dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2113
share rss forum feed

HumbleBee

join:2013-04-19

1 edit

Privacy in the workplace

Hello,

I live in Quebec, and I have a question for you corporate IT guys:

What can we employees reasonably expect in terms of privacy?

Right now, I bring my own laptop to work and connect it to the boss' network.

I know there is no reasonable expectation to privacy if using a corporate email, but how about if I am just browsing hotmail or gmail???

Can a corporate IT guy spy in my private laptop without my consent?

Thank you


Neo62381

join:2003-04-18
Lenoir, NC

Just depends on the workplace and how much they want to monitor people.

Most companies seem to opt for something like websense or Google Postini, which allows the appropriate people to see which websites were visited, how often, block certain categories etc.

There are also software metering programs that track which applications were used for how long...

Also, there are programs that will take a screenshot of your computer with each mouse click, or at certain intervals. Once again, just depends on how administration wants to set it up and how much money they want to spend. Also keep in mind that files on your computer can be access with one command from a remote computer.

Not really such thing as privacy on a computer... sorry. Another way to look at it, is that it's their computer to monitor.


HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to HumbleBee

said by HumbleBee:

What can we employees reasonably expect in terms of privacy?

My MO since entering the professional world has been, "while on company time working on company resources,
you can expect zero privacy, except when in the toilet."

said by HumbleBee:

Can a corporate IT guy spy in my private laptop without my consent?

Likely? Yes. Possible? Very.

Could this get you fired? I'd hit up IT or HR and see what their policies are of BYOD (Bring Your Own Devices) is.
If you work someplace governed by privacy laws -- government, financial, health care -- pretty sure they do NOT
want a BYOD running amok on the company network, for obvious reasons. Also, I'm seeing a fair bit of employment
contracts and / or employee conduct guides stipulate that doing so is grounds for termination.

My 00000010bits.

Regards

Oedipus

join:2005-05-09
kudos:1
reply to HumbleBee

My view: If you're connected to the company network and/or directly interfacing with company property, IT can/will monitor your activities and escalate any of their findings if necessary.

Related: Spector 360 is really cool.


AsherN
Premium
join:2010-08-23
Thornhill, ON
reply to HumbleBee

You are connecting a device to my network.My primary duty is to maintain the health and availability of the corporate and to safeguard the data. I will do everything in my power to do so.

As soon as that laptop gets one of my IP addresses, it is no longer your private laptop.

A big red flag would be, what are you doing that you need to hide it from your corporate issued device?


JoelC707
Premium
join:2002-07-09
Lanett, AL
kudos:5
reply to HumbleBee

Keep in mind, you are asking this on a US forum, and likely to get US answers. Sure, Canada and the US often are the same in a lot of rules and regulations, just be aware that what someone speaking from a US perspective says may not always be applicable in Canada. That said, AsherN See Profile's location tag indicates he is in Ontario, and his words basically echo the others so chances are good you can believe they are applicable to Canada.

And thank you for pointing out up front your location, not everyone does this and waits for a bunch of replies to come in only to say "oh btw, I'm in Canada (or some other country)" and pretty much everything gets thrown out the window lol.

Now, here is my take on this.

It really depends on the IT group in charge and what rules they have set forth. If you are bringing in your laptop to bypass websense restrictions or something, chances are you are going to be sorely disappointed (not saying this is why you are doing it, just pointing it out for the masses). If you connect your laptop to the company network, you're still going to be behind the same firewall and same restrictions.

If you bring in your laptop plus your own internet connection (tethered smart phone or such), that's totally different in every respect. You're using your property on your connection under your own control and your own liability. That makes you 100% responsible for your activities on that device (in theory anyway, I'm sure your employer wouldn't be happy to find you using it to perform illegal activities during the day).

And this brings us to why they may still monitor your activities on a device you own (plugged in to their network). You're plugged into their network and using their connection. That means they are identified in ALL web traffic which makes them the primary responsible party for your activities. Not to mention, your computer introduces the possibilities of a virus being unleashed on an otherwise secure network. Technically, with the right setup, such threats can be minimized or confined to a small guests only segment of the network but still.

Now, I did not and do not really monitor anything that goes on in my network. I can, and I do have the obvious critical logging turned on but I don't run websense or have any way of monitoring what my users visit. Sure I can install a package to pfsense and perform this function but I've yet to have a need to. There's so few of us here anyway, in a larger setting I likely would.

As for personal laptops on the corporate network, I never had a problem with it. The office is disbanded now and everyone connects from home via RDP so this part doesn't really apply to me anymore. I did previously run two wifi networks, one for internal access and one for guest only access that connected to a dedicated port in pfsense (vlan could have done the job just as well). Personal laptops and other devices connected to the guest network so infection risks to the corporate network were more or less nil.

In fact I preferred people bring in their own laptops or other devices instead of using their desktops to do personal work on, such as during lunch breaks (referring back to the separate network to limit infection risks). The other point for bringing in their own laptops was playing music or something. Most had a radio but sometimes you just want to listen to your own collection of music, music that was likely already on their laptop so just bring it in instead of putting the music on the desktop. Of course now that smart phones are so common, they probably have their music on that and don't even need to lug around their laptop for that.



Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10
reply to HumbleBee

I'm really surprised they allow you to connect your personal device to corporate network. Or that you're so careless to do it.


HumbleBee

join:2013-04-19
reply to JoelC707

Thanks for the answer Joel, it has been very informative



chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1
Reviews:
·PLDT
·Comcast
reply to HumbleBee

said by HumbleBee:

Right now, I bring my own laptop to work and connect it to the boss' network.

I am retired now. I was a "corporate IT dude". At my former place of employment, unless the "boss" knew and approved (In the many years I worked there this was never done) you would be reprimanded (or worse) for just connecting it to the "boss'" network. As for expectation of privacy on the "boss's" network, there was none, everything you did was monitored. There was limited "private" usage allowed of the "boss'" network, on the boss's computers, but always subject to monitoring.
--
Chris
Living in Paradise!!

HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to HumbleBee

JoelC707 See Profile makes a pretty good point about knowing the applicable law where of where you're from.
Not sure how accurate this is, but at least it's in pretty readable format, especially if you have a short
attention span with anything legal

Regards



nightdesigns
Gone missing, back soon
Premium
join:2002-05-31
AZ
Reviews:
·CenturyLink
reply to HumbleBee

I have always taken the stance that if it takes place on a company computer or network then it is under their control to do whatever with. I do not check my personal email, social network, or pretty much anything not company related on a company asset. With smart phones, I can do all my personal stuff on there. Never would I think about connecting my personal laptop or device to the corporate network.

Sadly, plenty of people think it is OK to be holiday shopping, facebooking or job searching while in the office.
--
This Space for Rent...



Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN
reply to HumbleBee

said by HumbleBee:

Right now, I bring my own laptop to work and connect it to the boss' network.

WHOOP! WHOOP! WHOOP!

Personal equipment should not be allowed or connected to the company network.

WHOOP! WHOOP! WHOOP!


You have no expectation of privacy using someone else's network, be it work or open wifi. Connecting your machine to someone else's network you give up all rights of what they can do to it.

If your private laptop is just sitting on your desk, not connected to the company network you have nothing to worry about. Once it connects to their network, all bets are off.
--
“Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something.” ¯ Robert A. Heinlein


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to nightdesigns

Well I know that apparently in Norway its against the law to view a user's work e-mail.

Seems over there an exchange mailbox belongs to the employee not the company and if you give yourself full access rights to their mailbox to see if something is working then in Norway you're breaking the law.
--
»www.change.org/petitions/create-···imcity-4


HumbleBee

join:2013-04-19
reply to Kilroy

yeah I agree=

In my last employer, it was the same policy ---even if you put a USB in the computer and an executable was run, HQ would know and your computer rights were frozen, effectively giving you a (temporary but fairly humiliating) forced vacation,

but my current boss is so cheap that he wants everyone to bring in their own laptops. He owns a small branch of a financial institution so I was actually really surprised that it was actually mandatory.



Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN

said by HumbleBee:

He owns a small branch of a financial institution so I was actually really surprised that it was actually mandatory.

I'd start looking for a new job. If this is how the computers are handled I'd hate to see how the rest of the company is run. If you're running a business, it is your responsibility to provide the tools for your employees to do their jobs.

The only possible way that I could see this as a good thing would be if you were in sales and were given a "computer allowance" to purchase the make and model of computer that you want. Other than that, having everyone bring in their own computer is only asking for problems.
--
“Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something.” ¯ Robert A. Heinlein

TXrex

join:2013-05-30
reply to HumbleBee

I live in INdia, work for a state govt. Corporate Enterprise.
Here we have a company policy which pays for Laptops of Specified config. and OS to be purchased by employees for office use.
My laptops is bought under the same scheme and has Windows7 Professional OS. All the PCs in our Secured Departmental LAN have an option of SWITCH USER. WHile i am the owner of the laptop and have my own data on it some of it is restricted to me and my boss and my team and dont want it to be revealt to other office members. Additionally i have written a technical paper which i want to keep restricted to my own user access and dont want anyone to have access to it. HOwever as soon as somebody access my laptop through switch user, he/she has access to all the data.(This is a case when laptop is connected to the Office network and the person has physically come to my desk to do so.)
Secondly as soon as i disconnect the laptop from office network, still that person is able to login into it as his user acct has been alrleady created while lptop was connected to network.Thsi shouldnt happen.
Such access should be only whence the machine is connected to the network.
When i asked the network administrator that i want to have restricted access to my folders and in a strict sense i should be the only one who can see a folder containing my propriatory information, he was reluctant.
These two links throw some light on privacy of data and define what is personal data.

»ico.org.uk/for_organisations/dat···initions

»ico.org.uk/for_organisations/dat···ide.ashx

Storage of personal data and limiting its access to yourself is your right as long as it has no implication on company/its assets/law n order no matter what network you use.

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8

Why can't you simply set the security on files that you don't want anyone else to read?