General discussion

Locked

DOWNLOAD: 10 ways to monitor your users

By JodyGilbert ·
http://techrepublic.com.com/5138-1009-6029395.html

After you take a look at this download, please post your feedback, ideas for improvements, or further thoughts on this topic.

Thanks,
--The TechRepublic Content Team

This conversation is currently closed to new comments.

49 total posts (Page 1 of 5)   01 | 02 | 03 | 04 | 05   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Disk cleanup can also clear the cache

by Starderup In reply to DOWNLOAD: 10 ways to moni ...

Restricting access to Tools>Internet Options won't keep users from using Disk Cleanup from deleting temporary internet files, but these are some good suggestions, including the last one.
When I did tech support for a major pharma company, they had NT locked down to the point that there wasn't even a Run command on the Start menu.
We had very few problems with user installed software.

Collapse -

Issue raises a conflict

by doronzehavi In reply to DOWNLOAD: 10 ways to moni ...

What if you find out that your employees are spending their times reading techrepublic security articles?
:)

Collapse -

Who needs to know

by compguy101101 In reply to Issue raises a conflict

Well if they are employed to mitigate security threats and keeps users productive, then there should not be an issue with reading the techrepublic security articles. But if their job has nothing to do with IT then there should be no reason for them to be reading the articles other than for general knowledge, which would be on company time using up network resources that could be used for job related activity's.

Collapse -

I bet you got beat up a lot as a kid.

by thetae83 In reply to Who needs to know

You love minding the business of others and enforcing the rules of external authority because it makes you feel powerful. I hope they give you a little orange waist and shoulder strap and badge as a display of your authority. How sad you are, little man.

Collapse -

Power Hungry?

by compguy101101 In reply to I bet you got beat up a l ...

If you believe I am hungry for power you are highly mistaken. My thought behind monitoring users is job security. It is the IT departments responsibility to have critical operations running at the times they need to be running with no interuptions in service.
If a user is abusing bandwidth that could be better allocated to business critical applications then it should be documented and reported. After that it is out of the IT departments hands unless a higher ups decides to act on what you have told them.
What happens when your boss comes to you because some govermental agency is knocking on the door due to and employee downloading gigs worth of copyrighted music, software and kiddie porn? Are you going to tell them that you didn't know that the employee was using the computer for that? Your boss is going to tell you "Well what the **** am I paying you for?"
Granted if there is no policy then technically it is not your responsibility to monitor user activity but it is still in your best interest if you want to have a job.
It is not the IT's departments responsibility to make rules, all IT people are suppose to do is enforce existing policy's and play babysitter for users like you who feel they shouldn't be watched when they are downloading something they don't need to be.

Collapse -

Support the party

by thetae83 In reply to Power Hungry?

Its shocking how much your post read like what I would imagine the diary entry of a loyal low-level members/workers in the bureacracy of the Nazi party circa late 1930's Germany would sound like. What happens when the Commandant comes beating on my door looking for mein heinie?

I don't know what happens. I am troubled about a larger issue. How easily, and without question would some allow a sense of personal morality to become the slave of the internal policy of a job. Which is more important, your ethics or your job? Which defines who you are? (On the weekend, if you are allowed such a luxury, you should try reading some philosophy, e.g. Locke, Rousseau, Kant, etc.)

I know such talk may be out of favor in our times, b/c it is powerful private interests need to maintain the illusion of subservience and fear of punishment w/in the organization and have tremendous public influence. Hence, the demise of a liberal arts education.

You have right, ability and responsibility to think about what ramifications your personal ethical choices have in the larger world. Work for a company that has given enough thought to IT policy that it is not necessary to spy on its employees. Or design such an IT policy yourself.

Or just continue to spy for your employer. Just don't try to sell me on the fact that is necessary, let alone righteous - and defend it with an argument that your job morality should supercede your human morality.

Collapse -

Well Said

by compguy101101 In reply to Support the party

I think you bring up a good point in that you have to consider by an ethical standpoint the decisions you make. I also agree that job security being the driving factor in an excuse to monitor employee activity is not the best stance that could be taken.

I do think that employees should be monitored to a degree, but when "monitoring employee activity" is brought up, I think that it is being misconstrued as "spying." I don't think that you should spy on your employees by singling out each individual one and looking at everything they do. It is a waste of time and resources. Rather monitoring the network as a whole and if there are questionable activities that you notice in log files or protocol analyzers then a more in-depth "spy" session should commence and that employee participating in the questionable activity should have their resources monitored and reported to appropriate individuals.

You state that if a company has a well thought out IT policy that there is no need to "spy" on its employees. Even the best IT policys are worthless if nobody follows them. To verify that employees are following the IT policy, you have to examine(spy) log files and protocols on the network to confirm the compliance.

Even an ethical approach to monitoring network security can be taken as spying. So by clarifying what is being monitored and how it is being done can eliviate the misconception that IT personel are spying on its employees.

Collapse -

INSTILL FEAR IN THE USER

by Barnsey123 In reply to Well Said

Most of my users just ASSUME that I monitor everything that goes on on "my" network. Some think I read all their emails. I don't but it doesn't harm to leave them with the impression that I do! When they say things like that I just raise a knowing eyebrow and act coy. This keeps them on their toes. All I do is install a URL Filter (e.g Websense) to stop them looking at porn and let them get on with it.
I have often been asked by my "superiors" to actively spy on people but I refuse MOST of the time. It's a matter of principle and particular circumstances.
I DON'T read other peoples emails but I know many IT geeks who DO. It makes them feel clever and powerful. Some people can't help themselves.

Collapse -

Why not just do the obvious?

by mjgooch In reply to Well Said

Just keep track of bandwidth use on the netrork. If it approaches a set limit,THEN go looking for the biggest offenders. This will not be construed as spying, because there is a legitimate reason for the search.
Leave the browsing/downloading policies out ofthe IT deparment altogether.

Collapse -

My apologies....

by thetae83 In reply to Well Said

I wish to apologize for the tone of my very first message ("beat up as a kid"). I was just so taken aback at the direction of the messages that I was reading, seeming to me without any real consideration of the ethical issues involved. As I read this thread now, I now see those concerns being reflected in a serious way - and that gives me hope.

Back to Security Forum
49 total posts (Page 1 of 5)   01 | 02 | 03 | 04 | 05   Next

Security Forums