How is your company monitoring your Internet use? (desktop, games, keyboard)

[goodtype]

I was told at my last few temp employers that the company will monitor the Internet use of staff members including temps. I understand that the modern technology allows them to get a list of every Internet site we visit and even a picture of every screen view we have ever had on the computer. So in fact if my employer wanted to read my personal emails and the silly messages I put on this and other message boards they could. But do they?

I wonder just how much the typical Corporate IT Department does in the area of Internet monitoring. Are the IT folks laughing at me and other employees because they can and do monitor every screen save of the moments we are on the Internet, or do they look at a list of every website we visit, or do they only worry about it when we are suspected of abusing our Internet?

Any IT or HR folks who can tell us a little more about Internet monitoring at companies today? Tell us more.

[Magnum Mike]

Quote:

Originally Posted by goodtype

I was told at my last few temp employers that the company will monitor the Internet use of staff members including temps. I understand that the modern technology allows them to get a list of every Internet site we visit and even a picture of every screen view we have ever had on the computer. So in fact if my employer wanted to read my personal emails and the silly messages I put on this and other message boards they could. But do they?

I wonder just how much the typical Corporate IT Department does in the area of Internet monitoring. Are the IT folks laughing at me and other employees because they can and do monitor every screen save of the moments we are on the Internet, or do they look at a list of every website we visit, or do they only worry about it when we are suspected of abusing our Internet?

Any IT or HR folks who can tell us a little more about Internet monitoring at companies today? Tell us more.

I work for a company that has over 30,000 employees and they don't want to monitor everybody's internet use. What they do however is block out sites they don't want us to visit either because of their contents or their servers are notorious for spreading viruses or malicious software. There are also sites with medium or unknown risks, so if I visit one of those sites, I'll get a warning message, and they'll log a record of my visit somewhere, just in case something goes wrong with my computer. Thankfully, that never happened.

[stock66]

A lot depends on the company you work for. Do they think the cost is worth the info they will gather? I have worked for a large (Fortune 500) and several small companies as an IT Admin/Manager. Some places do not care at all others would love to know everything you do. However do they want to know bad enough to spend the $$ and time as well as risk angering their employees?
Of course where you sit on the feeding chain also has a lot to do with what you will get away with. One place I worked people in cubes were fired for dl'ing porn but no one in an office ever was.
Also if they are monitoring be sure to avoid sites that have to do gambling, sex and alcohol. They are instant red flags unless you are in one of those businesses.
Another flag can be huge data transfers unless you are someone that should be doing those sorts of things. The same with email, if you are getting huge picture files that are getting caught in "the pipe" you have a better chance of getting caught.
As an IT head it is always my job to tell people we monitor everything although we do not. We could pick and choose to do it though. If a supervisor comes to me about someone they wanted info on I could give it to them. Also I might be more likely to report problems about some people than others.
Best bet? Buddy up to your local IT staff for the scoop on your company

[BrianH]

I agree with stock. I 'monitor' our staff here. And by 'monitor' I mean I dont do anything at all, unless asked by the bigwigs

When I worked for an ISP I had my interweb access taken away cause I dl'd 6 gigs one sunday (slow day with 10 out of 300 people there) and monday it was gone. Had a note under the keyboard telling me what to do to get it back, install socks yada yada yada.

[macroy]

The key word these days is "control". Instead looking at where you're going - its just easier to prevent you from going to the sites that may get the company in trouble (you get caught looking at porn by the secretary - she's not suing you, she's suing the company - you getting fired is just one of the results of this).

There is a whole industry out there that filters and logs your online activities. And while no one is glued to the screen monitoring every move you make, its most likely logged in case they want to look at it in the event a complaint comes up.

As an INFOSEC manager, I do look at reports on a daily basis - one to see whats going on on my network - the other is actually to learn the proxy sites I need to block. Users are smart - they will try anything to get around your controls. We block IM - thus, some will then uses a proxy to get IM through a http session - it'll work for them for a short period.. until I catch them on my logs. And then I block that site specifically. But the bottom line is not productivity - I don't care if users are pissing their time away surfing the net - that's their managers' problem. However, if what they do is putting my network at risk (and for the most part, most of these policies are more geared towards risk mitigation than efficiency) - I'm going to shut them down.

I'm being paid to keep my company off the front pages of the news. And if these users (who have signed an acceptable use policy) decide to play games with me - I'll eventually find out. And with today's technology, I don't even have to look at the logs - correlation engines will allow me to strings behaviors together so if you do A, B and C - I get notified.

Trust me - as long as you are using your IT resources (i.e. the network), they CAN just about monitor and log everything you do. Whether they really do or not depends on the resource they have.

[bigdummy]

I work as an IT Manager & Network Admin for a mid-size company. Our firewall produces detailed logs of exactly what everyone has been doing on the internet, but we rarely review them unless we have reason to. Reason would normally be that a manager asks us to provide a report showing what a particular employee has been doing.

I've worked for several companies over the years, and I have to admit that IT people sometimes look at employee internet usage just for fun, to see who we can bust for looking at porn, or screwing around on the internet doing things they shouldn't be doing.

The one consistency I have found, from one company to the next is that it's never the pee-ons, or the liberal types who look at porn. It's always the managers and the conservative, church-going types. The more uptight the person is, the freakier the porn is. It's funny how this is literally always the case.

[Mach50]

As a consultant, I have seen some pretty strict companies.

I have seen programs that:
1) log all the web activity on your PC (sniffs that content for proprietary data)
2) periodically takes screen shots of your desktop
3) Searches through your email.
4) Shuts your browser off for 5 mins if you are on it for more than 15 min.
5) Puts all of screen shots, logs and emails into an Excel Spreadsheet and upload onto a Server for Security to go through.

This was at a major defense contractor.

[Wi_Girl]

Oh yes our company does monitor the internet usage. And we have a company of 19,000 people. They also use something called Websense that limits alot of the internet to most people. Only certain people get full privileges...and even some of them have gotten in big trouble for internet usage. We have a huge IT department and its monitored all the time.

[mrdude]

just because they CAN monitor everything you do, doesn't mean that they do.

At my company, some sites are blocked; sites that are either bandwidth hogs (like streaming music), or are not safe for work (adult sites, etc).
a few of my co-workers spend quite a bit of time keeping up with their fantasy football teams, and they've never been in trouble.

Also, one of the guys in my group is the system admin for our anti-virus software. the only time he ever looks at what people are viewing is if he's bored and he wants to see how people got a virus. it's amazing how many people get viruses from gospel music websites, lol.

each company is different, though.

[Mike in TN]

When I was in the military, they supposedly monitored our usage, but I believe they primarily relied on filters.

However, I worked at a small branch of a nationwide company (think Scranton/Dunder Mifflin). I would surf all the time until a regional IT guy emailed me and told me I had been online 32 hrs in one week (I only worked about 38 hrs.). He let me off with a warning, but it was a good enough deterrant that I stopped doing it that much.