Likelihood of IT using a Packet Sniffer

It varies from "almost certain because they're logging IM traffic automagically and proxying it to the internet" to more along the lines of what you're suggesting--auditing on an as needed basis if he's screwing up in something else. Depends on teh size of the organization, their risk tolerance, and IT infrastructure.

It also depends on what he signed in terms of paperwork when he was hired.

I will share this though:

I know of a guy who worked for a large retail chain's front end development staff. He had exchanged ongoing jocular banter between him and a colleague that had a high incidence of Jerky Boys quotes.

It came to management's attention some how and they were both fired for it. I don't have the entire story, so take that for what it's worth, but there's reason to be extremely cautious with this.

Personally though, if my employer won't treat me like an adult and allow me casual and resonable access to a personal email account during the day, I don't wanna work for them.

If you want to keep them from being able to read your personal email, that's where encryption and proxies come in.

Best Regards,

We documented a case of a worker sending 843 emails in one shift, they were warned 3 times and then fired. Most of the employees at our customers have little need for outside email, so it's easy to monitor.

We can run a report in seconds that shows User, date, subject, number of emails per subject, number of emails per day, total emails per period, in/out direction, who to/from....

We normally check for 30 external emails per week or more for people that have no business using external email addresses, above that and they are warned/fired.

With this and web filtering/monitoring, most places see an increase in productivity, as high as 30% after the first couple weeks of enacting the policy.

snipped-for-privacy@toddh.net (Todd H.) wrote in news: snipped-for-privacy@e6g2000prf.googlegroups.com:

Who owns the computer? You? Or your employer?

If it's not your computer, then you have no right to dictate how it's to be used.

Where do people like you get the idea that you have a _right_ to use the company computer they way _you_ want to?

Brian

I fully agree, but that's not the point.

Todd said "if my employer won't treat me like an adult and allow me casual and reasonable access to a personal email account during the day, I don't wanna work for them"

That's a fair statement to make, as long as it is made openly. One doesn't *have to* work for a certain company, and a certain company doesn't *have to* hire him. It takes two to tango.

Root Kit wrote in news: snipped-for-privacy@4ax.com:

Point taken.

It's just that I see so much on TV, etc... of people whining when they get in trouble for doing personal stuff on the company computer, as if it was their God given right that was just tread upon.

But I have to wonder, would a person not take or quit a job just because they can't have access to their personal email from the work computer?

On a related tangent, it just seems to me that too many people don't respect other's property.

Brian

Nomen Nescio wrote in news: snipped-for-privacy@dizum.com:

And what do you expect the admins are going to do when they see encrypted traffic going through their servers, traffic that is not expected? They may not see WHAT is being sent/received, but they are still going to know WHO. That alone may be enough grounds for termination. In the extreme it could lead to a criminal investigation to see if any company secrets were divulged.

BananaVPN may not be subject to any but those laws, but the person using the service still resides in another country (USA, or China) and is still subject to THEIR laws. Again, 'they' may not know WHAT is being sent, but they will know WHO.

Go read up on cryptography some and pay attention to the bit discussing "traffic analysis". Data does not have to be decrypted to learn something about it.

I'm not even an expert and I know this. What do you think the big boys know and can do?

Brian

out of curiousity, what software are you using for that? M

Absolutely.

Well, it certainly isn't a god-given right, but you keep your employees happy (and thus more productive) if you allow them to stray every once in a while. Provided they get their work done, that is.

cu

Hoever, there is no POSSIBLE way that a subpoena could be served on a company that is in Cyprus. As long as the USA server was not being used, there is no way they that BananaVPN would EVER have to comply with ANY court order from a U.S. court

And being able to use Skype, in countries where it is blocked, is a selling poing that BananaVPN uses. They ENCOURAGE people that want to use Skype from places, such as Middle Eastern countries, where it is blocked, to use their service to circumvent blocking up Skype.

The ONLY reason, I think, they have a U.S. server, is so that people who want to use services, such as the Pandora music service, that are restricted to U.S. IPs can be able to tune in, as well as watching online streaming of shows from CBS, NBC, ABC, etc. that are restricted to U.S. IP addresses, and they make it a selling point for subscriptions to their U.S. servers. And circumventing geographic restrictions is not currently against U.S. laws, though there are rumors floating about that Congress may introduce a law, during the 111th Congress, to make such circumvention illegal.

And some even have their own proprietary client software, to make it more secure. One service I had, PrivacyView, is good, but the speed is only 312K, when I checked it on a broadband speed test site. BananaVPN is much faster.

One of their selling points, which appears to ecourage people to use it from work is "Your office/school will not know you are using it". Then again, encouraging this is LEGAL under Cypriot law, so any company whose employees use CANNOT hold BananaVPN liable for the actions of their users, under Cypriot law.

I agree with this point.

Yup.

For anyone that's worked in such a draconian environment, a fascist policy and technical controls that prohibits an employee accessing some personal email during the day tend to be just one symptom of a much larger trust problem.

For many tech workers, it'd be akin to prohibiting a personal cell phone on the premises, or having a strict prohibition against the taking of any personal calls on the work phone line.

That's not to say there aren't job roles where such prohibitions are required, or tend to attract workers that wouldn't get their shit done otherwise. My work, however isn't in such space.

Best Regards,

In Belgium, if the IT department wants to check up on you, they are obliged by law (CAO nr. 81) to inform the employee(s) about this /before/ they start checking up on him/her/them. Not informing them is considered illegal and an invasion of privacy.

Of course, the IT department is permitted to collect anonymous data. For example, they can screen which sort of attachments are being sent/received or look at which URLs are being accessed, as long as this is done "global" and not on a personal level.

So, you might want to check what the law in your country says before asking such questions in an international newsgroup...

We fire people for personal use of company networks, they understand and don't use it.

And for many companies, it's not a trust issue, it's a COST issue. We've documented many cases where about 3% of the workers waste real hours per day doing "Personal" internet things instead of working.

You're right about it being a symptom, it's a symptom of how few ethics some people have, how people have adopted the mindset that the Company OWES THEM A JOB.....

When you're at work, work.

We use GFI Mail Essentials at most locations, great product for monitoring emails. We also log all emails (full contents) for medical clients.

Ansgar -59cobalt- Wiechers wrote in news: snipped-for-privacy@news.in-ulm.de:

Hence it is a privilege, not a right.

Don't get me wrong. I'm not saying employers should be that strict. What I am saying is that employees need to understand their place in such a situation.

Yes, I browse at work. I try to restrict it to my lunch time, and try to restrict where I am going. I never do personal chat or email of any kind. Typically, it's just catching the news or browsing wikipedia or the like.

I simply respect the trust my employers have in me and I don't abuse it.

Brian

Nomen Nescio wrote in news: snipped-for-privacy@dizum.com:

But if you are in the US, then the US court CAN subpoena YOU.

But the employers can still hold the employee accountable for their actions.

I'm not arguing that BananaVPN themselves may be immune to legal action. What I am arguing is that those using the service are still subject to the laws of the country they are in and the rules of the company that employs them.

It makes no difference to the employer if the employee is surfing the net openly or squeeking through the system using a service like BananaVPN. If they are caught, they can be disciplined.

In fact, I think it more likely the employee would be fired if they were caught using an encrypted service to tunnel through the network as it shows a brazen disregard for the security of the company network and employee rules, and may beg the question of what proprietary company data may have been illegally transferred. Companies take corporate espionage seriously.

Brian

Did you also take into consideration the possible loss of productivity caused by unmotivated workers?

Not everything that's countable counts and not everything that counts is countable.

BS. It's just about the straight line between job and private life loosening up.

Ethics is a subjective matter which changes over time.

Okay. So when at home I accidentally get to think of my job or maybe come to think of a good idea that's job related I can claim an extra pay for that or take a day off.

A good rule of thumb is: Don't do anything you wouldn't want your boss to know about.