This used to be part of my job and I posted about it a few years ago:
Wherein I get people fired for surfing porn on the job
From the WaPo.
Please make sure to have NSFW links be behind two clicks…either by breaking the link up or putting it in a spoiler box.
I’ve done this in your post and put a NSFW warning.
I had a couple of co-workers – both overall obnoxious people – who got in trouble for looking at porn.
I suspect in most companies it’s not cost-effective to actively monitor internet usage, but egregious amounts of porn-ing will tend to get noticed. That said, Hypotheticorp CEO Hershele Ostropoler will have it as policy to write up and eventually fire anyone who seems to be taking a lot of work-hours to produce relatively little work regardless of what it is they’re doing instead.
To those who wonder why companies care what you’re doing online if you’re still getting work done … there are several reasons why companies do web filtering:
-
Bandwidth management. Bandwidth costs money, and the company isn’t spending it so people can stream audio and video, play games, or look at porn.
-
HR issues. As noted above, you don’t want people in the office looking at porn, hate sites, violence/gore sites, etc., because people who show up to, you know, work, get kind of upset when they’re greeted with objectionable material.
-
Reducing legal risk. If people are accessing any illegal content – child porn, pirated movies, etc. – either deliberately or accidentally, it potentially involves the company in a legal issue they don’t want to be in.
-
Malware defense. Most malware is delivered in drive-by downloads from web sites. If you block sites that are not necessary for work, you reduce your exposure to malware.
If you want to goof off at work, I don’t care as long as you don’t put the company at risk. Read a novel. Do a crossword. Build ships in bottles.
I haven’t known anyone to get in trouble over content, but I’ve heard it said that some people in my group (names weren’t named) had gotten into trouble over the amount of internet use at work.
My husband is in IT security and has had to testify in legal proceedings against fired employees. He and his team were actually required to visit porn sites and view porn images in order to be able to testify that yes it was not a mislabled image or website it actually was inappropriate.
The shocking thing to me was the number of people view illegal images on their corporate computers. The team prepped multiple cases where the users were downloading and saving child porn.
I guess people are stupid everywhere.
In general though most systems filter the stuff they don’t want you to see
Proxys or high volume attracts notice
Reports from other employees also get you on the radar
Once you’re in their sights they’ll look at everything.
My most recent office job had filters that blocked stuff, and we’d get a screen that said that all usage was monitered and logged by IT and the reason for blocking, which was sometimes reason: porn, even when it wasn’t a porn site. The filter also blocked video game related stuff, alcohol-related (as in you couldn’t access the website for a local liquor store) and reason: malware. Never, ever in my 5 years working in 2 different departments did anyone care a bit about what was being accessed on the internet. Some of my co-workers on overnights would stream movies from illegal sites and even that no one ever cared about it, or noticed. It was almost a little too lax, and all that ever happened is our bosses would say, “Jeez, could you just make sure no one higher up actually SEES you on Facebook for crying out loud?” Which was a pretty tall order for some people, based on how often they would say that.
On the other hand, I worked at a retail job where we had access to a computer and I was given a month-long probation period for looking up a pair of shoes. I was inspired to find myself a new job, which made everyone happy, I think.
I still don’t think it’s cost-effective to pay someone to monitor employees’ internet usage, as opposed to folding enforcement of the policy into the duties of the IT department without expecting it to be a high priority for them. Of course if someone is doing something illegal or harassing that needs to be stopped even if they’re generally earning the company more than their presence is costing (and that calculation includes the bandwidth costs of their internet usage professional or otherwise as well as salary and benefits, in the same way it includes the marginal cost of leasing an office with enough room for their cubicle).
I suppose a huge company with hundreds of employees – and thus hundreds computers that could be storing CP or showing porn to reasonable women who don’t want to see it – can spare one of those employees to spend a significant amount of work time monitoring net traffic.
I know for sure that I’ve had coworkers who each viewed the other’s tastes in porn as gross and disturbing. Some of them worked the same shift even, and none of them had illegal tastes - they just happened to rock to different tunes.
In the late 90’s, I worked for a company that did phone support for HP computer products. We quite often needed online access to tell people where to go, EXACTLY, for their drivers or whatever. And IT was backwards as hell: instead of opening access to the sites we needed, they left everything open until it was a problem and then closed access to specific sites.
Blew me away that it took them 6 months to get around to blocking Anonymizer, which is what everyone used to get around the blocks. 
But yeah, IT constantly monitored there, and people were fired, and written up. I got lucky I didn’t get busted one night when I was randomly typing in numbers in the URL to see where it would get me. :eek:
Most of the companies I’ve worked for have been pretty large, so they did have enough work for one or more folks to monitor network activity, at least as part of their job. I agree that in a smaller company, you’re not going to pay someone to watch the web filter all the time.
One potential problem with letting regular IT staff investigate suspected misuse is that you want your investigative process to be legally defensible. You want to maintain chain of custody, ensure a fair and equitable process, follow some forensic procedures, and so on. If the staff you have doing the investigation are not qualified to do that kind of work, you can end up in the awkward position of firing someone only to have to re-hire them when they sue because your investigation was poorly handled. Smaller companies that don’t have enough qualified folks on staff to do that kind of work should consider outsourcing their log monitoring and investigation functions.
IT guy here.
I’m very protective of my users, and moreso of my network. If I notice that a specific site is using a lot of bandwidth, either during work or after hours, I have to check it out to make sure something isn’t breaking, or that the site might need an increase in linespeed because of additional users.
During a bandwidth peak, its really easy to see what sites are being visited. If we notice that there’s a lot of porn sites visited, technically, we’re supposed to notify our superiors. But I like my users. Rather than go after them directly, I’ll send a message to their site saying that “perhaps someone got spywared because there’s a LOT of usage at their site”. In about 80% of the cases, this is enough to get the issue to stop. In 15% of the rest, I can call the user, and schedule some time to “update” their computers, and scan for spyware, because of “unusual readings on their machines”. I’ll then mention that “Oh look, some spyware is accidentally connecting your computer to (visited website that I know they went to) ! Gracious! Heavens! Let me clean that termination-worthy location off!” This usually clues them in that I’m watching, and I don’t want to get them fired.
In the past 10 years, we’ve only had to take this to HR once, from an idiot who wouldn’t stop going there, even after we gave him every chance to stop.
I like my users. I don’t want them to get fired over something so terminally stupid.
Or use your phone to get on the internet. The miracles of technology.
Per the IT department at my work, as indicated in the OP, all web surfing and emails are stored. No one monitors this, but if a manager has a beef with his employee, the manager can go to IT and request the employee’s email and web surfing history. If the manager doesn’t like what he sees, per the employee handbook, it can be:
1st offense: verbal warning
2nd offense: written warning
3rd offense: subject to termination
I am new to the company so have never seen the above in practice yet, but I do personally know of a friend who lost his job for his internet surfing.
At my highschool of about 1000 people, if I was on a games site etc (either I’d found something not blocked, or I was using proxies ), I would sometimes have a box popup on my screen saying something like ‘are you supposed to be doing this?’ It had a text box for reply, and usually you’d go ‘no, I will get back to work.’ If you said something like ‘yes, I’ve been given free time.’, the IT guys would ring up the teacher.
However, in 4 years, it happened a handful of times, no where near the amount of time I actually was on those sites.
I read this message board at work on most days, a couple-three times a day or so as time permits. I avoid any topic that contains any racy words (but will read them on my own computer at home). No Facebook or other surfing at work, either, and certainly no porn - I would not even try that, duh.
However, in the past weeks when I wanted to read one of the wave of threads here dealing with guns, gun control, gun violence, etc, my work web filter kicks in with an error message indicating the topic of “weapons” is not allowed. So, something at my work is automated to control access. No, I am not going to test it for porn.
About 15 years ago (good god, has it been that long?!) got an email from HR saying that they had a complaint - someone thought the intern working for me that summer was staying late at night watching porn.
sigh - he was a really smart, quiet German kid, maybe 21-22 or so; this probably gets him kicked out of the intern program, because -and this was rare for the time - the company had a fairly robust Internet access / PS usage policy that was part of the on-boarding procedure, and I had even sat down with him during orientation to go over it.
So I call up my IT partner and he starts scanning machines. Intern kid’s machine is clean as a whistle.
The guy next to him, however…oh man. One sick puppy. Golden showers was the least skeevy thing he was looking at/downloading.
And this is why I found out the company had a robust internet access / pc usage policy: The same guy had been written up about two years ago (a year before I joined) for looking at porn after work!
The guy was an equity analyst and a real jerk of a guy, so I wasn’t -that- sad when we called up HR and they escorted him out of the building later that week. Guy had just gotten married, his wife was 7-8 months pregnant, and now not only is he unemployed, it was two months before bonus payments kick in, and because it was ‘with cause’ bu-bye to any severence package. Idiot.
While working in Japan, I had to fire a guy that was staying late at work so he could day-trade US stocks from the company computer. All sorts of problems with that one; improper use of company PC & equipment was only one (and the least-serious) of the violations that could have directly resulted in his dismissal.
I worked briefly for a French bank that was testing a weird IT monitoring system that would freeze your machine if it thought you were accessing some non-compliant website. At the time I was working on a very long, in-depth company report on Pfizer. What very famous drug did Pfizer come out with in the late 1990s?..
It’s not as bad where I work, as we have Websense installed. I just wish it wasn’t so picky with what it considered to be “gaming” and “gambling” sites. (Websense has three levels of block: “well, you shouldn’t be on this site, but we’ll let you through” (usually sports and entertainment sites), “The entire company gets 6 20-minute blocks per day; do you want to use one?” (political sites, like The Green Papers and Real Clear Politics), and “Don’t even think about it” (including porn, gambling, and “gaming” sites).) Recently, the forum at WizardOfVegas was changed from “OK to browse” to “gambling” despite the fact that there are no games available on it.