This happened at my company a few years back before COVID. Back then, most of our employees were working at the office rather than at home, but this involved employees who worked from home a few days out of the week. Out of thousands of employees, we found about a dozen who were using unauthorized software to move the mouse around to keep their computer active while they were away from it. I don’t remember the exact mechanism behind how this was discovered, only that our information security team found out about it and brought it to HR’s attention.
We didn’t actually fire anyone over this but we issued several final warnings. i.e. The most serious sanction we could issue short of firing someone. This resulted in those employees being ineligible for their quarterly bonuses, so it was pretty costly for them. All of these employees were in IT and there was a lot of resistance from many of the managers who didn’t want their employee sanctioned at all. “I would have authorized the software had the employee asked.” We can’t sanction some employees and not others for the same action, so we had to take it up to one of our senior vice presidents who ordered the managers to issue the final warnings.
The biggest issue for us was the unauthorized software. We handle a lot of very sensitive material and we’re very picky about making sure software doesn’t constitute a security threat. Every employee understands they’re not permitted to install software without permission and they attest to that annually during security training. I was a little surprised so many of our own IT managers didn’t take security very seriously.
YouTube lawyer Steve Lehto brings up the Simpsons episode at the beginning of his video on this. Note that he points out that shouldn’t actual amount of getting things done be a better metric?
I was in a chain optometrist office once that was using hardware jigglers. My guess is that Big Eye mandated automatic screen locks and this was a way to stop having to log back in.
He could tip a big speaker on its back and put the mouse on the woofer. The deep bassy thumps of 80’s electro make the mouse hop around and fool the dimwitted Dean’s software.
I do wonder about how much the company is actually checking to see if people are working vs checking for unauthorized software installed on work computers.
I mean the “story” is “oh look at Wells Fargo spying on their employees!”. But it seems to me that a better metric for determining if your employees are productive is seeing what they actually produce.
Then again, I’ve been in plenty of these big corporation where the employees don’t produce shit.
Only if the goal is productivity, rather than power tripping. If they measure how much an employee gets done, then there’s risk the employee will accomplish their assigned work and have free time. Since employers are generally control freaks who utterly loath their employees that’s unacceptable; so metrics are used that require the employee to work as much as physically possible, which has the benefit of making them miserable and making it impossible to ever feel as if they have accomplished anything.
Productivity isn’t the point. Profit isn’t the point. Cruelty and power games are. In the end that’s what business is for, producing a product or service is just an excuse for it.
I have to disagree with you. Happy employees, miserable employees, who cares? Profit is the only point, and if you can’t produce that, we’ll find a manager who will.
Well, that’s spoken like someone who has never had much to do with the actual running of a business of any size.
In reality, large businesses like Wells Fargo are run by layers of middle managers who all have their various strengths and weaknesses as well as their own ambitions and biases.
I did some work for Wells Fargo a couple years ago helping a fintech do a systems integration at the bank. I didn’t find them particularly “cruel” or “unethical” (at least not as a matter of policy). Just sort of inept and disorganized.
Ultimately it felt like we didn’t accomplish anything because we didn’t accomplish anything. The Wells Fargo folks never really tried out the system like they were supposed to and they had some leadership changes resulting in the project ultimately…less “cancelled” so much as “slowly abandoned”.
What I find interesting about these sort of back-office banking jobs is that there is little to measure real productivity. Some jobs sure, the system can count the number of loan applications you process or how many times it gets sent back for corrections. But a lot of times, what I mostly see is that they perceive “productivity” as email chatter and being seen attending meetings where you aren’t required to give input, weigh in on any decisions, or action any items.
So you have a lot of noise and the illusion of productivity, but without any real work getting done.
The actual “point” such as there is one in a big corporation is to have all the individual parts of a big, complex machine behaving predictably. Then again, some of these big companies, they don’t really know what a lot of the parts actually do.
My company’s IT department requires long, complex passwords that are required to be changed on a quarterly basis and have no similarity to any previously used passwords. Your computer also locks itself after 5 minutes of inactivity.
If you are an engineer reviewing a set of paper engineering plans on your desk while also trying to draft an email and answer messages on Teams, it can be maddening to have to repeatedly type in your long, complex password every five minutes while you are sitting at your desk working but aren’t physically at the keyboard or mouse the whole time. Of course, your computer also locks itself if you stop to take a phone call or talk to a colleague.
Finally, if you type in your long, complex password incorrectly three times, you are locked out of your account until IT can reset it. If it is after normal business hours this means you are locked out until the next day…which means you are screwed if you have a deadline or something that has to be completed after normal business hours.
That’s why a co-worker of mine bought himself a mouse jiggler. He was encouraging me to get one as well, but I was afraid I’d forget and leave it in all the time, plus if I’m not forced to type my password in several times a day I’m afraid I’ll forget it.
I’m a Boss. I err on the side of, if you are doing your work and doing it well I don’t care if it took you 1 hr or 8 hrs. I have nothing but professional adults working for me and nothing but people who take pride in what they do.
That thought had actually occurred to me before as well. Surely they don’t store the actual passwords anywhere, only a hash of some sort instead.
So with that said, I suspect they just told everyone to do that but didn’t (or couldn’t) actually check. I say that because my new password every quarter was totally based on previous passwords with an incremental counter. My co-worker used this supposed requirement as justification for his mouse jiggler though.
In any event, my IT department recently got the message that it didn’t actually increase security to require passwords to be changed so frequently…because it encourages people to either write them down or use an incremental pattern. So now we have a long, complex password that doesn’t have to be changed at least.
To me, the word “overseer” brings up an image of a guy with a whip, striding down the rows of workers slaving away and thrashing anyone who looks to be slacking off.
