Today at work we got this ominous email from our computer department telling us that our intranet system is getting clogged up with countless peopns downloading “non-business” use sites.
The warning from Big Broth . . EEER the MIS department listed some of the most frequented sites, and from now on they would be blocked.
IN ADDITION they were going to install software that would “monitor” “individual” intranet usage.
Is there going to be any way around this? What is this software going to do and what will it tell these spooks?
Look, I understand that surfing is a huge waste of time and all that, and cost companies millions. I’m down with that.
But I’m just looking to browse the net for a few minutes every few hours to blow off some steam, not download hours of kiddie porn (no, really). So I really don’t need some computer geek or corporate A-hole calling my boss and faxing him a list showing that I viewed the Straight Dope 50 times last month.
Any hints? Will deleting my History or Temporary Internet Files help?
If it helps any, I work out of a field office, not the main company headquarters. The system is Windows NT, I believe W95 version.
First of all, before all of the smart people come, a couple of pointers.
You are either running Windows 95 or NT, not both. Different kernel, different OS, etc.
Second, if you are working in an office, field or otherwise, whoever owns the office and the equipment has the right to monitor your activities on the phone/computer. While deleting your history files will help the casual snooper, the software that IT is using is probably much more sophisticated than that. I would say that if you are doing anything the least bit recreational on their computers, you could lose your job.
Without more information, I can’t say for sure what will happen, but one guess is that your MIS department is simply going to push a monitoring agent out to every machine they want to monitor and install a monitoring server on one of their machines. The agent then would simply report to the monitoring server at periodic intervals, and the IT guys would be able to determine at a glance what each individual user was doing on their computer.
The alternative method would be to monitor all network traffic on the network with a packet sniffer (or, more efficiently, to just monitor all traffic leaving the network to the Internet on the router to the Internet) and sift through and sort the information by computer/user and target site. This is probably what your IT department did originally to determine that people were visiting many non-business sites.
In short, no, deleting your History and Temp folders won’t help. If they’re installing monitoring agents on the individual workstations and you attempt to disable the agent on your machine, IT will know since that’ll show up on the monitoring server as a dead connection (okay, so maybe you were out sick that day and shut off your computer, but no activity at all for a two weeks?). If they’re monitoring the network traffic directly off the lines or at your router to the Internet, then there’s no way to circumvent this, short of deleting the traffic logs off the router or monitoring server.
As I’ve said before, there’s no way to hide your Internet browsing if someone from IT really wants to find out about it. There are all sorts was ways they can set up a system (I’d set up logging on the firewall, with static internal IPs for the users, and check the logs each day). There might be some hacking tools that could hide things or wreck the logs, but they’d really nail you once they caught you doing that.
This topic comes up now & then here but as usual, the company has a legal right to know what you are doing with their equipment. Not to mention it would probably be against the board rules here to discuss such fun means of getting around same.
If they’ve got good monitoring software (like Elron, for example), then they can see just about everything. The Elron package, for example, runs on the main company server, and tracks every IP packet from each machine. Sophisticated report tools let you create a report on an individual user (e.g. most frequented sites, megabytes/day of traffic (even a graph vs. time so you can see when they’re surfing), sites with certain keywords in the URL or anywhere on the page, etc.). The tool also lets you block sites based on keywords in the URL or the web page, and each user can have a different set of filters, so the CEO can still get his porn.
It can also create reports on a group of users, or the entire company, to monitor total traffic volume, or the most popular sites for the entire company (popular in terms of number of hits or bytes transfered).
HOWEVER, this type of stuff generates huge amounts of data, which no one generally combs through. If you are just surfing for a few minutes every couple of hours, and don’t hit any porn sites, then I doubt you’ll have anything to worry about. They’re probably more interested in people spending 50% of their time surfing for porn.
MIS has to make sure that resources are available for your company to do whatever it needs to do to make money. For an example of why MIS might be monitoring, skip to the last paragraph.
Go up to your boss (or whoever will be looking at said reports) and ask flat out what the policy is on personal internet usage. I have T1 at my desktop and the temptation is too great not to browse once in a while. So I asked the big bossman about it, he said “use your own discretion” which I took to mean that if I didn’t have anything better to do I could surf all I want.
I don’t think it’s asking a lot for companies to spell out their positions on personal Inet usage especially if they sit a direct pipe to the internet in front of you, but then again it’s not my company.
As it turns out, I am frequently in queue with my customers for 15-20 minutes at a time. So I figure as long as I’m sitting there listening to the muzak version of Muskrat Love and staring off into space, I might as well be looking at something to keep me from going insane. There are also lengthy periods of time when I’m stuck at my desk running loop tests on T3 trunks or something equally dull, and since I can’t walk away from that I open a browser window and, well, here I am!
As to why your MIS guys might be miffed at you, I recently shot a trouble on a host T1 for a car dealership in VA. The guy was complaining of slow throughput and claiming that there must be something wrong with our facilities- he said his connections were so slow that all of his various sites couldn’t operate at any decent speeds. I could see the large amount of traffic on his host, and I flat out told him that he is passing a huge number of data frames and it was exceeding his bandwidth contract. I suggested that his WAN needs have apparently grown & that he might want to think about upgrading to a higher BW. After several days of running traffic stats on his lines, he ended up calling me one day to tell me he discovered one of his employees was running Napster. Now suppose he had never found that guy using Napster; he probably would have ended up spending big bux on network upgrades and maybe even a 2nd T1 line. So you see, even if YOU aren’t wasting company time (you might even be off the clock), you may be sucking up resources that the business needs to operate.
Didn’t I already say I was cool with my company trying to keep endless web surfing to a minimum? I appreciate the techno stuff, but let’s keep the preaching to a minumum.
How about some horror stories out there?
About how much harrassment should I expect if I spend, lets say about 10-15 minutes each morning and afternoon, and a half hour during lucnch on the net?
My post was anecdotal & informative. Nobody has preached anything in this thread.
You are in General Questions, where you will not likely get many “a scary thing happened to me on the way to the office” stories.
How the hell are we supposed to know the answer to that? It depends on your company’s policies. That’s why I “preached” you should go ask your boss, or somebody who is in the position to give you an informed answer. As I attempted to say in my sermon, usage that seems brief and occasional to you might be sucking up the last little bit of bandwidth your office has on its T1 (or 56k, god help you).
Having safeweb.com as your most popular site might raise a few flags with the IT department. If you’re truly avoiding porn sites and other company no-no’s, then you shouldn’t need something like that. With 200-400 employees, the IT dept. isn’t going to be scrutinizing everybody. Most likely, they’re looking for large users sucking up network resources, as Attrayant said. It can be very useful to discover that 75% of your T1 is being used for internet radio and napster, while the company website is starved for bandwidth.
Most likely, they’ll just look at the top users in terms of bandwidth and surfing time (which can be estimated given the usage patterns). If you’re just browsing for a few minutes a few times a day, you’re probably not going to stand out. The best thing to do is what Attrayant said, and that’s to talk to your boss or the IT department and find out what their intent is, and what guidelines you should use.
Let me please repeat again and again. DON’T SURF AT WORK IF IT IS AGAINST COMPANY POLICY.
It doesn’t matter what your boss says or does. If you sign a paper saying you will only use the internet for company purposes and you disregard this you have given them amunition to dismiss you,
And who is to say in a year your boss that says use your discrestion is gonna be there.
Today I went over our internet policy with a new employee, my exact words…Read what you have signed. Do people use the internet for their own use. Yes. Can they be let go. YES! And it has happened.
Instead of using downtime to surf get an excel or access book and start learning another program. Learn to design a web site.
Having downtime is not excuse.What did you do before the web?
Also a minute or so of surfing. What if all employees at my company all 400 surf. Then multiply that by our 500 hotels. Why should people be denied their bonuses as the company had to get more bandwith etc…
Here is an ironic twist to the “employees abusing the internet” mythology.
In the facility where I work there are lots of computers, all linked together in an intranet, which is connected to the internet as well. To prevent “misuse” by the staff, however, access to any site, including all but a very few sites on the facility grounds, is limited to certain users. All others are only able to recieve email from the local facility, and are not able to send email out either. Net access is a political plum, granted to a very few.
One of the professionals came to me with a list of questions she needed to research for a presentation to be made for the facility. She wanted my help in providing a list of web sites on paper which she could take home, and access on her own computer. I have no computer at work, nor any reason to have one.
I do, however have access to a PC that is dedicated to my clients’ personal use, and is not the property of the facility itself. It accesses the web by use of my own personal AOL account, over the phone. I maintain the AOL account entirely as a personal favor to my clients. Normally I am adamant about allowing official use of any of these resources.
My professional colleague was desperate, so I relented. I took a few moments of my lunch break, and set up the computer, logged on, and printed out seven or eight pages of good reference material on the subjects of her interest. Her presentation got official recognition from management, as excellent. And unauthorized employees obtained the entire thing in spite of the specific intent of the MIS department, to prevent Internet access. We did use their paper in our printer, though. I insisted.
I don’t know what software they used, but I knew some folks in the monitoring department at this place I used to work and saw what they used, and it was pretty scary - they could punch in the extension of a workstation and see exactly what was being done on that computer - not just what was being done in their browser, it showed exactly what was on their desktop.
Their security was admittedly a lot tighter than most places, though - they had some problems before with people using the work computers for gaming, accidentally crashing the company intranet, viewing porn, and they got the best monitoring system that ould be bought.
If their policy is truly that a “reasonable amount” of surfing is OK, then limit your surfing to a reasonable amount during your breaks.
I guess I’d put it in the same category as use of the office telephone for personal calls. It’s unlikely that anyone will care if you have a couple of short personal calls during the day (assuming it doesn’t interfere with work, like not taking personal calls when you’re supposed to be in the middle of a client meeting, say). On the other hand, they will care if you’re having an hour long conversation with your significant other, two or three times a day. If you’re asking where the line is, it may not be a clear line, but it’s there, no matter how fuzzy. Don’t skirt near the edge to see how much you can get away with.
OTOH, I’d certainly be sure to avoid any sites that might pose problems. We had about a dozen people at our firm sharing porno gifs, and they were promptly canned.