero. It was mostly used for work related stuff, especially by me, since I did fear getting caught and I wanted to at least not have a record of using it for anything bad.
Fast forward 4 years and use of the proxy had become a habit. I’m still not precisely sure how I got caught, but I know that all company web traffic went through a central proxy, and I’m guessing they had finally started scanning the logs for keywords. I’d made no effort to conceal my use of the proxy; it was a well-known script and I didn’t change the default name or anything, so searching URL traffic for a list of well-known proxy scripts would have caught me.
Thing is, they called me into a room and started grilling me about why I thought I could bypass the proxy to surf eBay. eBay? eBay wasn’t even blocked, I could (and did) visit it without using my proxy at all. Then I remembered that I’d been using the proxy to search some forum for server issues, and somebody had posted a link to an eBay auction for something they’d bought to fix the issue. I followed the link, which also went through my proxy. The IT folks either couldn’t make sense of the dozens of forums I’d visited, or just thought that the eBay link was the most damning (it’s not like they needed more than one example to bust me). Or maybe they were searching for eBay all along.
I ended up getting reprimanded for bypassing company security and using company time for personal shopping. So that’s my story.
