IT Employment·20,060 discussions

I found things on my bosses

Locked

Laptop that turned my stomach. He had pictures, movies and other things that a company President should not even let others know he looks at. The way I found out about them was because he bought a new laptop and I had to migrate the data to it. It is a boring process, you just watch the files go by. That was when I saw alot of jpg, pic, mpg and other things going by.
A question to all if you see things you should not know about should you tell your boss?
I ask because there was things that were Illegal
to have like pictures of people and mpgs from actors. I did not dig into the files because I do like to bother other peoples info.
This could really hurt this guy and his company. I do not want that but if he steals others things and pictures what do I do?

Topic

Things

In reply to I found things on my bosses

You say things that are illegal how illegal?? Is it things like CP or just yhings you think he should not have?? Sorry to sound negitive but the way you put it he is a thief.

Wayne

It Really Depends

In reply to Things

In two instances of your message, the words, “He bought” and “His laptop” were used. Many people consider “their” laptops to be a part of their personal space whether it is used for “company” work as well. What your superior asked of you was a data transfer operation, not for you to be looking through his files – no matter what they were. Curiosity has often killed more than a cat.

Absent actual illegal documents, or pornography involving children — and proof of such activities – the mere statement that the files appeared “offensive” to you – is not enough to gamble your job upon. While it often is the job of the network manager to be the “policeman” of the network (“the public streets”) – there is a whole gray area when it comes to another’s personal space – their own bought and paid-for laptops. Of course, reviewing network logs, etc – for breaches of company policy a good thing to do.

One possible solution is a program like “LapLink” or similar data-transfer programs, to teach and allow your superior to transfer his own files by himself. This becomes a “teachable moment” for you and him, and it removes you from having to be involved with information or files that you find to be offensive.

Just a thought.
Mike

Something to do

In reply to It Really Depends

Hello Michael,
I have many times ‘accidentally’ found non standard software and photos on the work systems where I work. This happens everywhere you go. Usually, I just try to ignore stuff, but if I do run into something that is against company policy, I will confront the person in question. BUT, Be tactful about it. DO NOT tell them what to do.
What I usually do is when I am dropping off the system, I will make a comment that there may be some things on the system that are against company policy. And, as such, you are required to bring it up. I also let them know that I transferred the files anyway, but if the system gets serviced by another technician, these types of files should not be on the system. I also give them a printout of what the company policy is. The whole time, not offending them, but casually brought up as a oh, by the way… This will take a lot of tension out of the scenario.
However, not all companies have a written policy on this matter, and many only have 1 tech. This makes it a bit harder, but it can still be done.
You can also offer to loan a cd burner to remove and store the files on their home system, but decline to transfer the files onto a cd for them, because you do not want to get involved any further.

Exactly Right

In reply to Something to do

This is the correct approach. The use of phrase “there maybe some” is perfect. Explain that there is no expectation of privacy on the company network and he runs the risk of others finding the questionable material. Someone holding grudge could use this against him.

Another senerio I have encounter is the son/daughter of the manager had access to the laptop at home. Someone else had loaded the material and she was not aware of it.

This approach avoids what I call the Network cop image and you are performing in a helpful advisory role that is to his benefit. If he is reasonable, he will remove the material himself and you have achieved the desired result. Otherwise, he is an idiot and deserves what ever happens.

Right on

In reply to Exactly Right

I’ve been in a similar spot and i have been saved by company policy. So confront him but never accuse him. Truth is, you don’t know for fact that he actually is the culprit (even though he probably is).
If there is no company policy (most small companies? don?t have any) take the initiative and set one. Site the problems that come with the questionable materials as reason: spyware and viruses to name the two big ones.

Subpoena

In reply to Exactly Right

I’m probably not the only one, but I’m probably one of the few that has been subpoenaed for what they’ve found on computers. I was upgrading and clearing out old files and ran into some triple-x stuff. Called and asked the owner if they wanted the porn to stay. The comment was “what porn?”

The couple was in the middle of a nasty divorce and child custody fight. Next thing you know I’m sitting giving testimony. Kid goes to mom.

A couple years later, I’m in the return line at Fry’s and strike up a conversation with a guy and his girlfriend/wife. I mention I’m from ???? and he says his ex-inlaws are from there. I ask who and realize from the answer that it’s a good thing that I’m not wearing a suit, ’cause he’s the guy that lost his kid over it.

Network?

In reply to Exactly Right

This is a simple case of someone snooping files on another’s computer. No network was involved. The boss asked for files to be ‘migrated’. Basically make my new laptop have ‘the same stuff’ as the previous.

In the case o the scenario of ‘somebody else’ loading objectionable material the law doesn’t care how it got there, only that you have it in your possession. The mere act of acquiring it is considered manufacturing (yes, I know that is a ridiculous interpretation) which is in many jurisdictions a felony.

The mere fact that the files were copied could set the copier for charges.

But in the real world

In reply to Network?

How can you tell what is on any HDD before you open it?

I do not know about you but I for one lack the luxury of time to waste looking at the contents of any HDD unless I’m paid to and even then it is the most cursory inspection I just keep the files in the more common folders and then proceed to erase the drive before reloading and then copy the files back across. The My Documents folder is an easy one even the Favorites is an easy one about the only ones that I’m ever close to looking at are the Address Book and stored E-Mails as they are imported in and even then I just leave the thing running while I do my work and come back a long time after it has finished.

Now this is where the Law at least over here is stupid it relies on you having “Intent” to break the Law so if you can quite rightly say that you have absolutely no idea of what was on a HDD then you have shown no Intent to break the Law and if there are any repercussions they do not fall on the IT person but the owner of the unit.

That is why I keep saying that if you don’t look you’ll never find yourself facing a dilemma such as this, a perfect case where ignorance is bliss. 🙂

Col ]:)

WRONG!, WRONG!, WRONG!…etc.

In reply to Something to do

After doing IT security for far longer than I care to remember…I have to say you are so wrong it is scary. In fact you are the person who would get fired ?for cause?. It is not now, nor will it ever be a job duty of IT to police users. IT implements corporate policy. Unless you have been specifically requested to determine the contents of this person?s hard drive by your HR or Legal department -or- a law enforcement agency with a valid warrant YOU not your President have crossed a line and should be fired.

Even if you notice a file name or extension that catches your attention during the file transfer you should not open to file.

Rules on searching

In reply to WRONG!, WRONG!, WRONG!…etc.

I think that we IT folks overstep our bounds sometimes and need to take a note from the police on what is punishable. They have rules on what is admissable during a court procedure, and how people come upon evidence to find guilt. We should be the same way & protect people’s privacy because ultimately it makes a difference with what corporate culture we make.

So if it were me, I would pay attention to how I found it. If he were watching it on work time and it was visible from his monitor, then by all means call the authorities. However, if it was merely on his system, you could implement a policy where computers would be swept of content outside the known, used directories, as well as large video files for people that do not need them. Call it a “keeping the systems in top shape” type of policy & include other things like scheduled defrags, disk checks, etc. Then go and delete the illegal content later on. The point is that you need a policy behind you before acting on anything, because nothing else will save you from a ruined career that could have otherwise been trouble free.

My Machine, My network

In reply to Rules on searching

How many times does this have to be covered?

When it is MY machine on My network,using MY resources, there is NO privacy, none, zip, zilch, nada.

If it does not specifically belong on this network, it is gone. Period.

Privacy v. Security

In reply to My Machine, My network

There is lot’s of things that should be private on a network. It is a breech of our ethics to be “exploring” through data that is stored in an area expected to be secure.

However, I’m defending privacy of medical records, financial transactions, and legitimately secure information. I would not transfer illegal movies or pornography. Instead, I might create a backup image (for my protection) and give him his new laptop without the illegal stuff. Would he dare ask “Where did my movies go?” If he did, I might enjoy the ensuing transaction. If I got fired, I would have a great lawsuit.

Not Wrong, Not Wrong, Not Wrong

In reply to WRONG!, WRONG!, WRONG!…etc.

Get a backbone. What are you supposed to do? Wait until the horses are gone before we close the barn door? IT has the responsibility to PROTECT the company’s network, data, bandwidth, and fellow employees from the dangers that this stuff can bring. Stay in your comfy chair so you can justify the overtime to fix the problems later.

Get a backbone

In reply to Not Wrong, Not Wrong, Not Wrong

I was just thinking those very words before I read this post.

It’s true.

You may be the only person that can prevent disaster to your company.

Haven’t you “accidentally” ever formatted a drive in error? Then just reinstall a ghost of the original install or reinstall the authorized legal corporate software for that laptop and hand it back with a note saying “oops”.

It might be nice if you were able to save his actual business documents before the format and make sure he knows that.

A fresh copy of the IT corporate policy installed on the desktop is also a nice touch.

Or just tell him that you found things contrary to policy and you removed them.

Oooppss??? Hmmm…

In reply to Get a backbone

I seem to recall using that one once, when an unlicensed version of software appeared on a piece of hardware in my network. I had a Corporate policy giving me the right to remove said software. I did so.

The CFO whose machine this software was living on, didn’t seem to understand the situation and had me terminated.

So much for using the policy as protection.

And I lost the lawsuit! The files were deleted, where’s the evidence. (He killed my backup tapes as well!)

So what do we do then? Hmmm??

What are you so afraid of?

In reply to Not Wrong, Not Wrong, Not Wrong

What is it about doing the right thing the right way that makes you so afraid of following the rules and staying the course? Backbone and OT have nothing to do with he issue at hand. If you want to play fast & loose with the rules in this instance would you also say identify theft is the inalienable right of an It professional?

Your response fails to note he obvious?the company, not the employees, owns the network and all that is attached to it. Therefore, the company makes the rules and stands behind the enforcement of the rules. Not IT.

Jezzzz….

In reply to WRONG!, WRONG!, WRONG!…etc.

It is positively, absolutely the job of IT departments to police the users. Our responsibilities lie in the ability to maintain a viable and working network, desktop, server, email ect ect ect. Anyone user’s actions that cause a detriment to this is in the wrong, not the tech that finds it. There are a lot of things out there for download that contain malicious code that make let confidential information leek to the outside world, especially on a President system. Throw away the whole ?IT is there to make the users life easier? crap fact is the world can not revolve with out technology and we are there to make it work and make it secure and if that means someone cant get to their porn page so be it!

As for this whole argument of privacy of a company owned machine, there is no privacy as long as there is a usage policy in place. There are enough employment termination cases through the US to back that up to! Heck if anyone needs a good usage policy email me and I will send you the one we created and sent through legal.

Software Police

In reply to Jezzzz….

If illegal software or documents are on a machine it is not IT job to remove it. HR is to be contacted and HR will do the investigation and have the software or documents removed. If IT does it on its own then someone in IT will lose their job.

WRONG is WRONG

In reply to WRONG!, WRONG!, WRONG!…etc.

If his company has a policy, the president is subject to it as an employee of the company. IT both creates such policies (in the absence of a distinct security function), AND polices it by bringing such evidence to the attention of HR who then ENFORCES the policy by taking action where appropriate. It would be a courtesy to approach the president with the discoveries, but the IT guy could be at risk if he does not report it to HR as a matter of policy. The president/CEO works for the board. The board would need to know if the president/CEO is a risk. See how complicated it gets?

True only in Public Company

In reply to WRONG is WRONG

Be careful here. If the company is publicly held, the policies will rule the President (especially since Sarbanes-Oxley). If, however, the comapany is private and the president is the majority shareholder (or can garner the support of the majority), then he answers only to himself. He wins, you lose, and you’ve got nothing to fall back on.

Wrong- You betcha!

In reply to WRONG!, WRONG!, WRONG!…etc.

As a 38 year IT veteran, I can state that State law as well as company policy cover me if I convert the pc, and don’t look at the contents of files.
If I get caught looking at them, I would be fired and possibly prosecuted regardless of contents.
If I look at the files, and discover a felony, or evidence of child/spouse/parent abuse, or evidence that suicide is contemplated, and dont report it, I can be put in jail. Before I am fired.

Bottom line: I move stuff from a to b. the contents, filenames, etc are S.E.P. (Someone Elses Problem).

Not sure I agree

In reply to WRONG!, WRONG!, WRONG!…etc.

I was a contract manager for other contractors for a client. One of my techs was in a middle of a migration for an employee when they discover illicit files transferring files.

I immediately went to the client contact and informed him of what was found. He agreed to speak to the employee about the content on his laptop and to review the company policy with them. There were no ramifications to me or the tech. In fact, he informed the tech that he should be notified any time this occurs.

I will admit I was nervous about going to the client, but do you what convinced me I needed to escalate to the client? I re-read the company’s policy over and over. It clearly stated that non-standard, explicit material is not permitted on the company?s system… AND discipline can be up to and including termination.

In this instance we were asked to report this type of behavior. As contractor we had no choice to obey by the client?s wishes. Of course I drafted and email and had them reply has a acceptance of this practice.

Remember! It’s not a company machine

In reply to Not sure I agree

If the machine was purchased and assigned by the company, you bet they have the right and responsibily to keep the system strictly under their control. Up to and including policies that hold the IT personnel liable for not reporting. But they also have to look at the issue differently when the system is owned privately. It becomes the responsibility of the owner to keep it clean and secure, not the company. So the company employee was in effect transferring personal data as a favor. The question then becomes; Should I report a friends behaviour in a trust situation? For the company; Should I allow company data on personal systems? It seems to me the company should consider allowing company info only on company owned systems. Then they can determine how the systems will be used without legal questions. The IT employee should consider the trust and privacy issues. Lets face it when you stick your neck out, you run the risk of it getting severed.

Actually you did agree

In reply to Not sure I agree

You agreed with my position. Thanks.

You followed P&P…well done!

In reply to Not sure I agree

Following the company’s P&P is the “right” way to go.

Yea sure…… In which universe do you reside?

In reply to WRONG!, WRONG!, WRONG!…etc.

I have been in charge of IT departments for well over 10 years in 2 major bucks companies. If I see contraband, and it may be a violation of law and/or company policy, the HR department would be seriously remiss in duty to frown upon my IT staff or myself from confronting any violating individual. I do scans of our major servers in search of illegal files (MP3, Video, etc.) The resources are the property of the company and I’ll be damned if I am going to let this kind of abuse go on.
– Jim

Here’s how it goes…

In reply to Yea sure…… In which universe do you reside?

Lawyer ? Did you view the offensive material?
Me ? No! ( Thinking of being fired for testifying to viewing illegal material during company time)
Lawyer ? Did you see Mr. ??????? put the material on his system.
Me ? No.

Long story short. I had made a backup of the material for my protection. My boss was suspended without pay for 2 weeks. I was fired.
I found out in my lawsuit that you can be let go without cause as long as the company pays you a proper settlement. In Canada it is 1 week per year of service. I found out that the powers that be did not want me looking at corporate documents. They drafted a new company policy that the it department was not allowed to view ?.. unless written authorization was obtained yada, yada, yada.

Have fun with this one as you may be left with the knowledge of doing the right thing as you look for a new JOB.

Sounds like P&P compliance to me

In reply to Yea sure…… In which universe do you reside?

Jim – sounds to me like you are following your organizations P&P. What is wrong with that? Making sure your universe is safe from hostile aliens is always going to be OK…if P&P back you. If not, nice working with you.

You are NOT a cop.

-Gordon

Absolutly right and more succint than me!!

In reply to WRONG!, WRONG!, WRONG!…etc.

What I really love are these other posters suggesting “blackmail” as an alternative while discussing legal options.

Seriously, file transfer is just that.

President of the company is also just that.

Want to practice your own morals at the job, become a ‘person of the cloth’, but if you have no ethics then you have no morals either.

Hear Hear!

In reply to Absolutly right and more succint than me!!

Good Job Kevin620
Simple and to the point.

Unless you know the Boss well enough to ask him in a descreet manner about the unusual content. Maybe suggest he allow you to search the disk for spyware and files that could have been downloaded without his knowledge. If he says no thanks, drop it. If he says yes, treat it as a private matter to preserve his dignity and your job.

Wrong!.. is Correct!

In reply to WRONG!, WRONG!, WRONG!…etc.

Watching file transfer may be boring, but noticing files to be pictures and then examining content without authorization to do so is a breach of confidentiality and a failure to exercise restraint that all administrators with previleged access must at all times. You should be fired for cause. In most public orgabizations you would be prosecuted too!

this is correct

In reply to WRONG!, WRONG!, WRONG!…etc.

absolutly, IT personnel is in no way,shape or form
Police or authority figure. you are assigned to an specific job/duty and have no right to open or browse around someone else’s personal equipment.
Unless you are given instruction “specific instruction” by like glrudd says in his reply HR or Legal department or any other law enforcemtn agency or instructed by your local police department. YOU have no right to open files. no matter what they are. I totally agree with GLRUDD on this

Re: Wrong!

In reply to WRONG!, WRONG!, WRONG!…etc.

If it is not the job of the IT department to police the proper use of computers and other systems on the network, then whose job is it? Shall the lawyers browse the network for unauthorized files? Do we give the HR folks admin access so they can look for illegal software?

Anyone who has worked in this business for more than two days knows that we in IT, regardless of our specific role, must serve as the front line to defend our corporate infrastructure from threats such as viruses, hackers, and other illegal activity. Granted, the situation must be handled delicately, particularly when the suspected offender is a superior. Ultimately, we are responsible for what happens on our systems.

Roles & Responsibilities

In reply to Re: Wrong!

Tim – You are correct when you say that it IT that is on the front line when it comes to protecting the corporate “infrastructure from threats such as viruses, hackers, and other illegal activity”. I believe you stray when you confuse the IT role of protecting the infrastrucure with protecting the moral fiber of the community in which the comapny exists.

To answer your question:it is the responsibility of the legal and HR departments to create and maintain a safe working environement for all company employees. IF…P&P as well as your job description states it is part of our duties to police content, then yes it is. If not, then no.

In addition to WRONG, etc…..

In reply to WRONG!, WRONG!, WRONG!…etc.

While it is not the job duty of IT to police users, invariably it is an IT person who accidentally “stumbles” into inappropriate and/or unlaw material on users machines. Anytime my techs stumble into something of that nature, we immediately report what we found to HR. It is then HR’s responsibility to deal with the user and the company infractions.

If it’s CP screw policy and turn him in…

In reply to WRONG!, WRONG!, WRONG!…etc.

…otherwise you’re just looking for trouble.

That’s it.

CP is covered by Federal law & some state law

In reply to If it’s CP screw policy and turn him in…

I believe it is a $500.00 fine not to report CP if you are an IT pro…

depends depends depends…

In reply to WRONG!, WRONG!, WRONG!…etc.

on what company policy states. In most corporations. Company data belongs to the company, it is therefore subject to random searches, which certain network personnel are required by policy to make, as part of security validation.

The important thing is to keep personal moral judgement out of it, and apply the policy.

Disagree totally

In reply to WRONG!, WRONG!, WRONG!…etc.

I must say that i disagree with your sentiments that the admin in question is wrong…. at least to the extent that he should question the entry point of this information to his environmkent because part of the admin’s role it to ensure data and information entering and exiting the company conforms to corporate policy. The reason that organization’s invest in sophisticated filtering and content inspection suites is to preserve the integrity of the company’s data and information and any breach of this is within his jurisdiction to account. I say run a scan on all users desktops for mpgs and jpegs anf forward to head of operations and let him and the compnay lawyers deal with it… will look worse when the auditors run into it and question your control systems..

No Idea Why You Would Say That

In reply to WRONG!, WRONG!, WRONG!…etc.

This is a legal question, and one of private property: the company has the right to decide what resides on its property. The issue regarding policies can easily be handled with a simple amendment to the employee handbook.

Additionally, if the company owns computers and there is illegal matter found on their computers, there is a very great danger that the company could be liable for its presence, if it doesn’t take steps to prevent it.

Well he uses it on

In reply to It Really Depends

The company network. And any good computer person with any tech experince can look at anything on the network. Well it would only take time and most techs have a lot of that.

whose equipment is it

In reply to Well he uses it on

I realize that you are no longer with that company but I still would like to know something. Apparently the laptop was his private property that was used on the company network. Then he purchased a new laptop and wanted to use it on the company network. Since neither laptop was company property he had no right or business asking you in the capacity of your employment to transfer the data from one to the other. He could have asked you either as a personal favor or hired you privately to transfer the data.
If the illegal material was copyright infringement then it’s up to you if you want to report the piracy issue. If the illegal material is Child Porn then you really should report it to the authorities. Bottom line is that it is your decision and I have only expressed my opinion. In any case I personnally would have let him know that the next time he asks for data to be transfered to first remove illegal or offensive material. And maybe cite cases where the tech department at Best Buy turned in a customer that had child porn on their computer.

You Said Some Images are Illegal

In reply to Well he uses it on

You must realize that if the images on the system are illegal then you can now be held as an accessory to it if you do not report it. If it is child porn then I don’t see the need to even think about it. That kind of thing is not only ridiculous but downright perverted and should be reported no matter who it is. Yes there?s the possibility that you could lose your job and no one would want that to happen to them but that kind of behavior can become dangerous to kids.
If it isn?t CP but some other material that clearly shows illegal activity then you still have the obligation to report what is there. Again, you could find yourself on the wrong end of an investigation if this information does get out some other way. Your ?boss? has inadvertently placed you in a really bad place. What exactly do you own him/her for that?
Of course, the final decision is yours and only you know what you?re going to do about it. If you say nothing then there?s a real possibility that nothing will ever come about from this and you?re completely free. You could confront the boss as has been suggested in other responses and that too could turn out fine ? or not. Or, you can cover your own behind and report this to whatever the appropriate authorities you feel should know. However you decide to go I would hate to be in your shoes right now.

Clearly Illegal?

In reply to You Said Some Images are Illegal

Will the lawyers out there explaim to me what
” clearly illegal ” is. Seems to me, we have nothing but high-priced lawyers in protracted court cases arguing the point in every venue imagineable. I wouldn’t be presumptuous enough to even venture an opinion on what is “clearly illegal “. Is child porm illegal if the child was constructed digitally? If a hacker were to load it into someone’s computer, would the mere presence of the porn be enough for indictment. Turning every over-the-shoulder spectator into an informant sounds like 1984 revisited. Does anyone remember the Hitler youths who informed on their parents for treasonous thoughts. The emphasis on the right to privacy is a national problem precisely because there are no standards that even the experts and authorities can agree on. Let them sort it all out. That’s what they’re being paid for.

Obligated to report it!

In reply to You Said Some Images are Illegal

If it was child pornography then you are obligated to report it, to hell with your job! if you lose it because of this they will have to pay you millions. Report it!

Not on company time!

In reply to Well he uses it on

Hmmmm! What IT job do you have where there is plenty of time to peruse (snoop) through files and folders that are unrelated to your job duty?

Can you spell D O W N S I Z E D?

In reply to Not on company time!

The only time I’ve had to look at what goes across is when I’m side-lining, or have a couple of mind-numbing exercises going on–non-automated installations–which require periodic user responses.

If he has that much time, it isn’t going to be from peeking that gets him fired, or at least it won’t be that excuse…..

You obviously did not read…

In reply to Not on company time!

what was written in the original post or you would have noticed that it stated: “… That was when I saw alot of jpg, pic, mpg and other things going by.
… I did not dig into the files …”
He did not snoop, just sat there watching the progress of the copying.

Learn the Law

In reply to Well he uses it on

If his laptop is private and he took measures (like password the share, for instance) to make access to his computer private, it makes no difference whether it’s on the company private network, the internet or connected to the company network over a vpn. It’s private information. If someone cracks it after being passworded and it becomes accessable from the net. It can be proven that his rights were violated by the “cracker” and so the “cracker” is the criminal. Not him!

Here’s a scenario. Person A and person B are standing in the town square along with lots of people and their children on a saturday morning. Subject B rips the clothes off of subject A. Who should be charged here? Subject A for lewd and disordly conduct? Or, subject B for assault? Sure, subject A is naked and it’s unlawful to be in the town’s square unclothed? That eveidence is in admissable because it was not A’s intent to be unclothed. Subject B on the other hand perfomed an illegal action that caused A to be naked.

Enough said?

didn’t sound like it was “his” laptop

In reply to It Really Depends

Why would a company tech be transferring files between personal laptops? It sounds like this is a company laptop. In any event, search and seizure restrictions only apply to the government, not to another citizen. And in this case, the person who “owned” the laptop gave it and the right to see all their files to this tech. So there could be NO reasonable expectation of privacy (requirement for s&s to take effect) in these files. This becomes plain view, or consent to search, etc. both exceptions to s&s protections, but again, only as to the government.
If you neighbor walks in on you doing something illegal, that is not illegal s&s, even though they may have been trespassing, so it is admissable testimony if a case is brought and the neighbor is a witness against you.
So in this case, I think the user is an ignorant user, and needs more “training moments” from this tech.

What planet do you work on?

In reply to didn’t sound like it was “his” laptop

I’m only a few messages into this and I can’t believe some of these people live on the same planet I do. Techs with enough spare time to notice what files a user has on his computer and to worry about the morality of them? Give me a break. A tech should try to tell his BOSS what to do? Have you heard of career-limiting actions? Same for refusing to work on personal computer equipment. We have execs who expect people to walk their dog for them when they bring them to work – and they do it!
I agree with the approach one person suggested – to treat the person as if it is not their fault. Act like it might have happened at home when someone else had access to the computer. I’ve seen cases where owners of laptops did not know their children were downloading stuff onto the laptop when the owner was not using it. Don’t assume that the owner is the problem without proof.

Voices from Planet Earth

In reply to What planet do you work on?

Its called differences in opinion. Its okay to offer it here. That is what a discussion board is all about to openly discuss an issue and to state one’s opinion. There are so many differences in the world no two people see things from the same perspective. Although there may be similarities and agreement in some areas. It’s okay. Enjoy the discussion. 🙂

Mars the last time I checked

In reply to What planet do you work on?

The things I was talking about were in deep, this is a company laptop. But he has many folders in my documents. The one I had the problem with was buried in a folder call personal, I did not think any thing of it untill I saw a folder called young and then seen the names of the jpgs going by. Then I started looking harder and saw a folder for music and it was 2 Gigs worth. And another called movies. I stopped lokking then because he was asking why it was taking so long. I checked his internet useage here and he is on and down loading more then me or my boss. And we down load MS patchs and updates, we should be the highest users here. But his banwith useage is double ours. But I was told to let it go, he can do what he likes! This is a Fed watched company and I do not need to be looked at for letting someone do what they want on the internet!

Then by all means friend KYBASH IT!

In reply to Mars the last time I checked

If the equipment is company property, and you were asked to tranfer the data on company time, you have a responsibility to the company, not that person. Read your companies written policy carefully on personal privacy policy. If they opt for keeping it legal, you better wash your hands fast. Most companies have a sour opinion of wasting their resources for things that reflect poorly on their reputation, and would appreciate being protected from possible legal actions.

Use the technology.

In reply to Mars the last time I checked

If you wish to limit his access, why not shave his network speed over time.

Folders named “Young”, “Music” and “Movies”

In reply to Mars the last time I checked

I take it from your comments that these folders are his own personal property. As you also said this was a company laptop, therefore the contents of these folders are subject to the corporate IT policy. If the “Young” folder contains CP then the person should be reported to the authorities, simply because it is illegal, not only where you work, but almost everywhere in the world!

You were also said that you were told to let it go. This is a very dangerous situation to be in. I would be getting out of there, before you become implicated in distributing CP, as that appears to be on his computer. Sooner or later, someone else is going to find this illegal material, and then the cat will be well and truly out of the bag, and if you do nothing about it now, then you are just as liable to prosecution as your boss is.

Its happened to me

In reply to didn’t sound like it was “his” laptop

The best way I have found to deal with this is don’t transfer the files. Its happened only once in my case. If anything was ever said I would have refused to transfer the files. The VP never said a word to me for not moving the files over. What’s he gonna say, “HEY YOU FORGOT TO TRANSFER MY PORN!!”

Me, too and Legal repercussions

In reply to Its happened to me

Been there, done that. I’ve seen more than a few people fired for stuff like that.

In MO where I live, you are legally required to report certain things that appear on PCs (i.e. porn, etc.) as a tech. No questions there. You can be liable if you do not.

1st Saturday Fodder

In reply to Me, too and Legal repercussions

When I’m looking for items to support some of the junk I work on, I sometimes hit Dallas’ 1st Saturday swap. You wouldn’t believe what I’ve found on ‘pulls’.

I found the internal communications from Frito-Lay on downsizing product while keeping the bags the same size.

I found the upgrade proposals for the C-130J series avionics, countermeasures specs, and a five year plan for competitive bids on three current fighter upgrades. (Probably should have sold it to their competition…or DOD. Any company with an IT staff that lax deserves to lose.)

This wasn’t recovered using an un-erase utility, it was undeleted files.

I found the entire history of a family that showed their gradual financial decline, bankruptcy and the loss of house, business, and respect. That was one rainy 1st Sat that the repair section of a computer company was dumping the unclaimed repair items–at $5 per pop (non-working laptop that I had going in about a half hour.)

As to the original source of this thread: Grow some balls, wipe the shit, look the guy straight in the eye and tell him some stuff was lost in the transfer…or transfer it and use a milspec utility to wipe the offending crap off the old laptop. It’s probably going to go out to some poor schmo that wouldn’t have a clue and get busted for content…or fired by the same guy that put it there.

I Agree with you on this one.

In reply to It Really Depends

Hey Mike:

I certainly can agree with you on this one. I would also like to point out that data transfer and perusing through files are to different activities. It leaves a person to wonder how would one know of such personal things illegal or otherwise, if in fact the indivdual doing the data transfer were not snooping.

Even with the remote possibility that the files could be viewed during the data transfer, which I doubt. Then, there is the issue that how can one move from offensive materials to illegal stuff to even theft. It appears there is allot of assumptions made in the original post.

For example, stealing others’ things. How does this individual even know if the items were stolen. Not to sound condescending. This is just another point I thought should be made and some food for thought.

What he calls his

In reply to It Really Depends

Is every thing in the bank. He is the CEO, but every thing is bought through the company. His car is leased through the company, His house is paid for through the company. I got to thinking what is down loaded like music and movies. So I ran a scan, virus, spyware ect. It tirn up three computers that were excluded with too many error messages. His was one of them the others were out side the dmz two file servers that do not directly connect to our network. His connects but is scanned at connection. I do not know if any has made it by the scans. We are being audited as I type this, I guess we will find out.

Two choices then two choices

In reply to It Really Depends

Decide: is there anything illegal, eg kiddieporn and depending on the peculiarities of USA legal systems, anything else that is illegal.
No – then your range of response is governed by Company Policies.
Yes – Your call. If you become involved in handling the information then you assume some responsibility. There has been heaps of good advice on avoiding the issue in other posts

He had copies

In reply to Things

Of new movies, new porn movies and other things. I keep up with the list of files that are not free and what is legal to have.

Shared responsibility

In reply to He had copies

Surely if your network policy precludes installation of software, offensive material,downloaded music/video files,then as network manager/techie one is just as responsible for policing the network and everything on it.
We have a clause that states that the Network Manager reserves the right to delete any and all files that go against company policy
Remember that it is after all the company network
When I was training I was told “view what you want but think who may be looking over your shoulder”
Having said all that its still a highly contentious area
I certainly wouldnt want to be drawn into anything as an accessory especially if it involved porn by my inaction

High Horse

In reply to He had copies

So there is no C Porn then ? Cause if there is CP, then go postal on him. Otherwise i’m inclined to say leave it alone.
I understand your problem, that the stuff if on a laptop used for work. But how many of us are guilty of similar offences ? lets get off our high horses and think about it. I’m a DBA, so I should know better than to go aganst company policy, yet here i am , online, while at work and have other things to do. I’ve loads of jokes in my email, some would be offensive to others. These were sent to me by people who found them funny. I find most of them funny, the ones i do not find funny, or offensive, I delete immediatly. I used to have a copied version of Tetris that i did not pay for, and i played it every day ! Unfortunatley i lost it when my pc was wiped. I have no interest in porn, but if someone does, that is thier thing, its not up to anyone else to say otherwise. Have you never copied a cassette (remember those), or burned a cd for a friend or borrowed a book instead of buying it yourself? Have you ever exceeded your licenced number of users for software ?The list goes on. I’m in no way condoning theft, but unless you have actually seen this guy commit a crime and you have video footage (which if you did would probably be illegal anyways) to prove it, get on with your life. There are bigger things to worry about. Take the sun for instance, did you know that in a few billion years its going to swell and swallow the earth. This worries me. Or what if goldfish mutated and grew to the size of whales overnight…big probs there my friend..!

A Friend of mine was dragged through court

In reply to High Horse

He replaced a drive in his buddy’s PC – He forgot the cardinal rule of checking and wiping the drive he took out – He was bought to the authorities attention for downloading music – but the confiscated everything (as they would) and in the course of their investigations found child porn on the drive – Luckily he had a receipt and proof of where the stuff came from – but it implicated his buddy – as it turned out, his buddy didn’t even know how to use the internet – it was his sixteen year old son. this took three years to investigate and destroyed two families because everybody assumed where there was smoke there was fire. I would only point out that if someone is more senior than yourself and in a position to fire you if your wrong – then just point out the corporate policy to them, mention that data on the laptop could be construed as being in contravention of that policy and let them then decide what they would do, it may be enough to make them realise that big brother is watching.

Laughing Out Loud!

In reply to High Horse

🙂 Cute.

first thing to do…

In reply to He had copies

Is to transfer that on my own laptop 🙂

I agree with the other posters here

In reply to He had copies

If you say you are no longer with the company then what are you still hanging onto their stuff for. Also you have never come out and said that it was a company computer or his own personal. Big difference here.

As far as you doing the transfer for him. That was up to you. He asked you in good faith to do it for him and here is were we are. As with the other guys have said. If it is kiddie porn or other illegal things of that nature by all means you are required to report it, but if it is just some mp3s and a couple of movies he as an adult are legally able to own, then hey it is a moral call.

As far as you having backups, kinda scary, and legally you are now illegally holding what might be proprietary company info. You turn him in for what might be 6 or 7 movies, he might own at his house, and he turns around and sues you.

Your call.

Who hasnt found “questionable” material

In reply to He had copies

I work on a network with hundreds of users. Im constantly finding Photo files, music files, etc. Because it uses space on my network more than anything (and we do have a policy in place against such things). I usualy ignore the material if its only a couple of files, I may mention it to the user if its more than a handfull, if its too much I would secure a copy someplace and remove the originals with a message to the user that these files have been removed and if there was a “business purpose” to these they could ask for them to be copied to CD. If I dont hear in short order then they are deleted.
Usually you can tell by name or storage location that they are of illegal or offensive I have on one occurance reported material to our HR department before removing.

What exactly do you need to hear?

In reply to He had copies

I didn’t get too far into this thread before I was hit with a few questions (and perhaps they are questions that others state later on)-
(1)What is it you are seeking?

Justification, validation, a plan?

There will always be at least 4 sides to any discussion. Firstly there’s the side of what’s “right” (the thing that lets you live with yourself and look at yourself in the mirror each day-no one here can tell you that). There’s what’s “right” (the thing that lets you keep your job). And then there’s what’s “right” (the thing that follows (or sets) corporate policy). And finally, there’s what’s “right” (the thing you wind up doing).

Basically, none of us can tell you want you need to do. We can only offer suggestions or personal history.

I think it is a big assumption on your part that the files are “illegal” just because they are current. There are screener copies of movies. There are legitimate pay per view/download sites where one may obtain music files, nudie pix, whatever floats their boat.

The second dangerous assumption is that the owner of the laptop was the culprit. While they are culpable because they own the laptop, you have no proof (from “watching” a file transfer) that they put the files there themselves. It would be very easy for the President of the company to say he didn’t know anything about the files and accuse you of placing them there.

The final assumption that you are making is that it’s your place to carry this burden of morality.

True, there are infrastructure risks that we’re all aware of with dubious files, but there should be a clearly defined chain of command in any organization that you can follow to report those.

BUT, unless you are a qualified representative of the motion picture association or recording industry or law enforcement, I personally don’t feel that it’s your place to assess the legality of files on a machine (that you were just copying).

I know that there are those that see the network as “their” network in IT, but keep this in mind:

The PRESIDENT of the company bought the laptop (and probably bought ALL of the other equipment in the company, too). The issue of personal laptop for company use or company laptop is moot.

What it comes down to, is you just have to do what’s right, and ultimately that means doing what’s right for you.

But that’s just my two cents.

Stolen & illegal

In reply to He had copies

He could have purchased it? I believe that if it is company policy that porno is not allowed then you can discuss this with you manager without being explicit about the content. However, if the content is illegal eg. child porno then you should immediately discuss this with your manager and also say that you are going to take it to the authorities. Whistle blowing of this kind is difficult on your career but it is a matter of being an accomplice to the crime knowing about it. I have been through a similar situation with porno and top management and it was dealt with by the other top management members is a way that it did not harm the company and also had a marked influence on the person involved. Each offence has its own method of how to deal with it and the person involved.

Should have posted this one on searching

In reply to I found things on my bosses

company pcs.
Sounds like a P2Per, say you don’t work for the RIAA do you ?
Is it his pc or a company one.
Is he contravening company policy.
Are the files illegal or offensive at least in terms of file names. If they are illegal is it simply IP related.
Do you want to sue him for offending you.

If it’s his company and therefore his pc and he has n’t got potential pedo porn on his pc, if you you don’t want to try the offensive law suit, then it’s keep your mouth shut time. Until you’ve at least found another job. Unless you can get enough to go for contructive dismisaal when he hounds you out for knowing about him.
Big ‘ol question number one , have you got any evidence other than your say so.

RIAA no I hate them

In reply to Should have posted this one on searching

But this it a company PC as much as his new car is a company car. The files are not offensive to me but to the company I worked for! I have not looked into the compleat back up. And I have left the conpany as of this week. I may send the back up CD to the FEDS.

Why does it matter then?

In reply to RIAA no I hate them

OK, you left the company why do you care now? What if these movies you are talking about are copies of movies he owns? What if indeed… Unless you are part of the corporate security team it is not your job.

Unless you find absolute and explicit evidence of real honest to god impropriaty you leave it alone. Further, what are you doing with your former company’s intelectual property? Those back ups you want to send to the feds aren’t really yours are they?

Correct Tools

In reply to Why does it matter then?

Perhaps your company should invest in a professional tool to do data migration, such as PT Pro. Then you simply transfer the personality and data without looking into the files. It’s much quicker too.
As a tech, you were not tasked to do forensic work.

You have a backup CD?!

In reply to RIAA no I hate them

You left the company and you’re still holding on to company property…

Sounds like a vendetta

In reply to RIAA no I hate them

Some porn and some new movies – sorry, but this is no big deal. If this was your brother’s laptop, would you be sending a copy to the fed’s? I’m just guessing here but as you recently left the company, it sounds like there’s some bad blood between the parties. Going any further with this will hurt you as much as the old boss……

You have copies? Umm your as guilty as he

In reply to RIAA no I hate them

If you kept a copy and didnt report it, Um what makes you any different than him? Also as some note you have left the company and you still have data belonging to the company? What about Equipment still have some of that as well?

If you have kept these without reporting it at the time and you now send it to the authorities – what makes you think they wont investigate you?

You have copies? Umm your as guilty as he

In reply to RIAA no I hate them

You are no longer with the company, but you kept the copies? What makes you think the authorities wouldnt investigate you if you sent these now and not at the time. (Not a good idea) if you thought you might report it SOON then you wouldnt keep copies just report it so the stuff would be found on that equipment (and not yours). If you wait after finding this to report it you are only stringing yourself up for MAJOR issues, besides you have given him time to possibly not have anything found (if he had any idea that you might report something).

Also as mentioned by others; You have kept stuff owned by the company that you no longer work with and to boot you still have THESE files? Even if it was backup tapes/or CD and they had one proprietary piece of data from the company on them then you have stollen this – it belongs to the company and you are now as guilty as your now ex-boss.

Something to think about

In reply to RIAA no I hate them

You may be the one in trouble not your ex-executive. First, by your own admission, you are in possession of stolen company property. A full backup of an executives’ laptop most likely contains a fair amount of company confidential information. Information that even when you were employed with the company, you were not entitled to. A request to an employee to copy information is not the same as giving them access to the content of the information. Second, you may have committed an act of perjury when you left the company if you signed or made a statement to HR that you had returned all company property. And last, at this point you have no proof legal proof that these backup CD’s came from this executive’s laptop. But YOU are in possession of illegal (as you say) movies, etc. and stolen company (possibly confidential) information. Legally you have no evidence of the executives? wrong doings only of yours. There may be enough information to warrant an investigation of the executive, depending on the nature of the so called illegal information and other factors. You should have gone to HR, your supervisor, etc. when you discovered the information because at that time you could have claimed a justifiable reason to having the information in your possession. At this point in time, you have no justifiable reason to have access to any of this information.

Just some things to think about

hehe

In reply to RIAA no I hate them

send a copy to the feds?? they wont laugh in your face but they will chuckle when they file it away and forget about it.

No you should not complain.

In reply to RIAA no I hate them

Yes you should is this is child pornography because it is desctrutive to the child in question and that should be the main reason. But because your own morale of what should be the life style of everyone adult on Earth no.

Too many laws has been made because of morale that was by itself desctructive.

You have a policy for computer that is own by your corporation well use it.

You let personal computer been connected to your network, well that is not the same and I will further add that if I bought my own computer and my compagny ask me to connect with it to their network well I save them money and labour and maintenance so they have a no per say in what I have unless we both agreed in advance of what I should have and not have on my computer and in that case well they will partialy pay for my computer to fully pay for it.

Porno is just what is said porno period. You could download legaly Porno on the net as free in certain case after you gave them your sould of course and or pay for it same for MP3 especialy if you own a MP3 Player and that your rip your own CD.

You are a hard and dedicated worker, well this won’t be a problem you will find another job and maybe at better condition but next time you will surely not do a transfer file of a personal computer to another personal computer unless you are a sado masochiste your self 🙂 I think you will stay away from now on from “Personal” computer unless directed to do so.

Anyway we are putting to much people behind bars and not keeping the murder behind bars is my opinion, and most of the problems we have in this world right now is the religious freak, war freak, peace freak and moral freak remove them from the equalition and you are left with the real problem like child pornography and murderer.

Outside commonsens there is none. 🙂

Have a great day.

Whnat about the DMCA

In reply to RIAA no I hate them

The minute you said that some of the files were music types, you or your company cou;d run afoul of the Digital Mulenium Copyright Act (DMCA). If the music files are not orginal sources then the RIAA can and will sue the deep pockets( IE the company that owns the computer).

Content filtering

In reply to I found things on my bosses

Just remember that whatever gets into the office network is ultimately your responsibility…

I would suggest content filtering software or firewall based solutions to eliminate the risk of potentially damaging downloads.

Porn might be a problem but certainly video and/or pirated software could be eliminated.

For portable computers, there are logging software that help. But if it is his laptop then it might be a problem.

Nevertheless, always keep a watch on what is going on onyour network. Print out partial logs and file them at home. It’s better to know firsthand than to find out later!!

Ask HR for clarification, hypothetically

In reply to I found things on my bosses

If you work for a large corporation and your boss is a lower level manager then the corporate management would probably want to know about it. If you work for a 5 person company and your boss is the company owner then it’s not so clear what the reaction would be. If you work for a large business then ask your Human Resources department manager about the issue from a hypothetical standpoint. If you work for a small business then ask the General Manager about it from a hypothetical standpoint. Very often the real answer will be encoded. For instance you might be told that the business would not tolerate that sort of thing but they can’t imagine anyone doing that sort of thing. That could be a coded message to keep your mouth shut.

If the offender is the General Manager then your first responsibility to maintain confidentiality of what you see in the course of doing your job.

I completely disagree with the post from desertlife. You are not responsible for everything that is transmitted over the corporate network.

IN the case of a manager’s laptop

In reply to Ask HR for clarification, hypothetically

It may have been downloaded at home and not actually transmitted over the company neywork though.

if he OWNS his laptop, then he it is his business what he stores on the hard drive, as long as it isn’t downloaded on the company network.

Then again, I have been to a company with strict P2P policies on the network, but the bosses ALL used Kazaa and Fileshare to swap porn and email it to each other. Kinda hard to fire the manager when others are in on it, their job is FAR more important to the company than yours from a revenue standpoint.

me too

In reply to IN the case of a manager’s laptop

last job I worked at, I talked to some of the IT network admins.

They said they monitor stuff that comes over the network, except for PCs at Director level and above, and that those IPs are static and never checked. Hence, a low-level guy can click a link and it brings up a porn ad he can get fired for, but his Director can go watch live feed sex stuff from Amsterdam without repercussion.

Amazing…I guess when you belong to the Executive Boys’ Club…like American Express…membership has its privileges.

Depends where you are

In reply to me too

None of the places I have worked have allowed anything different for senior management.

Never worked at a place where one click can get you fired. At the places where there has been monitoring, you have to have repeated transgressions, after you have had your first warning. If you get a warning, and you chose to ignore it, then maybe you have a bigger problem.

James

James

In reply to Depends where you are

Employment Standards Canada = infraction notices.

People are scared to fire employees here without some EXTREME reason behind it, a single click just isn’t going to sit well as a reason for dismissal.

We have the government on OUR side, in the US the government is usually on the employers side.

It’s a matter of value

In reply to me too

An exec is alowed such leaniency becaus eof his VALUE to the company, his ability to drive revenue or manage teams.

Team members are lining up at the door, and pretty much anyone is immedatly disposable.

When a 80K a year IT employee makes waves, th eboss sees him as an 80K annual expense. Not a person who brings revenue in, even on an ecommerce site.

When a 200K employee is surfing porn, the value of their revenue stream usually supersedes their value by far, so the boss says keep him and ditch the idiot who’s costing me 80K a year instead.

I agree – dont go near it

In reply to It’s a matter of value

Unless it’s child prn or something you are certain is absolutely illegal then leave it alone. You arent the HR police, you’re a techie. You’ll make no friends and it will cost you . . people look on techs as snoops already who brag about being able to access email and files, this would jst prove the point. It’s like someone going thru your bedroom and reading all your jazz mags

HAHA!

In reply to I agree – dont go near it

And there I was thinking you were gonna say jizz mags.

Oh well, you have a solid point.

yeah…

In reply to It’s a matter of value

even tho executives really generate no revenue stream. They are figureheads that make lots of money off of others’ ideas and hard work.

Yakov…you’re alone

80K???

In reply to It’s a matter of value

Assuming any job involving routine file transfers is a level 1 support position, where do I sign up for an front-line support job that pays $80K?

Firstly

In reply to 80K???

YOu took ‘IT staff member’ and replied:

” Assuming any job involving routine file transfers is a level 1 support position, where do I sign up for an front-line support job that pays $80K?” I made no mention of position, skill, or experience.

BUT, the AVERAGE IT guy in Vancouver can easily make 65-80K year with or without experience if they know how to find work.

You cannot put a price on a JOB, you put a price on the person. If you are one fo those people who feels (or is told), job ‘A’ pays $X, and job ‘B’ pays $Y every year, then you are simply not looking for the right employer or feel that certs or degrees disctate your income.

Sell yourself, be offered a job and THEN start talking about salary, you always get paid more this way because they want YOU not your paperwork.

Reply to Oz

In reply to Firstly

That’s an excellent piece of advice.

I’m sorry, I didn’t make myself clear

In reply to Firstly

I should have hung a ‘smiley’ on the end of that post. The comment was intended as light-hearted, not serious. I violated the prime rule of communications, that the sender is responsible for clarity of the message.

I agree with most of your points, especially regarding certs, degrees, and other paper.

Vancouver? Sorry, too cold for this southern boy. Also a serious lack of NASCAR tracks.

Even our Indy track was doomed from day one.

In reply to Firstly

As for cold, warmest climate in Canada (ona year round basis). VERY little snow, in fact I watched it snow all over the states when we had sunshine here.

Canada’s a BIG place, there’s some horribly cold provinces, cities etc., but Vancouver isn’t one of them.

I’m moving to Canada !!

In reply to Firstly

must be nice to be able to earn so much for that position. here that position pays very little.

WHAT POSITION!

In reply to Firstly

Again, I have not mentioned a position but an average wage, and you don’t just get GIVEN a wage, you negotiate it if you want to earn real money.
Read the post again, from what I’ve seen in the industry, there aren’t too many IT staff capable of properly selling themselves or findig work to begin with, if so everyone would make more money I suppose.

But in all fairness, you pay a lot of tax here, but you get what you pay for and then some.

Exchange Rate

In reply to Firstly

Don’t forget U.S. dollars and Canandian dollars do not trade “one for one”. While the currency exchange rates change daily (hourly?), figure that $1.00 US exchanges to about $1.20 Canadian. That $80K Canadian is around $64K US.

On the other hand, any advantage the US may have in the exchange rate may be offset by the Canadian health care system.

Choices?

In reply to I found things on my bosses

If what you found was all to do with consenting adults I’d probably forget about it, after all what grown-up’s do in their own time is their business. If this is the case I’d also lock down the network so no nasties that lurk on those sites could hurt the network if he attaches his laptop to it. But if any of thoses images or movies were of children I would not hesitate to turn him in to the authorities which I’m sure could be done anonomously so you don’t implicate yourself.

Don’t jump the gun

In reply to Choices?

It is possible that the stuff you see may be the result of a download virus/worm and your boss is clueless about it. I found porn on a user’s PC and debated my course of action with HR. Upon closer inspection, I determined that the downloaded files occurred while he was not on the PC … how do I know? Because I was on it at the time. Not sure how to determine if your bosses’ download was intentional or not but you should consider this possibility. You could even give him and “out” by mentioning the existence of such a virus … (you could scan first to verify) and ask for permission to clean.

Legality is the issue, not policy

In reply to I found things on my bosses

Other than child porn (which should be reported to police) you would be amazed at some o fthe stuff SOME bosses have in their drives.

I’ve seen a VERY snooty and uptight employerwith scat and watersports pix & mpegs too. Well to each his own, it’s HIS equipment, HIS company and HIS fetish.

If I saw my neighbours 11 year old daughter,well things woul dbe different, the police owuld be informed AFTER I had faced him with it.

AS for people having ‘disgusting or questionable’ stuff, who cares, the internet is a wierd place sometimes, it’s no different than searching their bedroom and not liking the magazines in the closet.

Celeb pix and mpegs? So what, they aer all over the net. It’s not illegale per se, even if tasteless to you.

Child porn’s a NO NO, anything else, whatever.

Completely

In reply to Legality is the issue, not policy

Child Porn, something hurting minors, or depicting illegal activity (rape, murder), these are issues you should act on, otherwise, you are not just morally responsible, your legal responsible for facilitation. Anything else, well honestly, do you want other judging you by your passions and likes? I would also wonder how well things will go over with future employees, if your know for jumping the gun on legal, yet tasteless personal objects on the bosses system. I would delicately let him/her know that anything on the system, being on a public, or private network, can be made public, and that nothing should be kept on a system that he/she doesn’t want the buying public, board, manged employees, or spouse, to know about. I also find that it doesn’t hurt to stated your uncomfortable with the content, and ask that this type of material be removed before he/she next ask you to work on their system. Just having this data for display to you could constitute harassment.

Don’t confront him if it’s illegal.

In reply to Legality is the issue, not policy

Last thing you want to do is give him the opportunity of deleting his information – especially if there’s no backup of the contraband or if there’s less scrupulious admins who’d delete it themselves (and offending backups) for their own advancement or personal reasons.

Data can be retrieved in most cases even if the user deletes it, but it’s best left for the authorities if you commit to that course.

So what then?

In reply to Don’t confront him if it’s illegal.

Call the cops, have them come to your office and root through his notebook on child porn allegations, have him say that he loaned it out to a friend for a week and has no idea what’s on it.

YOU’LL lose your job either way, guaranteed.

If he’s NOT guilty of child porn and has some picture sof his own kids in the swimming pool, or playing in the yard, YOU lose your job. If he gets off the the allegations and no charges are brought about, YOU lose your job. If he has a completely viable ‘excuse’ for the material, YOU lose your job.

Bottom line, YOU lose your job, trying to be the Internet police, very clever.

Addressing it, THEN monitoring activity for signs that he IS into child pronography WILL get you an answer, and something th epolice will act upon. YOU try calling the local law enforcement agency and tell them you THINK your boss may have child porn on his computer and other illegal information. Just don’t hold your breath waiting for them to show up.

my best advice to you is…

In reply to I found things on my bosses

if there is something illegal such as child pornography, you should take the information to the local police. Otherwise if you were to be known to have knowledge of it and did not turn him in, you can be charged as an accessory.

If it’s just dirty pictures and movies…and he’s the company president…and you turn him into HR:

1) his buddies on the Board aren’t gonna give a crap…he’ll get “reprimanded” (told he’s a bad boy, hands slapped, etc…nothing major)

2) there will become some reason to let you go because he’ll have the power and won’t like you for exposing him as some pervert to other employees.

3) If you have no morals and want to make some money and you know he and his wife project a very religious image…blackmail him and threaten to disburse the hard drive image to his entire church. Image is often more important than honesty to shallow, wealthy folks.

Otherwise if it’s *not* illegal but just immoral…forget about it…you’ll end up suffering more in the end.

#3

In reply to my best advice to you is…

Allhe has to do is deny it, fire the employee that created such horrendous images APPARENTLY from his laptop and he’s good as gold.

YOu will also be facing lawsuits left right and center.
I am gettng tired of admins thinking they are corporate police, your jobs not worth the paper the check is written on when it comes to revenue generation, most o fthese companies survived years without IT and grudgingly accept it as a way of life now. Your job is not worth a dime to most managers, you are disposable and replaceable by THOUSANDS of others.

Just be thankful you are employed at all and get on with your job, which in this case is transferring data.

AGAIN: unless we are talking child pornography, and even then only if MULTIPLE images etc are oin the drive. Anyone can download what they THINK is Paris Hilton’s video and get duped into downloading the wrong images, films unknowingly.

Thin ice for the admin, just do your job. It most likely doesn’t include monitoring management’s notebooks, they are more concerned about JOE the sales rep wasting time and bandwidth than managers in most cases. Company policies usually don’t really cover ALL areas, just those which are disposable, such as yourself.

The owner will see his manager, responsible for 8 million in revenue, and an whiny admin, worth a nickle to him. Who loses the job?

And if you don’t lose it directly over this, they will just find a reason to let you go in the future.

A lot of Admins should get off their high horse and realize they are just disposable company nobody’s, not the company gods they think they are.

I suppose that

In reply to #3

an employee can replicate stored private memos and emails that no one else has seen outside his secretary, a board of directors, etc?

30 minutes extra with Norton Ghost and I could have enough on someone to own them if it exists together on a hard drive.

And if he has kiddie porn on there, I would have the FBI in the offices first thing next morning makin sure he’d be getting some sweet lovin from a big burly guy in prison by the end of the year.

Execs might sit up high (like the vultures they are), but there are silver bullets that will knock them off their perch 🙂

Not enough info

In reply to I suppose that

If it’s child porn you can nail him to the wall figuratively or literally.
If it’s not illegal but simply not to your taste, then you can go for being offended by a filename, good luck with that one with no evidence. Or you can simply ignore it.
If you haven’t got the clout to get the guy removed, it never happened, after all why would sit there watching the names of files being transferred ?
In terms of porn on corporate networks, managers ‘above the law tend’ to be the absolute worst offenders, I’m a pretty broad minded chap, but I’ve seen stuff that gave me nightmares on upper management pcs and in the old days that was in exes with 8.3 names.

Still waiting for more info from zlito

In reply to I found things on my bosses

It seem that this post has generated a lot of feedback but zlito has yet to come back and give any more info. I don’t want exact details but as my first post said. Is the guy a real thief or just like most people that surf the net?? And getting pics that are public domain??

Wayne

Agreed

In reply to Still waiting for more info from zlito

I know zlito has been apart of this site for some time, however I think this is a hypothetical scenario that is a great topic that has been discussed a couple of times on this site. I mean no disrespect to him, just feel this is too vague and open to interpretation. This topic is a hot button issue in our field and knowing what can happen while attempting to do the right thing can arm us with the proper etiquette saving our butts when this situation rears it’s ugly head.

The way I see it is that if the person or boss owns this laptop it is their property and it doesnt effect the network, none of your business. Dont transfer the bad files and when he asks, if he (pres)has the nads to discuss this with him that you transferred the only files that you could do legally. The files or illegal software are still there for him to do whatever he needs or wants with it.

If he gets caught viewing or showing this material, then he will face the music in shame. There would be no trace of your involvment of facilitating the material, case closed. Its not our job to play the moral police, no more than a pharmacist denying a woman birth control products because it is against his/her religion, tend to your own garden.

How exactly do you explain you were snooping into his files as they cascaded by in the transfer? Did you investigate to verify their content? However if you saw a file named hot underage philly (you get the picture, no pun intended)then visit HR with the laptop and request a police officer to be present, then disply the file. If this ruins his career, good, if it ruins yours well then I say you got a great lawsuit, because I dare to find any company that would take any backlash of hiding kiddie porn for any form of mamagement. Nobody will think less of you.

Concerned

In reply to I found things on my bosses

His Company? Who are you going to tell? If he owns it and writes the paychecks, what are you going to accomplish by “telling your boss”?
I suggest you find a new job…or, breathe an ounce of this out to coworkers and then collect unemployment after he fires you….at the least!
I am not sure where you are on the “food-chain” at this Company but, I suggest you understand the consequences of such exposure.

He’s fired.

In reply to I found things on my bosses

Obviously he’s been fired by the pervert boss for snoopin’ or he’s be back by now.

curiosities

In reply to He’s fired.

funny, curiosity kills many cats

but i also see lots of curiosity cats here ^^

He trusted you

In reply to I found things on my bosses

Unless he is a total moron he knew quite well that you would very likely see that stuff. He probably wants to know how much you can be trusted. He probably has other tasks in mind for you that require discretion and loyalty.

If you don’t want those tasks but you’d like to continue working for the company, follow the very excellent advice in posting #2. Be non-confrontational, and show him that you have both discretion and loyalty, but that you’re not interested in handling material of this sort.

If you take him on you may or may not get him fired, but you will ultimately lose. People in power don’t go down quietly. If I’m right and this is a test, then he’s got himself covered and if you try to out him you’ll be in for some sort of surprise that he’s got cooked up for you.

Never assume that people in power are stupid. Of course sometimes they are, but 99 times out of 100, making that assumption will destroy you.

Hum This guy is compleatly

In reply to He trusted you

Computer stupid. He asked me to set him up to the new computer network, and I asked him what type connection he needed? A DNS connection or a VPN and he said what ever he needeed.

I don’t know what those terms mean but I’m not “computer stupid.”

In reply to Hum This guy is compleatly

If I hand you my laptop and give you enough passwords to do what this man asked, I know frelling well that you can browse my hard drive. Just because people don’t happen to have the interest or the aptitude to be computer geeks doesn’t make them stupid.

This guy is either trusting you or testing you, or both. If you think you’re so much smarter that you can take him down, you’re making a big mistake. You could be right but the odds are way against you.

Taking him down would help you how?

In reply to I don’t know what those terms mean but I’m not “computer stupid.”

Do you think this would make you some kind of hero because you got someone fired? What is your opinion of people that get other people fired? A freaken rat, that is what they are and NO ONE will want anything to do with a known FREAKEN RAT. After all, they don’t want to be your next target.

Let it go or update your resume. Push it and you are through.

No need to be rude.

In reply to Taking him down would help you how?

I can see no reason for you to be rude in this discussion as it is a reasonable question. A few years ago I discovered information on a compnay pc used by the Procurement Director. I kept quiet thinking it not my place and when it came out, I was questioned and given a verbal warning for not reporting it further. I am now an outsourced consultant and make sure that when I get a new client, we agree on the action to take if I find files/data which should not be on the pc. This affects even the MD. We are always hit hardest and should always cover ourselves. Perhaps one way to proceed would be to put a process in place for further discoveries.

You thought that was rude?

In reply to No need to be rude.

A little blunt maybe, but not rude and not out of line.

What is your opinion of someone who gets a co-worker fired? Is this someone you would want to work with? Not me.

It was just a quick reality check on WHY he is thinking about prosuing this. If there isn’t CLEAR policy that says what is on the laptop is forbidden AND that it is his job to report this, it is just asking for trouble.

some people just like to squeal on other.

Make sure he does the right thing for the right reason.

They are all things he should think hard about before deciding what to do.

right.

In reply to I don’t know what those terms mean but I’m not “computer stupid.”

Like it’s “right” to go when the light turns green, but that 60 mph semi isn’t going to care if your right or not 🙂

It is not, in today’s business environment,

In reply to Hum This guy is compleatly

the responsibility of management to know technical details of all the operations under their influence.

In the good old days, you had guys that worked their way up. But now, your IT boss is as likely to be an Accounting grad as they are a CIS or IT or CS grad.

Face it…90% of IT bosses are going to be hands-off and technically ignorant of their operation. Business expects them to get things done by managing people, not systems.

I’m lucky. My boss knows his stuff pretty much. I can talk tech to him, and if he doesn’t understand he isn’t afraid to ask. Communication is a good thing.

So, don’t down your boss for not knowing what you do every minute. Remember: he could know and be micromanaging your butt like a school master.

What’s the difference

In reply to It is not, in today’s business environment,

But the Boss should have asked which do I need or what is the difference. Not just “do it”. Or zilto trying to get more info to determine which was needed.

The boss config a system?

In reply to What’s the difference

Don’t you think that only a very poor boss would spend his time doing menial labor? That is what the techs that make half as much are for. If they get the same work done for half the money then he did good as a boss.

Even if he knew how to do it, he must not be very busy if he can drop everything to convert to a new system.

I think that the boss should at least understand tech, even if they can’t do it themselves. It is the know-nothing bosses that promise the world to the rest of the company and then get mad at the techs for not “wanting” to get it done.

well if I were his IT techie

In reply to What’s the difference

and it was a desktop in a secure network, why install VPN.

However, it’s a laptop. That means it’s mobile. He might use it outside your secure network. Therefore, what would you think to install for your boss?

Pretty obvious, if you ask me.

If your boss gives you autonomy, don’t take advantage of it. But also, don’t just sit and expect for someone to make decisions for you that coincide with what is supposed to be your area of “technical expertise”.

When you let someone else become the expert for the tasks in your job, that is step #1 of becoming “obsolete”. Bosses expect you to “take initiative”. While this doesn’t mean doing everyone elses’ job, it does mean you better well be doing yours and doing it right and knowing the needed thing to do within your scope of responsibility.

Hence my advice is…mobile computing = VPN. No question.

That answer mean I have other thingo to do then learn the “box”

In reply to What’s the difference

Never heard of that from the Mac enthousiast?

I heard it all the time from Executive Management.

They don’t want to know how my financial system work for the input they want to see the result.

Don’t expect a manager to be a clerk and don’t expect a clerk to be a manager.

A General might be very bad at performing drill but he might be the best at strategies as long as he know what will be the result of using a 90 millimiter to hit a target it will let the calculation of the trajectory to the Artillery Officer, does that make him stupid? Would the Artillery Officer be better then him to lay the full battle strategy? I don’t think so.

I don’t expect my superior to know about everything I do even the programer will ask me what should I put in my program so that it make your work more efficient.

Of course you could have a programmer that have a fromation in finance and know most of the answer already but even then he will ask the clerk same for the IT.

Again outside of commensens there is none 🙂

Have a nice day.

This is a test?

In reply to He trusted you

If it’s a test, it’s a pretty stupid idea. Anybody who would use illegal material in a discretion test is either in organized crime or such poor management material that he deserves to be ratted out. If he’s testing you with other tasks for you in mind, they are probably equally illegal. Anybody up for a fresh hot serving of Cooked Books a la Enron?

Develop Amnesia

In reply to I found things on my bosses

One sees all sorts of things when working on personal and small business PCs. Everything from pornography to financial information.

My philosophy is to look at as little as posiible and then forget that which was necessary to view. I would suggest you take the same approach, i.e. forget what you saw.

Dalton

I Agree

In reply to Develop Amnesia

You did not say if it was a public company, but, even if it is, the board is unlikely to do anything and you will forever be remembered.

Standards of conduct

In reply to Develop Amnesia

Many years ago there were discussions about computer people who have access to other peoples’ data needing some kind of code of conduct like other professions – kind of an IT to user confidentiality agreement. I think this has pretty much been forgotten or no one in this discussion has heard of it. We’ve even had people suggest that the boss be blackmailed for having this stuff. The original poster has apparently not been offended enough to not keep a copy of the “illegal” files for himself. If someone found out about him owning these files, how is he going to prove where he got them? If it were me, I certainly wouldn’t have kept a copy – actually, I never would have even noticed in the first place what the boss had on his computer. My advice is: throw away the backup, forgot it ever happened and move on.

Huh?

In reply to I found things on my bosses

Since you didn’t look at the mpgs, jpgs, or whatever how do you know they were illegal? How do you know he didn’t have legal mpgs?

You do know that some movies and most pictures of famous folks are public domain and freely available?

Sure ripping a DVD and putting it in mpg format may be technically illegal, but if he owns the dvd and just ripped it to watch on a business trip, is he really pirating? Plus, laptops have limited storage space, so he couldn’t have had that much!!!

Don’t look

In reply to I found things on my bosses

I have always been very uncomfortable with dealing with people’s private info. Unfortunately, its become part of today’s IT job at times.

I think you should ask him about all of the pictures, even indirectly, and see what he has to say. Then you can decide what to do about it.

You can always say that you wanted to make sure that all of his data is intact. But, he will know that you know about his private files.

I always try to emphasize to people like that, that keeping your private life private is the best solution for all.

Unless the person is a real threat, why should you have to be the one to judge?

Reply To: I found things on my bosses

In reply to Don’t look

The only problem with the comment about privacy is almost all company policies state that the network is for the sole use of the company and by using the network you agree to be subject to survelience as deemed neccessary by the company. SOx act demands public companies adopt such a policy and train the employees in appropriate use and security policy.

Unfortunately techies are not well equipped to deal with these matters. They are not trained in dealing with such matters. Companies do not give clear direction on the appropriate action when such material is found.

Clearly criminal activity such as child porn should be reported to authorities.

Child porn – yes – you have to report it

In reply to Reply To: I found things on my bosses

If you are the unfortunate tech that finds this on a PC, you have to report it. Other porn, you need to get that person to clean up their act – whoever they are. I wouldn’t turn them in, but I would strongly suggest to them that they do that kind of stuff at home.

The same goes for MP3’s. The company can get sued if its illegal stuff. I would lock down the network so it isn’t allowed.

For the tech, its a no win situation. Its best not to look too much unless its too blatant to ignore, cause once you’ve seen it, you can’t just do nothing. You have to discourage it somehow. The best way is to diplomatically ask the person about it.

Techs are in charge of what information is on the PCs and servers on their network, so they need to enforce the company’s policies. If they don’t, they could be held responsible for letting it exist.

Is the laptop the boss’ personal property?

In reply to I found things on my bosses

If so, just let it go. It’s not really any of your business.

Ass/u/me theft etc.

In reply to I found things on my bosses

I’m not ready to assume that a person is a thief like that. wheere these files in the temp folder? by new to you mean dvd new or theater new.
Finally, it is none of your business. Yes, if he did not have his files configured for privacy and someone on the network had his password, they could hack into his computer to see these. Hack being the word.
personally, the only time I look at pictures is when I check IE temp files on a machine suspected of spyware/adaware- Porno pops up, case closed, out comes the file scrubbers. I make some assumptions, granted, but I know that those shots can come from popups as well.

sounds to me

In reply to I found things on my bosses

It sounds to me like you are up for a BIG raise.

Been there, done that

In reply to I found things on my bosses

I worked for a state agency that hired a new woman as Assistant Director. She had a problem with her new laptop. I went through it and put it back in order and was just about to close it down and decided to check the contents of the root drive.

Well, I saw some .jpg files and I mentioned the name out loud. The guy next to me then wants to see them. When we look, these are indeed, dirty pictures, and a big no-no in a state government agency. I really didn’t know what to do. Since we had an IT Security Officer, I told him about it, pointed them out, and left it at that. My job had been done to the letter, and it was out of my hands. He told me to delete the files.

As I found out later, he went to the IT Director, who went to this woman. It turns out, her son had “borrowed” the laptop to surf the internet late one Saturday night. He turned out to be the guilty party.

I don’t think I’d want to get that lecture from mom.

Other users

In reply to Been there, done that

I have to agree with the above. Not too long ago I cleared off a lot of spyware and browser hijackers off a colleague’s laptop. To her embarrassment it kept on going to porn sites. She has three teenage sons who must have been doing “research” on her laptop.

Did I report her for porn? – of course not. Nothing illegal was happening – just some boys who thought that no one would notice if they surfed the net on Mom’s computer. She just learned that she can’t leave her laptop unmonitored at home.

2 made sense

In reply to Been there, done that

interesting thread, good discussion. one person had great advice (1.) another person had clever/entertaining advice (2.)

1. why is he looking at the files? it is not his business…and that can easily end the discussion

2. dont import the pornographic material. that is funny, very clever, but ultimately may have a negative impact on that persons standing in the company contingent upon the character of the CEO.

Cameras should be banned at Christmas parties…

In reply to I found things on my bosses

…a lot of illegal and embarassing moments being captured for all the office to see, especially hurtful to the company if they fall into the wrong hands.

You seem awfully bent on. . .

In reply to I found things on my bosses

You seem to be awfully bent on doing something to this manager, are you? You mention in this discussion that you now have a new job. I like the others here, unless it is Child Porn, there isn’t much you can do. And what are the Feds going to do to the CD that you are thinking of sending or have sent? If it is just straight homosexual or heterosexual not involving child participation there is not much you can do. Offensive yes, maybe, illegal NO! Was there tax information on the CD, bookkeeping info? In all honesty you kind of sound like the type “I’ve got the goods now I am going to use it!” When that didn’t happen you just moved on to someplace else. What are you some kind of “I am just witnessing for the lord” information filtering types. Actually, I have found a book filled with incest, debauchery and you know where I find it? In the BIBLE! Lot, King Solomon, Genesis, Cain and Able, where did their wives come from? So if they had some verses from the bible on the PC, hell lets just hang them NOW! You are so bent on being righteous, bet given time dirty could be found you too!

Damed if you do – damed if you don’t

In reply to You seem awfully bent on. . .

Seems like everybody given you the advise. The choice is yours. Whichever way you decide you will have to live with your concience and have a good night sleep.

contraband… maybe a “hacker” put it there

In reply to I found things on my bosses

If your boss has some questionable items on his computer, maybe it is good reason for an increase in your security budget. Perhaps some naughty “hacker” broke into your boss’ computer and left terrible little surprises behind. Of course, if you have put in a security solution that claims to prevent break-ins, then maybe you shouldn’t give your boss an excuse to point the finger at you. If your boss admits he put the files there, then maybe it’s still embarrassing but at least it’s out in the open, at least between you and your boss, and you have a dirty little secret that might work to your advantage in terms of the boss’ appreciation of how discreet and unassuming you were. This may be a case where you don’t migrate THAT data, and if the boss asks you just say it looked like temp files or whatever so you didn’t copy it over.

Then again, you could always copy the files and not say anything, or put them into a new directory called “UNKNOWN” and make a note that you suspect some spyware may have put the files on his original computer but you weren’t sure so you just dumped them there.

You will be sacked

In reply to I found things on my bosses

I think you should take the issue to HR or your bosses bos but I’m afraid that you will most probably be eliminated.

Actrs of conscience rarely work out in your favor.

In reply to You will be sacked

No matter what, the files present a risk to you. Do you prefer the risk of being fired for copying or for not copying? Don’t ask, don’t tell? If it is definitely illegal material, then you have to decide which interpretation of the law you want to take. On one hand, you are acting as an employee of the company, following the orders of your supervisor so you are doing your job. On the other hand, you may be duplicating illegal material which is illegal and if the boss feels threatened may exact revenge on you.

Then again, you could take the position that your boss knew what was on his computer and sexually harrassed you by causing you to be exposed to the illicit material. Maybe sue for lots of money. Maybe go to a shrink and tell them how distraught you are over the whole ordeal. This would prepare a credible witness in your favor if a legal issue came up, and would effectively absolve you of the idea of malicious intent.

cover yourself

In reply to You will be sacked

Take a snapshot of the data before you ask anyone for advice. Remember if the company can get away with it they will so you might need evidence if it goes sour.
don’t tell any of your colleagues but ask the hypothetic question. If nothing is done then you’ve got ammo for the future in case something or someone goes against you.

contraband… Tell your boss you found viruses

In reply to I found things on my bosses

Maybe you could tell your boss you scanned his data files and a bunch of media files were suspected of having viruses which could not be cleaned out, so you didn’t want to copy them over and you didn’t want to open them because it might trigger the virus. Have him confirm any files turned up in the “virus scan” so he has to explicitly tell you he wants those files copied.

Totally agree

In reply to contraband… Tell your boss you found viruses

Escalate the issue via another route. The antivirus line is always good as it alerts the user if thier at all concerned and suggests there will be further work required by IT. If he’s concerned he’ll remove the files.

I’ve read the other responses with interest and also agree that it would come down to a slap on the wrist for the boss whilst you would undoubtadly suffer more in the long run. Unfortunately the old boys club is alive in all sizable organisations.

Been there …..

In reply to I found things on my bosses

My response to a very similar problem was
1. Don’t assume the boss is responsible for putting the stuff there – in my case he wasn’t.
2. If you can, share the information with a peer (another technician) and check times and dates on downloads and other files. Then the pair of you should approach someone higher up but keep names out of it. This relieves you of responsibility. As I said your boss could be innocent so don’t name names.
3. Decide on a strategy with the manager. Our solution was to delete the stuff and put a sticker on the PC to informing that the PC had been cleaned with a date. This wouldn’t alarm an innocent party. If not innocent, then it is very unlikely he would do it again!
4. So how did we know the boss wasn’t guilty?
We first found out when the stuff was downloaded and then ascertained where the laptop was that weekend. In my case a technician had taken the laptop home to add software and his flatmate had done the browsing between 1 and 3 am in the morning. His flatmate didn’t own up until we said we had a credit card number … we didn’t, we just knew one had been used. Then he asked us how to clean up his PC at work!

Dates are great for ascertaining whether the stuff was downloaded over a period of time or all at once and what else was going on with the laptop at the time – but before you go down this route you may want to make sure that you really want to know the answer.

Been there, done that, got a Tshirt as well

In reply to Been there …..

When it comes to Illegal stuff and porn on our network, I am the Rottweiler from Hell. BUT… If the Laptop is your Bosses personal property, just do what your BOSS asked you to do, and SHUT up. You may have the right to make corporate policy, and to enforce it, but remember, it Ends where Corporate ends and Personal Begins. If you have a problem with porn, and illegal stuff, just b upfront about it and say that “your religion forbids you to touch laptops with questionable content on it” and then give the guy a laplink cable and show him how to do the transfer himself. Windows XP has a reasonable settings transfer mechanism built right into the OS, perfect for people such as these. Remember, the toe that you step on today, is attached to the foot that will kick you @ss tomorrow. As a Network Tech, You will have access to a lot of priviledged information. I have been in rooms, doing my thing, while board decissions were being taken, that affected other peoples lives. I may not like what’s going on, but that does not give me the right to analyze it. Stick to you JOB, and just do what you are supposed to do!!! BTW. you don’t have to have the laptops connected to the Network to do file transfers. so that takes “protecting the Corporate Network” out of the picture. if you don’t have the cable, get him to buy his own. it’s inexpensive, and it will be his own.

Interesting dilemma

In reply to I found things on my bosses

Policy: is it his own? If so, why was he “mis-using” corporate resource rather than paying an independent contractor. If not, what’s company policy?

I would merely have migrated the data, without being curious as to what was in the files – there’s no requirement to investigate when migrating data.

However, since you have snooped, is what he has illegal in your state. And does your legal code require that you report criminal activity to the law, as here in the UK?

It is possible that he has teenagers who have downloaded material (as mine have!!!) and doesn’t have a clue that the stuff is there!

Suggesting a virus and deleting what YOU think is inappropriate is a solution, but highly judgmental.

Perhaps you might subtly let him know you don’t want to be asked to repeat the exercise.

He sounds unreliable – I’d not discuss it, and I’d find a new job whilst enjoying the pay checks until I jumped ship.

Whoa! webmaster

In reply to Interesting dilemma

I’m glad you are not working for me webmaster. I’d hate to think that when anything controversial comes up, you’d just start to look for a another job, on the companies’ pay cheque. We actually have a policy against that. Immediate dissmissal without a reference!

Department of Morality

In reply to I found things on my bosses

So, you are now setup as the Department of Morality. Seems to be a favorite topic around here, I found . . . ., he/she is wrong. . . ., what should I do . . . .! Do your job mr./ms. IT ‘Super Guru’ and leave moral evaluation to those that matter. Why are so many with access to browsing history so concerned about so many other’s accesses? This subject is getting a little time worn. Somebody needs to tell you and all the others that think they are the morality barometers of web surfing to perform their IT tasks and get off the soap boxes.

HERE IS THE REAL QUESTION

In reply to Department of Morality

if someone posts on a public message board detailed information about their boss that could be bad for their boss and damaging to their company, and through a series of google searches you’re able to (because you’re a techno mage) find out pretty easily (at least to you) not only where they are, who they work for, and then most likely name of their boss, should you leave a comment in the discussion informing them that what they did wasn’t all that bright?

valis
CEO
Valis Enterprises
http://www.valissoft.com
http://www.helpdeskhell.com
http://www.jackosuicidewatch.com

So what are you saying,

In reply to HERE IS THE REAL QUESTION

that you know the true identity of zilto and know who he used to work for? He said in a reply above that he left that company a week ago.

ah, good

In reply to So what are you saying,

yup, from just the information provided in that one post it is possible to find out exactly who he works for, where he works, and a very probable name and phone number of the supervisor that he’s talking about.
people should be a smidge more careful 😉

You are so RIGHT!!!!!

In reply to ah, good

It took me couple of months, but I was able to track down a couple of High School friends through the internet. One friend was or probably has never been on the internet or just has not used the ISP email that came with the service. I found that he lives in a town to the north of me in the thumb area of the lower Peninsula of Michigan. Located him in “Anywho”. The other friend I found through a series of articles. One in a book review in a Tucson paper. Then I found out he is an amateur radio operator, found his email through an amateur radio organization and contacted him, only to find out he never really considered me a friend, how do you like that? So yeah really shouldn’t post too much crap because ya give away the farm.

here here

In reply to Department of Morality

Here Here!! I Agree!! Do what you were hired to do, not what you “feel”!

backfire

In reply to I found things on my bosses

I would be careful… reporting him could cause him to accuse you of putting illegal material on his laptop. One of the other posts mention teaching him how to do this data migration himself… a good idea.
If this person is a sleezebag, he would probably just say that you put it on his laptop…. so be wary of jumping off.

Grow Up

In reply to I found things on my bosses

How about just grow up. Do your job, mind your own business, and stop sounding like a whining, sniveling little geek

RE: Grow up

In reply to Grow Up

I’ve seen some interesting input, but this is definitely the most realistic. Thanks, patwhatsthat!!

From experience, here is what you do

In reply to I found things on my bosses

You migrate the data, then re-image the hard drive on the boss’s laptop, then have a friendly matter of fact discussion with him/her about how to erase tracks on a computer. Perhaps a mention of copyright laws and penalties in another friendly discussion.
End of story.

A possible solution

In reply to I found things on my bosses

Seeing as how this operation is suppose to be performed as part of a business related piece of machinery, I’d suggest moving ONLY those files and programs that are related to the busijness at hand.

All the other stuff can stay on the original machine.

Legal/Moral/Practical

In reply to I found things on my bosses

Well, let’s see… From a MORAL standpoint I see your dilemna. The guy’s doing wrong stuff! From a practical standpoint – it probably wouldn’t do your career or personal life any good to do anything about it. The “amnesia” suggestions are probably the way I’d go… with one caveat. You are legally bound to report finding certain things such as child porn. FAILURE to do so can make YOU criminally liable – if it can be shown you had knowledge and did not report.

Been there, did the right thing

In reply to Legal/Moral/Practical

What are the company policies? Does the company walk the walk or just talk the talk? My company believes its policies and moral standards. After turning the info over the the head of HR, the president of the business unit left suddenly. It must be objective and presented to the right person as the moral issue that it is. Don’t share with your buddies.

Your a bit whiny but you have a point.

In reply to I found things on my bosses

OK while the boss may think that he is above the law i do agree that it has to be handled. But here is the thing. get all the information first. and yes i know you left but for in the future use this. get all the information. The laptop may be company owned but he does own the company. If he takes the laptop home with him and does it then I dont really see what you can do. If he is using company bandwidth then honestly I would go to him and tell him. ” sir i am here to talk to you about a issue and i have reason to believe that it will deveolp itno a very bad situation.”
IF he gets angry then turn it over to be honest, IF he is using bandwidth. otherwise i would tell him that the stuff he has is setting off the AV and cut him off from the network until they are gone.

Are You Feeling Lucky Today?

In reply to I found things on my bosses

This is the question you have to ask yourself. I see a lot of advice here in these posts. Many of them are on the right track.

The sooner you forget about this the better. Wipe it out of your memory. Migrate the data and be done with it. You didn’t see anything unusual. You did your job like you get paid for! End of story.

I assume that he’s an adult

In reply to I found things on my bosses

All adults are responsible for their actions. I would email the entire company re-iterating the Internet use rules and regulations. The way I see it, he’s made his own bed and now he has to sleep in it.

re: Things found

In reply to I found things on my bosses

Now is the time to demand more money. Sticke it to the fool. Don’t forget to make copies of all the data that on the system. Or encrypted it on his computer so he will have to ASK you for the code. Then charge him to view it.

Reply To: I found things on my bosses

In reply to I found things on my bosses

If it’s his personal laptop – then the content on it is none of your concern. Company laptop – that’s another story (how you deal with it is up to you and your boss and whatever policies your company may have in place).

In any event, if he’s connecting it to the company network – then be a good admin, make sure he’s got good antivirus protection, anti-spyware, personal firewall, etc.

Look at it another way – I’d rather have the guy jerk off to porn on his laptop while away on business than paying for a hooker while his wife is at home with the kids.

flame

In reply to I found things on my bosses

zlito
I think the only one being stupid here is you. If you don’t even work for the company anymore what business is it of yours? I’m sure the guy didn’t treat you right somtime and now you want to hurt him. Grow up. Nothing good for you will come of any further action.
We all do illegal things. How would you feel if your boss saw you driving in to work a little faster than the posted speed limit and called the police to report you?
You’re a putz and a tattle-tale and a lot of other things and nobody likes you. Further more, I can tell from your posts you’re not very intelligent, and don’t know as much about computers as you think you do. But none of that matters. What does matter is that if you don’t get over your need to police the world and impose your views on everyone you come into contact with you will never be successful at any job. Such people are never appreciated. So mull that over while you address that envelop to the feds.

Could not have said that better myself!

In reply to flame

That is exactly what I was thinking by the time that I got to your post. I am just glad that you had the guts to say it.

Don’t agree

In reply to flame

You have for sure a very practical standpoint.

But let me put the things this way: an exploited kid is living a daily inferno and a fat pig is enjoying this also on a daily basis.

What would YOU put first: the kid or your lousy job ?

You just can’t compare speed limit with crime. And, by the way, WTH dit zlito find ??!

He did not say Child pornography.

In reply to Don’t agree

I read all the post until this one and keeping reading and saw none condenining childpornography he said Porno is a morale issue child abuse is criminal and should be acted on it right away.

Too many people are behind bar because of morale and too many murderer are left free what is more morale.

9/11 was done by the Extreme moralist (read extreme fanatic religous) they are very morale person yet they hurt us, so don’t give us the moral thing but give us the meat. Was it child pronography or not?? if not move on.

Outside of commensens there is none.

Have a nice day.

Take another approach

In reply to I found things on my bosses

Some things you did not address in your original post that could help you here. First off, do you have any regulatory oversight at your business, or are do auditors do an IT audit at your shop?

If so, Policies are generally required detailing appropriate network usage. There are plenty of solutions which can monitor network usage for sites like porn, chat, gambling, or any number of things. Of course, if the downloading took place off network, then it comes down to a question of “Should I tell or not?”.

I think your primary job is to do the right thing for the company. After all, that is where your paycheck is coming from. And the best way to protect the company is to make sure company IT assets are used for company purposes. If something violates that policy, you are just doing your job.

DAMNED IF YOU DO.

In reply to Take another approach

One of the partners of the company, the CEO, called one of my techs to look at his PC because it seemed slow. The tech, whom I hired just weeks earlier, was actually excited to lend a hand but was warned to get in and get out since he is not one to be bothered. He calls me while I am in a meeting and claims that he has an emergency relating to the CEO’s system so I walk out to discuss the matter with him only to find out that he found pornographic pics, videos and links. I say “only” for one reason, I understand the position/ power of the perpetrator and relative to that, he can do what ever he wants. Now, in my case, I wrote the internet and e-mail security policy and any other employee would probably be reprimanded for viewing and saving pornography on the company’s system but this is one battle I will walk away from. I have since asked the owner to call me directly for service on his PC; I explained to him that there IS sensitive company data on his system and that most of my techs would not be privy to such data.
In your case:
Are you the decision maker for your IT department?
Is the laptop his personal property?
There are many great questions posed in replies above mine and I simply wanted to tell a story that may help you relate.

GOOD LUCK!

His job wasn’t to snoop around…

In reply to Take another approach

He shouldn’t have opened & viewed any files on his bosses laptop. He crossed a line. His job was just to transfer over files & settings to the new equipment. He took it upon himself to snoop around and open files just to see what this boss has on his computer. That was wrong. He left the company, it’s possible he was let go because someone discovered his actions. He made backup copies of this offensive material and kept it after leaving the company, that was wrong and could be viewed as theft. When he left the company, he should have dropped off the backup copies with the HR dept and explained what he found. Keeping these backup copies of material for his own use makes me question what his real motives are. He mentioned contacting the “feds”, give me a break, they are too busy and have better things to do than crack down on some porn on this bosses computer. Although the material in question is offensive and shouldn’t be on that company pc, the fact is that this is the boss and they tend to play by their own rules and in which case he employs the HR dept which setup the rules for the rest of the real employees to operate by. I’ve setup plenty of laptops for managers and top executives, and have never wasted time viewing the contents of files stored on these pc’s. If you’re busy, you don’t have the time, if you work in an office, chances are other people would see you doing this and this may have alerted other people to his actions. He should have just transferred all required contents over to the new equipment, perform the necessary virus & spyware scans to ensure that the new pc was clean after receiving the files & settings from the previous equipment. If the original equipment is leased, wipe the harddrives on the old equipment clean using some 3rd party tool (killdisk or something similar) and then use the restore media to return the equipment to original factory standards. If the equipment is not leased and company owned, perform the same procedure and re-deploy the equipment to another user who is using older equipment and could benefit from an upgrade. Why someone would snoop around on someone else’s computer to view the files and their contents is beyond me, network admins aren’t spies, any arguments to the contrary would be foolish. Spying is illegal, let the HR dept worry about the enforcing company policy and reasonable use of company resources.

Valid points, but…

In reply to His job wasn’t to snoop around…

You stated “He shouldn’t have opened & viewed any files on his bosses laptop. He crossed a line.”

If I see a file name that would appear to be in violation of company policy, I’m gonna at least take a closer peek at it. If it’s something that appears to be what I suspected, I’ll open it. If it IS what I suspected, I’ll drop HR a line. They almost always say to proceed with the investigation. I’ll then scour the entire system looking for further evidence, keeping chain of custody and best practices in mind.

You use the term “snooping around” – that is what is commonly referred to as “trolling” or “going on a fishing expedition”. We don’t do that, although we make it abundantly clear in the policy manual that we can – and do, on occasion – monitor systems and their use. If I bump into something in my daily travels that appears to be a violation, I’m expected to follow it up.

As for leaving the company and keeping a copy regardless, I agree that he should not have kept it (nor, I think, made a copy – what’s the point? “I have this CD here with files *I SWEAR* I got off so-and-so’s system”… Not what I would call “evidence” by any means…). He should at least have handed it over to HR on the way out (if at all – I mean, I still don’t see the purpose of having it at all).

You further state “Why someone would snoop around on someone else’s computer to view the files and their contents is beyond me, network admins aren’t spies, any arguments to the contrary would be foolish.”

This is somewhat correct; we are overseers. “Spying” can be open to interpretation. As far as I’m concerned, anything on my network is fair game, and the company has made that possible through well documented, published policies.

“Spying is illegal, let the HR dept worry about the enforcing company policy and reasonable use of company resources.”

What we do is NOT considered “Spying” – “Spying” is when you are doing things serruptitiously, without prior knowledge. Since we have clearly stated that we can, do and WILL monitor systems for appropriate use, we’re covered. And the statement that HR should “enforce company policy and reasonable use of company resources” blows me away, frankly. How are they going to find out about abuse if nobody tells them? And, realistically, the responsibility for maintaining the company’s system resources is OURS and NOT HR’s!

Needless to say I disagree with some of your comments.

Regarding the problem: if it’s just porn, talk to someone in HR about it and also your boss. Then let them do whatever they want to do. Step out of it and let them take responsibility. If it’s CHILD porn, then you YOURSELF have to notify the authorities. If you do not you are breaking the law. You notify the authorities and THEN you notify HR/Management – NOT the other way around! There is no decision to be made here – the law is clear.

Don’t make decisions on your own, I suppose would be the moral of the story. If you see it, get someone else involved. Doing so reduces your liability.

A few years back, I had a top level exec who very commonly surfed porn. I brought it up to my boss who in turn brought it up to his boss. They decided to leave it alone. However, on my own, I redirected the sites he was visiting to another site, commonly http://www.disneyland.com. He realized what I was doing and we actually had a cat and mouse game going for a while… It was quite funny, really. But I was told that we weren’t going to pursue anything about it, however I also had the ability to try to stop the conduct by redirecting the traffic. That was within my authority, so I did it. I suppose I could have gotten in trouble for it, but I doubted that would have happened because he wouldn’t want to make an issue of it in front of others. Besides, I did that any other time I had a violation, so… It wasn’t out of the norm.

As for the way this was dealt with, I don’t agree with the way it was done. Looking at the file is one thing, but burning the CD and not involving others put this guys neck on the line.

Many junior admins face these types of situations, and do what they think is best to deal with it. It’s called LEARNING… We’ve all made mistakes – it’s a part of the process. Some of us don’t have others to learn from, so we have to try to make due. That would appear to be the case here.

Hopefully his next job will allow him better professional guidance.

You may not be able to do much!

In reply to I found things on my bosses

Unless:

? it’s KP (Kiddy Porn), then the Feds can take it and do something about it.

? it’s illegal software, then you need to contact BSA or SPA and they’ll take care of it.

? it’s stolen videos, then you need to contact MPAA (Motion Picture Association of America) and see if this group is converd by them.

? it’s stolen music, then it’s also a copyright violation, like the last one. There are other regulations for this too such as the NET Act.

Bottom line is that there are all kinds of regulatory standards, guidelines, and Laws that have been established that you could use in this case by contacted the associated groups that help enforce them. The issue is that if he has proof of purchase, bought it from an authorized distributor, and can prove he’s innocent then he may come after you with a lawsuit, or if he?s well connected in the industry he could make getting employment precarious at best. You need to make a careful decision on this one, I would chat with the Feds first and see what assistance they can offer, they’re usually very willing to talk about it first.

By the way if there is KP on that CD, you need to get rid of it now (turn it in or destroy it)!! You are breaking the law by having it and can end up in jail if someone catches you with it.

Good luck!

MAD dog

Two choices…

In reply to I found things on my bosses

One question to ask yourself is are you responsible for what is on the company machines. If the answer is yes then you have two choices:

1. Talk to your boss and explain that this material shouldn’t be on the company computer and that having it there puts you in an awkward posistion. Some people will respect the fact that you were willing to talk to them before taking any action. I personally would relay the need to discuss this issue in an email, just to cover you assets.

2. Delete the material and say nothing further.

As others have mentioned there is a big difference between illegal and immoral. As well as the fact that this person may not even know the material is there.

If you are not responsible for what is on the company machines talk to the person that is and let them make the decision.

You know what assuming does….

In reply to I found things on my bosses

Transfer the business related stuff; clean the old computer deleting the “bad stuff” and overwrite all old files with secure delete. Tell the boss you “cleansed” the computer drive and remind him how sensitive data can be. Watch the reaction closely; I’ll bet he is not the surfer you think….. Add guarding software to prevent or monitor future use/keystroke/time logger; then you will find the x-surfer. Revelation then will be just as effect as now, if you are right….. I doubt it. Who does the cleaning in his office??

After browsing the threads….

In reply to I found things on my bosses

Highlights:

– This person is the President of the company
– It sounds like this person gets everything through the company
– Cars, computers, etc…
– You have since left the company
– You have in your posession a CD of said materials.

I’ve gotten some great advice from some pretty great people over the years in the IT field. The best advice I ever got on the uppie-ups is that “They’re different”. These people are not your pal, your friend, your buddy. They play by their own set of rules. The company they work for pays them huge money and they turn around and milk that same company for computers, cars, free meals, etc… Things they could well afford with the salary they make. One of my biggest beefs, being an IT person, is executives bucking the system, purchasing custom laptops and wanting to use them for work. As I said, they don’t play by the same rules as everyone else, and they don’t have to because they can replace you with someone else who will let them behave as they want.

These people can make your professional life miserable at the snap of a finger. You never know who knows who when interviewing for a position.

My sincerest advice to you now that you’ve moved on to a future position is to move on completely. Destroy the CD and let it go. It’s not worth your time and effort. I’m sure you have plenty of other things you’d rather be doing with your spare time than thinking about this. You have no loyalties to that company anymore.

It sounds to me that you have some kind of serious vendetta against this person and you want to see bad things happen to them. Trust me, let it go, it’s not worth the effort.

Good advise….

In reply to After browsing the threads….

I think that you have offered the most realistic advise here. I certainly wish someone had given me that piece of advise a few years ago!

A long winded discussion over nothing….

In reply to I found things on my bosses

You’re a network admin, transfer the files & settings over to the new laptop or pc and be done with it. Even if this person has movies & photo’s on his laptop of a questionable nature (porn, etc.), it’s not your job to be the voice of morality at your workplace. Reading another post of yours, you mentioned you left and that you might send the “feds” a copy of the material that you burned on to cd/dvd. What was the necessity in burning a copy of this offensive material which you now own and no longer work for the company? For your own use possibly? Even if that wasn’t your purpose, you probably crossed a legal line making a backup copy of personal files from someone else’s computer and keeping it for yourself after leaving the company. If your intentions were genuine, you should have dropped the copy of the offensive material in question with HR and said that you found this while working on this person’s pc, the material is against HR policy and someone from HR should speak with him about this. Porn pics & movies copied from the internet or other sources may be offensive to you but I don’t think it’s going to cause this company to crumble just because it’s on the boss’s pc. Big deal. The “FEDs” won’t waste their time with this kind of kindergarten grade finger pointing either, I’m sure their busy enough as it is. As a network admin, you’re responsible for keeping that network up & running and ensuring that network users are able to perform their duties by connecting to and being able to use the required network resources (email, file storage, printing, internet access, etc.) If it’s a big enough company and you belong to a small IT dept, it should be easy for you to fill up your days being a network admin. Here’s a question: if you’re running a windows network (and you probably are), Are all of the pc’s connected to the network running with the most current set of windows critical & security updates & service packs, office security & critical updates and service packs, how about software upgrades, how’s your corp.firewall doing and do you even have a professional solution in place or do you just rely on software firewall solutions individually installed on everyone’s pc, how about implementing some form of internet content filter so that your users can’t access p2p file sharing services and questionable internet sites, how about antivirus software, are all virus definitions updated on a regular basis, do you schedule weekly virus scans during off hours, do you have a corporate spam filter in place that you can monitor and update accordingly so that people get real email in their inboxes instead of email fluff, how about spyware, are you running a spyware app on every pc with the latest spyware definitions installed, do you run weekly or biweekly spyware scans and remove traces of spyware founds on your user’s pc, how about performing disk cleanup & disk defrag / page file defrag operations on a regular basis to ensure pc’s are running as good as they can be. Do you maintain a current hardware & software inventory for this company and ensure that it’s up to date, how about ordering new equipment and scheduling upgrades. Seriously, the list goes on & on, if you have enough time to peruse the contents of your bosses computer and inspect each individual personal file, you have too much time on your hand. You should have just copied the files over instead of opening & viewing each file to determine their contents. That’s something a spy would do. If you’re questioning your bosses ethics & morality for containing this type of offensive material on his computer, you should also question your own for searching around in his personal stuff. If you’re running windows 2000 or XP on his pc and copying over files & settings to his new laptop, couldn’t you have just exported his user profile to a network share and then copied over that profile to the new pc so that his files & windows settings are maintained on his new pc? You could also have employed the files & settings transfer wizard to automate this operation between the pc’s while both were connected to your network. There are also other commercial versions of software that will do this trick for you. You however performed a manual, laborious time consuming (much like my post – sorry) file copy process and took it upon yourself to examine the contents of these files. I’m wondering if you’re also the type of IT guy who also snoops around employee salary info that the HR dept maintains. Just because you have the power to access & view this information doesn’t mean you should be doing this. Who’s watching the watcher? Just my 0.02 cents, I’m sure I’ll get replies from both sides of the fence on this one.

I have to agree

In reply to A long winded discussion over nothing….

Rob, I for one will have to agree with you, there was no reason for him to inspect the contents of his boss’s files, and had he done it in an efficient way, he’d never have seen them in the first place. If he was so concerned about morality, he could have just not copied the files in the first place, but to go on and make a copy of them and then keep it after he left the job goes against the grain.
Also, nobody has picked up on the fact that he says in one of his posts that “he keeps up with the list of movies that are illegal” Does this not worry anyone but me?? If the company tech knows about illegal porn, then is he any less guilty? Hmmmm me thinks not.
Calling a user “computer stupid” is also not on, your job as a tech or network admin etc, is to educate and help your users, not belittle them.
That said, i’ll get off my soap box lol.

long winded discussion lol

In reply to A long winded discussion over nothing….

how ironic that you title your post longwindeddiscussion over nothing. hahahaha

Added task of moral gatekeeper

In reply to I found things on my bosses

There’s alot of gray area in this whole issue, and much of it should fall under the umbrella of company policy (though it’s usually more a case of “lack of policy”). The two guiding elements in end-users’ behaviour is either they truly don’t see their actions as illegal (or as “all that serious” – doesn’t “everybody” do it?) or they don’t believe they can or will be caught. Company laptops are an even grayer case as, due to the mobility and availability of these laptops to the user at all places and times, they are inadvertantly used as much for private, personal purposes as for work related issues. The three fields to juggle are: 1) What is downloaded over the company network and company time? 2) What is downloaded over the user’s private, home network on private time? 3) What is left on the computer when it is on the company network?
In addition to the illegal character of actions, further implications are the repercussions this could have on the integrity of the company, exposing the company network to Spyware, Malware, Worms etc… (and many download sites are THE source for these hazzards). My company pretty much allows me a free hand to deal with these problems as I see fit – as long as there is proper documentation and a reasonable process of escalation. How far you can go and what you can threaten or do depends on where you stand in your company though… In general, I first try a general approach, claiming that I’ve noticed illegal downloads over the company network (or access to various sites or IPs on the firewall logs). I will openly announce that some of (or one of) the company computers contain illegal files, apps, downloads, etc, or that users’ private downloads at home are exposing the company network to various possible hazzards… This usually results in two things: 1) The CEO immediately wants to know specific details of who and what 2) The culprit usually gets the hint and either stops or finds a way of covering his tracks (which I usually find out and then threaten to take action). I have found that people are usually more receptive when you make it clear that aside from being illegal, there would also be much personal embarassment if more details were known.
The fact that you refer to illegal actions could definitely (and ultimately should) be reported, but as I’ve encountered many individuals who really don’t fully understand the implications of their actions, I try give a second chance. Miss that second chance and then I get nasty. Furthermore I undertake to occasionally post news articles relating to public cases of similar issues where all can see as a reminder. Every new employee who has access to the internet or gets a laptop first hears my rules, and I occasionally hold company enrichments which at face value emphasize network integrity and security issues for the end user, but also plant in everyons mind the feeling that I am aware of every single keystroke taken on any of the company computers…
The fact that it’s the CEO is sensitive, but if you have a good enough line of communication with him (He did ask you to migrate his computer, knowing that you would likely have access to his soul…) you might find a way to convey that he “seems” to have on his laptop material which is best not to have for obvious reasons. Suggest that if he intends to continue, it might be advisable to keep it to his own personal private home computer and network only.
The loyalty dilema is complicated – You want to protect your place of work, you don’t want to confront or offend your CEO and you don’t want to be an accessory to criminal actions. In the case of extreme criminal action or beyond, I’d report it immediately, but try protect myself at the same time. On minor issues I think that being able to show that actions were taken to prevent the crime from being repeated is highly commendable, especially if these actions are successful. I feel that minor first time offences can go unreported to the authorities if I cn show that my actions were fruitful and at the same time allowed the perpetrator to save face without implicating or endangering the company.

he has since left the company…

In reply to Added task of moral gatekeeper

this post’s originator has left the company (he mentions in a post halfway down the list) and he also mentions having backup copies of this material in his possession. This was wrong & illegal, he should have dropped off this “backup” material with the HR dept and informed them of what he found if his intentions were genuine. Since he has kept this material, I can only assume that it’s for his own use which makes me questions his ethics & morality. You are correct, this is a very grey area and if you are given the additional responsibility of performing these types of tasks wherein you have to directly examine the contents of files on someone else’s computer, you can have it. I’ll take no part of it. When I’m ask to setup equipment for a user, manager, boss, etc, I perform the said tasks without having to examine the contents of each individual file. I make sure the equipment has all the required sofware installed including all required security & critical updates, service packs, up to date virus & spyware def’s, etc. If a spyware or virus scan returned results I would ensure that any viruses & spyware were quarantined & removed before giving the equipment to the intended user. This doesn’t require me to check out & view any of the movies of photo files saved by this user to open & read any documents or spreadsheets. Never had to, never will. If you have an internet content filter in place to restrict internet access to p2p filesharing resources and questionable internet sites, that’s half the battle. If you have a spam filter, internet access monitoring and email scanning solution in place that another piece of the puzzle. Let the HR dept deal with implementing and enforcing company policy, that’s what an HR dept is for.

Testify !!!

In reply to he has since left the company…

yer the man ! I think you’ve summed it up. Why on EARTH would anyone make a copy and keep it..especially when one is leaving the company ? Smells like mutated goldfish to me people.

Dump the porn

In reply to he has since left the company…

They can only do it if they have knowledge of it. Sorry, but dropping a dime on a VP becomes he said, she said. Who besides him has access to the computer—YOU. Just wipe it and press on. You might tell him about external drives, however.

The usual reason we get involved is the gripe that the computer is s-l-o-w…and we find three copies of “Debbie does Dallas” and its kindred, with 30M of space left out of an 80G.

Had one exec who went to do a speech, and tried to load his PowerPoint presentation to his HD. His kid had 60G of Uberdownloads on his drive. Didn’t quite make it. Good music, though.

Be Careful…

In reply to I found things on my bosses

If the boss in question is a principle of the company, he’s under no moral obligation whatsoever to meet someone else’s moral standards with company assets he owns! Even if you run across illegal (pirated?) software, I’d tread very carefully and approach it from more of a “I’m just letting you know what I found…” kind of approach.

Chances are if he/she is knowingly downloading illegal software, the last thing he wants to deal with is someone playing moral policeman.

Technician Not a Policeman

In reply to I found things on my bosses

If the boss has illegal downloads, that’s on his head. One function of your job as a paid employee is to look out for the companies interest. Turning in a corporate executive to the prpoer authorities is not looking out for the companies interest. If you feel compelled to, make the executive aware of what you found in the course of your normal duties and put the ball in his court as to what to do about it. However, be aware that this information is very politically sensitive material and there may be repercussions in regards to your career. It sounds like your boss has questionable morals to begin with so I would weigh very carefully how I would proceed. It’s a credit to your character that you want to do the right thing but it’s not a very noble feeling to be right and unemployeed.

take ’em out

In reply to Technician Not a Policeman

OK, make a ghost backup for your CYA protection first. Its called backstabbing and its how the “corporate world” works. Do you really think he would help you if the tables got reversed? nope.
Don’t you think he “asked” YOU to do this dirty work for a reason? He doesnt have the right to make you break the law or make you uncomfortable at work. Hell, you can already sue the company for pain and suffering (you are confused enough to post here, after all).
If you have HR tell them on a day your boss is out of the office. Call a lawyer first (its free at first – anyway). Tell the lawyer that you have a backup copy (and be sure you do).
The other advice is crap… though well meaning since nobody wants you to be the victum though you already are.

Proceed in this order:
backup copy -> lawyer -> HR (or another – pref. (older) female manager)

Where do you stand now?

In reply to I found things on my bosses

Let’s see if I have this correct. You worked for this company, saw files that you found offensive, backed these up to disk, left the company, and now wonder what to do?

First, get rid of the backups…as in totally destroy. They are NOT your property and the fact that you have them makes you a thief!

Second, who in this field has not seen these files? I agree that unless they are child porn, let it go. I’m only paid to keep the network running and handle issues with that, not to police what people see/do.

Third, send the files to the Feds?? And tell them what? You have no proof that those files will even be there on the laptop anymore, but you still have the disk. Ever hear of a disgruntled ex-employee?

I guess your only option at this point is to let this issue go….it is now some other IT persons problem since you don’t work there anymore.

Need more info to judge

In reply to I found things on my bosses

Zito, you didn’t say if he was the president of a large company (and thus answerable to a Board of Directors) or whether he was “Bill” of “Bill’s Sales”

If a large company, I do not envy the position of being caught between the corporation that sets policy and the person who could squash your career like a bug. Avoid that political battle, even if it comes to a necessity of changing jobs. Better to leave on your own terms than get caught up in a no-win situation–if you report him or don’t report him, you are opening yourself to being pink-slipped either way.

On the other hand, if he’s “Bill” he *is* the policymaker. It is not your job to determine policy. It is your professional duty to recommend sound policy, but setting it is not your prerogative. In this situation, even if his computer contents violate policy, it’s his policy to break if he chooses.

You state some of the contents were illegal. My actions would depend on whether they were criminal (as in kiddie porn) or civil in nature (as in P2P music sharing). If the content is criminal, you must report it to the authorities, or be considered an accomplice. If it is a lesser variety of illegal, you may be well advised to, as someone recommended earlier, develop amnesia.

Interesting…

In reply to Need more info to judge

I have read all 125 (at the time) posts for this article. I am not throwing my .02cents into the arguement. I just wanted to comment…

There have been sound pieces of advice, for and against persuing the issue, as well as some down right nasty comments. I guess the issue boils down to what you think is right for yourself. Not the company or the “boss”. The company nor the boss will watch out for you. You have to do it yourself. You have to accept the consequences of whatever you decide. Weigh your decission carefully, then stick to it without second guessing yourself.

To all of the posters thank you for opening my eyes to the different view points. If I am ever put into a situation such as this, I will remember your thoughts and suggestions.

Look the other way

In reply to I found things on my bosses

If he is doing something illegal, it will catch up to him.

“Everybody gets what is coming to them.” – Clint Eastwood.

You are responsible for feeding your family, that should be your only worry.

Btw, you are just seeing the title of files not the actual file when your copying files?

Professional ethics

In reply to I found things on my bosses

This dilemma occurred because *you* violated your professional ethics. It is not necessary for you to view a file in order to transfer it. Your job was to transfer data, not review the data. I consider it the same as a mailman opening the mail he delivers or even reading a message on a post card. Any exposing done will expose your lack of ethics. Yes, there comes a time in your job when your job is reviewing data in a file, but this was not one of those times.

Unless he is in charge of security …

In reply to Professional ethics

he should not be ‘snooping’ on other people’s workstations. If it is not his position in the company to investigate matters involving the corporate security policy, then he has no business going after these files. By copying the files off the workstation of a company official and leaving company premises with that material, he needs to be terminated immediately. I would never want to be guilty of such an offense under any circumstances. Someone else on here mentioned that the people responsible for hiring at other companies have ways of finding these things out. They are absolutely right, there is such a network and in IT, that network is VERY well connected (they may have a secret IRC server somehwere and they all go there looking for blacklisted people). I know that sounds like a fantasy, but it sure seems that way sometimes.

The best thing he should do now is move on, learn from it and hope he can find a less-than-well-connected IT recruiter in another company after they have let him go. Maybe he should resign to prevent the blackmark from being entered against his permanent record on the secret database.

What is your role?

In reply to I found things on my bosses

What is the company policy if there is one especially for mobile computers used both for work and personal tasks. If what he is doing violates “COMPANY” policy and not just your sensabilities then you might have cause to approach him, tactfully and with the support of other higher-ups if that’s possible. If he’s the top of the pyramid, just let it go and just walk away from the next migration in process. Get a PDA and play games to kill the time, read Tech Republic or something else to keep busy. If you’re going to ‘peek’ at the pictures and there is no company policy in place that forbids that practice then let it just be that little smirk of a knowing smile when you see your boss and hand him his newly migrated laptop!

Two alternatives

In reply to I found things on my bosses

If you found child porn, bomb plans, or other clearly illegal items, you should turn him in to the proper authorities. Otherwise, I would just not copy those items to his new computer. When he looks for them he will know you found them. Chances are he will not say anything, and the point will be made. If he comes to ask you why some things were missing, ask him specifically what kinds of things he had on his old computer that he wants on his new one. If he gets the point, good. If not, the boss has a problem that will effect the company sooner or later, and you will need to take that into consideration in planning your future.

I see

In reply to I found things on my bosses

I see nothing. NOTHING!

summed up

In reply to I found things on my bosses

nteresting thread, good discussion. one person had great advice (1.) another person had clever/entertaining advice (2.)

1. why is he looking at the files? it is not his business…and that can easily end the discussion

2. dont import the pornographic material. that is funny, very clever, but ultimately may have a negative impact on that persons standing in the company contingent upon the character of the CEO.

PS: if the guy had harmfull items like child pornography I myself would directly confront him and ask him what the hell he was doing. I would consider turning him in. if he had children himself I would turn him in.

Computer Store Porn

In reply to I found things on my bosses

I recently had a friend purchase a computer from a major retail chain. About two weeks after pruchasing it her son (14 years old) found a major stash of porn on the computer. She asked me to look into it, and although she thought she was purchasing a new computer I found another user had been created on the computer almost a month before she purchased it, and this user had signed up for internet access and downloaded a lot of porn. She did not even realize that ir was on her computer.

I am not saying this it the case with your boss, but I would be inclined to give him the benefit of the doubt and tell him that you found this on his computer, and suggest that it may have originated before he purchased the computer. If it is his, it gives him a heads up that this stuff is available to others, and may have an impact while giving him a face saving way of backing out of it.

Not every event is what it looks like on first glance.

Even if you investigated dates and they occured after he purchased the computer, you don’t know who else he may have loaned the comptuer to. I try to give everyone the benefit of the doubt on the first incident. I use it as a trining exercise and a way to improve overall awareness of security issues. This is particularly important for older senior managers who may not have the experience with technology and security that a younger manager would have.

From your point of view, you cannot ignore this. You have to report it in some way, and giving him the benefit of the doubt and a way to back away from it allows you to report it as an incident that does not have a serious negative impact on your boss, but also puts it on file and starts to biuld a case for dimissal if it happens again.

good point, but…

In reply to Computer Store Porn

that is a good point about giving the guy the benefit of the doubt. I do believe it is more likely than not that he would be importing the guys profile. it follows that the porn would be in a data path under his control.

remember this is the president of the company. I would never never take that to hr or whatever unless I found harmful material
note to hard rightwingers: I am not talking about barely legal teens here. I mean kiddie porn, snuff films (hehe, tell me they dont make those anymore) etc

confront a president of a company to his face or not at all, he might respect you. you go to hr and he will find a way to bury you

Never touch a non-company computer

In reply to I found things on my bosses

Work on personally owned computers can lead to other potential problems besides this one. What if some component coincidentally dies while you are working on the machine? In the future, never even let them in the door.

Come up with a couple of excuses and use them.
Try “Gee, nice machine, Boss, but it’s a lot more sophisticated than what we use here”, or “We don’t have that version of Windows / other OS here, so I don’t have any experience with it” or “I’ve got several company machines I must work on; why don’t you try Best Buy?” or “Our file transfer software is an older version and isn’t compatible with your new OS’s .DLL files”.

If you don’t think your job is in on the line, just tell them straight out that you don’t work on non-company hardware because you don’t have all the tools needed to restore the OS and apps if you accidentally screw it up.

Executives are like kittens. If you feed them once, they’ll keep coming back and they’ll bring their friends.

Yes sir yes sir three bags full

In reply to Never touch a non-company computer

You are in a tough situation and there is no way you can “win” so the best advice is ignore it if it is company property and have a pristine image to load on the new computer and if it’s a personal machine DON’T TOUCH IT !!!!

disagree

In reply to Never touch a non-company computer

sorry but you are wrong on this. this is the president of the company. the president sets direction , if he chooses to use a personal laptop for business purposes this is what you support.

it is inconvenient to support machines that we arent familiar with and often it is inappropriate. this is not one of those times. come on guys

I thought that you were a tech!

In reply to disagree

I thought that you were a tech and not a snooper (peeping tom, nosy person or judgemental). Your job is to fix his computer, transfer files and do what you were asked to do.
If your morals get in the way, go find another job. You don’t know who, what, where, when, or how this stuff got on his computer. Mind your own business and do your IT thing.

Replace personal with company equipment

In reply to disagree

If the president requires a laptop, the company should purchase one for him. Then you can manage it like any other company computer, and it will be subject to company polices covering appropriate use. Explain to the president the advantages of this (easier to support since it’s the same as other company systems, leasing allow a new one every 2 or 3 years, doesn’t come out of his pocket when it breaks or is stolen, etc.)

I haven’t met a senior executive yet that wouldn’t like a second laptop. He can use the company-provided one and give his old personal one to someone else in the family.

Good Advice from Palmetto

In reply to Never touch a non-company computer

Palmetto gives good advice. Every company I have worked for
had company-provided desktops or laptops that were given to
employees for their use for company business, and it is usually
made clear up front that any and all information on that
comuper may be subect to monitoring, etc. In this case, you
indicate that it was the executive’s own personal computer (not
“PC” but “personal”).

Probably not a good idea to allow employees to use their own
computers but in this case if it was the company president, you
probably did not have any choice. Instead of posting this
dilemma on this very public website, however, you might have
discussed it with your boss.

Unfortunately this idea when out the window when M$

In reply to Never touch a non-company computer

Released their 3 step VPN on 2003. For even the most basic security we now have to not only secure all of our workstations but the senior managements home PC’s/LT’s as well.

It is pointless having the best security possible when the Company President/Boss or whoever may have an unprotected PC at home that is capable of being used by anyone there. So we now go out and create user accounts and secure their home PC’s or whatever so we don’t have gapping holes in our security. It is amazing just how many of these computers have absolutely no security or AV installed but their owners still expect a direct connection into their work as they require it. We generally setup our own Internet connection and just allow them to use it as required it works out far cheaper in the short term and is a lot easier to control. It also limits any potential damage if their machine falls into the wrong hands. Currently we are slowly replacing every one of the senior managements home PC’s with a company PC that we honestly never expect to see again until it gets brought back to be replaced with a new unit or breaks because some idiot game was installed.

Col

Err on the side of freedom

In reply to I found things on my bosses

First of all, many people do not realize that data transfer operations involve seeing file names. I’ve been doing this for 10 years and have seen millions of FN’s flash by on the screen. In itself, that is not snooping – it’s part of making sure the transfer job finishes correctly.

In that time I’ve seen LOTS of porn and just let it go right on by. It’s none of my business; they’re all consenting adults from actors to audience. As for trying to police what the guy does at work, that isn’t my job except as outlined by company policy. Furthermore, who am I, the morality police?

MP3’s may well be translated from his private CD collection – I don’t know if they’re stolen and it isn’t my job to find out.

Child Porn is different – every picture has a victim and a service company I once worked for helped prosecute a guy who brought in his computer chok full of the stuff. We were proud to do it, and yes, CP would be worth losing a job over.

Legal perspective

In reply to I found things on my bosses

If, as others have said, there was child porn, you have a legal obligation to report it to the police… as the news has shown us a number of times very recently, these guys are literally time bombs. I’ve had to track them and they’re all the same and they never change.

If that laptop in question was a company machine, designated for company work, I’d drop a standard image on it of only the OS and software required to do the job. Nuke the old machine and drop a standard image on it too.

One response mentioned loaning him a CD burner to save the files to before cleaning the laptop. As long as YOU don’t do the copying to CD. If you do, you then become an accessory to whatever crime has has comitted… assuming it was child pron or copyright infringement or whatever. I went so far as to verify this with my D.A. sister.

Personally, I wouldn’t want to work for such a guy. First because of this morality issue, second because of potential copyright issues and most importantly, his mind is NOT on the business. It can’t be long before business suffers for his inattention. He owns the company… you’re screwed! Why protect a dirtbag?

I would report anything illegal I saw, especially child porn, then call my headhunter. End of story.

The Thin Line Between Technician and Voyeurist

In reply to I found things on my bosses

First, it is not unusual for employees to use their personal PC’s
or Mac’s at work, as a conduit to company e-mail, company
files, etc. Thus, one would expect that an employee using his or
her own computer at work (connected to the company network
when at work) would be using a computer with personal folders/
files as well as company folders/files.

It appears that YOUR JOB was to migrate essential company data
to the company President’s computer, NOT to review, even open,
files that were clearly personal and none of your business. That
was wrong, and you should probably seek clarification from your
boss as to what the scope of your responsibilities are.

This appears to be a case where the hardware (the computer)
was the personal property of the employee (or he/she had been
authorized to use it at home for personal use) and the software
and/or files you were transferring were property of the
company.

If you and other IT “cops” are curious about your scope of
“investigation” or authority, I suggest you seek your boss’s
acvice or your General Council’s advice.

P.S. The mere fact that you posted this information on a public
website is troublesome, as any good computer-literate person
((including my teenage son) could find out who you are and what
your company is in a heartbeat.

P.P.S. In my spare time, I teach business ethics. You might want
to pursue a course yourself.

JB

challenging BS

In reply to The Thin Line Between Technician and Voyeurist

your bravado is entertaining but you cannot find out (as an example) where I am or who I am (without a number of search warrants). false boasts rub me the wrong way

you can have more than a heart beat if you need it Neo

Easy to judge

In reply to The Thin Line Between Technician and Voyeurist

Much depends on details not in evidence.

Are there company policies on porn? In some companies, if its found and not reported, the person not reporting is in trouble. I know at my last employer I would have been fired for not reporting items like that. We don’t know what the policy was at the OP’s place of work.

And as for “reviewing” the files, I agree that the OP had no business opening files. But are you not aware that if Windows explorer is set up the right way you get thumbnails of pictures, without opening any files. You would see this in the ordinary part of the duties of transferring files.

Also at my last employer, it was assumed that data centre personal would see sensitive material in the course of their duties, including medical records, HR records, and government classified material. So people in the data centre were carefully screened and cleared to Top Secret.

Was the computer a company computer or a personal computer used for business? There is lots of speculation here but no proof that it was a personal laptop. He just said he was migrating files from the old to the new. Again, there may or may not be policies in place regarding this. My last employer insisted that in order to use a non company PC to dial up to the company network, you had to have certain critiria, including having an active up to date virus scanner(paid for by the company).

While it might be possible to track the OP via this website, it might require some hacking. I am more than just a reasonably skilled computer literate techie, but I wouldn’t make an idle boast like yours. Are you suggesting hacking TR would be ethical? You suggesting that there is no mechanism on TR to prevent the curious from finding out where the posters are posting from? Can you hack into the TR login file? What if they made up an email address for their login – or used one where the account no longer exists.

If there was evidence of something illegal,like kiddie porn then the OP has the duty to report it. If its not illegal but immoral, it depends on corporate policy.

If the original poster snooped, I have a problem with his ethics, but if he accidentally uncovered it in the course of his regular duties, he has an obligation to follow the policy guidelines of the company that hired him.

As for your ethics course, do you teach people to make judgemental posts based on half the facts – is that ethical? I don’t think I will sign up thanks.

James

What the bloody hell are you doing going beyond the scope of your job MR?

In reply to The Thin Line Between Technician and Voyeurist

I agree with ETHOS21st@…!!

ETHOS21st@… I must make mention that PC stands for personal computer, a mac and a wintel box are pc’s. Let’s not forget our history!!

You have no idea…

In reply to What the bloody hell are you doing going beyond the scope of your job MR?

…What the scope of his job is. In some of my job descriptions, its been quite specific that I am to uphold and enforce corporate policies.

As I and other have said, he may have inadvertently discovered these things. If corporate policy says to report it, should he ignore policy because he accidentaly discovered it?

Whats this nonsense about personal computer – if it was a company provided computer, unless there is a stated expectation of privacy, there is none.

As for “our” history, mine goes back before IBM PCs. I’m not forgetting anything.

James

Reply To: I found things on my bosses

In reply to The Thin Line Between Technician and Voyeurist

If he is using his personal PC for work, he should have to keep that stuff off of it. No one wants to see it. Talk about ethics, the president or whoever he is should be concerned about creating a hostile work environment.

I don’t think Zlito went looking for it, but it was right in front of his face. Sometimes you can tell enough about a file by its name. You don’t have to look at the file. I’ve seen it many times. He has to ask him what it is to find out if its company data or not. Maybe he won’t have to transfer it. Or the president may not even know what it is. Maybe he didn’t put it there, maybe his kid did and he wouldn’t want it on there either.

Its not a matter of voyeurism. Its the PC owner’s responsibility to keep it clean. What tech really wants to know the real intimate details of someone’s life as told by their PC? Its things you would rather not know in my estimation.

The real people that need to get some ethics are the ones that have this stuff on their work PCs. Why don’t you give courses to them.

As for hacking TR to find out who is posting this “outrageous” post, where are your ethics? Sounds like scare tactics to me.

Mind Your Business or Bribe Him.

In reply to I found things on my bosses

End of Story.

Does he/she know whats there?

In reply to I found things on my bosses

I have doing IT work long before it had the title IT.. And I have seen MORE than I ever wanted to see.. and one went on to the police to handle.
I Also know that today a lot of people in positions of power don’t have a clue whats on the machine that he/she is using!
First and foremost, ask the user about the data!
Does it belong to them?
I have seen more than one laptop filled with the son/daughter (yes girls do porn too) pic’s and the owner knows nothing of what?s going on. I have seen other people admit to owning the “data”.
As to the fact it belongs to the President of the company, would mean NOTHING TO ME. I work with over 25 separate Construction companies, so the group of people involved is wide.
All I have ever had to do with anything I found in question, was ask about what I had found !!
The decision after that is yours.

How do you know they were illegal?

In reply to I found things on my bosses

How do you know they were illegal?

http://www.surveypaid.net

Exposure to porn at work

In reply to I found things on my bosses

Has everyone on this discussion thread forgotten that there are laws in this country to protect workers from being exposed to such things as porn in the course of performing their job? The presence of porn whether CP or not on a computer that you are instructed by a superior to work on in the course of your employment creates a sexually hostile work environment. It doesn’t matter whether the computer is a personal or company computer. A company officer instructs an employee to perform a task that the officer would reasonably expect may mean that the employee may see what is on the computer.
Remember that Boeing did fire Harry Stonecipher for having poor judgement by having an affair with another company employee. They were both consenting adults, but the company believed that the affair was an embarassment to the company.
Is it a good idea for the tech to keep his/her mouth shut and let a secretary or other employee perhaps walk into the company officer’s office while he is looking at his porn? The officer is not the company, even if he is the president. And people have a legal right to do their job without being exposed to sexual material. That’s not being judgemental, that’s the law. Society has already made that judgement.

It’s illigal

In reply to Exposure to porn at work

The viewing of inappropriate or illegal images in the workplace can lead to criminal and civil claims, not only against the company but also it’s directors and the managers they appoint if negligence is found. Organisations have a responsibility to protect there staff from harassment in the workplace. Most companies will have some type in gateway filtering in place but this only solves part of the problem, images can be introduced via USB ports, memory sticks, CD’s, DVD’s etc… if an image is imbedded in a work doc or PowerPoint it will get through your gateway. My company specialize in protecting organisations and there staff from illicit image abuse by monitoring in real time at the desk-top, if you have a concern about potentially damaging images on your network drop me a line.

Excuse me?

In reply to I found things on my bosses

boring process?? You were snooping, admit it. If you know anything about profile and data migration then you would know there is no reason for you to be scanning the ‘owners’ files.

Frankly, you should not even be trusted with data unless you are charged with being the moral cop for teh company. Is the Company President aware of your outstanding moral acuity and perception that you can decide what is legal and moral for others and did he or your boss then add that to the job description? Are you an attorney at law? Ready to give a deposition as to why you were going through the Presidents files while you were transferring them rather than just migrating the profile? Are you sure you want that rep in the industry, not even a church would hire you, certainly not a diocese.

You don’t have a moral problem, you have a personal one, minding your own business and abusing your authority.

Oh, by the way, I have been transferring systems and profiles for years and I dread it if I am asked to scan for files of a particular nature. So, you and I both know what you were doing, looking for something juicy on the Prez’s PC you could use for fun or profit and now sensibilities are insulted. Hurts when a hero is made human, huh.

Ouch !

In reply to Excuse me?

wow, nice one..I’m even feeling guilty now just reading that kevin620. And i’ve done nothing wrong 🙂

tis a fine line, but your right. I usually “don’t look” at other peoples things on pc’s. helps me sleep at night.

Anal aren’t we.

In reply to Ouch !

Wow kevin620 must be that one person out there that when someone says, let he without sin cast the first stone, kevin620 has already released a bolder. I find your manner and tact poor at best. Amazingly, when my clients need data migrated, it it up to me to verify the data has been consolidated from the usual places. Even though I state for the client to place all personal data in my documents or desktop, that rarely happens, and a great admin will do a verification first. How can one avoid tasteless files if they are in my documents and the system is set to thumb nail view. Just the process of consolidating and transferring the data leaves a person open to seeing file names which can be obvious and shocking. So, I guess you can either put down the hammer and help, or keep nailing yourself to that cross and living in a world very different than the one most of us in the field live in.

Mind your business!

In reply to I found things on my bosses

Who do you think you are? You have no right whatsoever to be looking at anyone’s files whilst you are engaged to transfer files.

I can’t belive its not butter !!

In reply to I found things on my bosses

I have never heard a bunch of whiners in my life. You’re the kind of people that make me sick with your attitudes. First of all, the computer was his, you just transfered the files, thats it, period.. You need to get your head out of your neither region and see some sunlight, How do you know whats legal and illegal ? just by your years of being around? come on… Sounds to me like these other people said, YOU WERE SNOOPING. What gives you the right if it was his own personal computer.. As a private IT consutant I have strict policies on privacy, what I see in the course of my duties are confidential. I would never give up information unless ordered to by a court of law or if I was hired by that company for that specific purpose. as for all you network security champions out there what can I say… you talk about securing the network from ” these kinds of files ” whos to say he doesn’t have a broadband connection at home and is getting this from home or somewhere else, and if there is spyware or a malicious file on it .. shouldnt your severs protections stop it?? Now last of all.. IF and I said IF, this was a company owned laptop then it would be up the the proper policing authority to regulate the material on the laptop,by actively inforcing a policy, suggestions were made about that.Think about it, turn it around and make the boss yourself and someone else is doing your laptop, say you had some pictures of your family and animals and kids.. but your wife/husband just happens to have on some cothing someone else considers offensive. and they turn you in because THEY think its offensive… think abut it..
When did america become the home of the whiners no wonder jobs in our field are going overseas..

Watch out what you think you know.

In reply to I found things on my bosses

If I take an innocuous file and rename it “Inflatable Nuns”, how do you verify content without looking and invading privacy or violating policy. File names alone are not enough. Unless the file names are clearly representing kiddie porn e.g. alt.preteen.erotica and unless you have a policy already in place, let it go. I found images on a win 98 PC years ago, and called the cops. I was deleting files from a cache, and accidentally previewed one. I called the cops. I had to recount my methodology to the investigator and go thru a lot of stuff, only to have the investigator say that there were not enough images, and they were of an OUTDOOR NATURE, and not necessarily kiddie porn by their definition. Then I had to answer to my IT boss. I later found the employees cache of kiddie porn on another PC after he left the company. Nothing but heartbreak for me and no justice for the ex employee.

Be sure in triplicate before you act. A policy of an IT supervisor being the person to notify appropriate authorities provides a layer of reason on your side, places the responsibility to act on a supervisor or manager, and carries more weight with the authorities.
A boot up warning message on company PCs saying what is not allowed by company policy is always a good idea, along with the policy that any PC touched by company IT is to be treated as a company PC will discourage abuse of IT personnel by all but the most ignorant company big-wigs.

Just delete them

In reply to I found things on my bosses

Really, that’s what I would do (and have done in similar situation). Obscene photos, movies, whatever, just delete the lot. I mean, what’s he gonna do, say “hey where’s all my XXX stuff gone?”

You could cover your ass a bit by saying you think some files may have been corrupted during the transfer, give him some technowaffle about buffer overruns (assuming he’s not technical) and could he check to make sure nothing important was lost.

That way he’ll think you MIGHT have seen something, but can’t be sure, and it will also make him realize what an idiot he was in the first place.

I think we all agree, if its CP. Report it

In reply to I found things on my bosses

I read almost all the way through the threads. And differences aside on company policy, everyone seems to be in agreement(thankfully). That if its child porn, turn the pig in.
Otherwise, your call.

Do you have kids?

In reply to I found things on my bosses

Do what’s right.

Are some users so computer illiterate or plain arrogant??

In reply to I found things on my bosses

Not sure what you mean by “could really hurt his company”. You need good instinct, a pair of balls and know your company’s culture and mentality. I wonder if it is computer illiteracy or arrogance to ask the IT person for assistance and have them encounter someone’s weird little world online.

I know an IT guy who was in the same situation. Turns out that some companies are more worried by lawsuits of violating some high-position user’s rights. Well, my friend decided to ‘oops’ erase some of the illegal, sick s#&t he found on the system (it was a company laptop). That user did not come back to him to complain either.

Illegal

In reply to I found things on my bosses

The first thing that needs to be cleared up is how do you know that these things are illegal or that he obtained them illegally? Pictures of people doesn’t sound illegal regardless the source. Of course if the pics are kiddie porn that’s another story altogether, but you left out quite a few specifics.

Been there…

In reply to I found things on my bosses

Discovered porn on one of the Attorney’s systems while doing routine maintenance. The guidelines I worked under at the time dictated that I answer to the senior partner. I let him know what I found. That was the end of it.

Know Your Policy and Abide By It

In reply to Been there…

In reading most of the posts, I find that some people are just plain ignorant with their remarks. Some have accused and convicted Zlito of opening these files, but if you read in the initial post Zlito never opened a one—so quit your stupid condemnation of this tech! I have done file transfers and have seen suspicious files go by, too with bad names, but you don’t have the right to view these personal files. Therefore, you do not have any authority to accuse any one, either due to the fact you do not have hard evidence, only suspicion. Zlito was correct in not viewing these files, so give him/her a break!

It is also true, especially in the case of a president who takes his laptop home, he may not have put files on his laptop, but he is responsible to follow company policy and it is his laptop. If the policy states there is to be no porn, software that is not approved, etc. then there should also be a method in place to report it.

With the various companies you can work for, there may be a range from no policy to very strict policies. As an employee of the company, the tech is REQUIRED to abide by the company policy or it could possibly result in reprimand or dismissal.

The solution is to abide by the stated company policy and watch your back. If there is no policy, you have to protect yourself and report obvious Federal and State offenses in the manner they prescribe. When this happens and it involves a CEO or President, take my advice and find a new job as it will not be pretty! Even if you get thru all the legal stuff and keep your job, you will not be wanted by that reported individual.

I’m not even sure what the Fed and States require in reporting something like CP, but Zlito has not actually seen the evidence, only file names and this is not actual evidence a wrong was committed.

If I was in Zlito’s position, I would let the boss know that, although Zlito didn’t open any, there could be some files on his latop that violated the stated policy and he may want to check and delete them. If I felt the president would take legal action against me because he felt threatened, I might cover my back by reporting it to HR, letting them know the president was warned, and start the process rolling and then look for a new job. Even if the boss deleted his data, knowing he was not very computer savvy, it can be recovered for evidence in court, although it is relatively expensive.

Unless the tech had administrative rights and authority to examine possible contraband, I would never open up a user’s data without their permission and I wouldn’t try to copy it for legal purposes later—that’s where you will get in trouble for stealing personal data. If it was stored on a company share, that’s different.

Therefore, know your policy and abide by it and have your resume up to date unless you want to be someone with no backbone at all and not abide by policy. By reading this discussion, there are a lot of people like that out there who are very judgemental.

I think Zlito has some guts and did what was very hard to do if it followed his company policy, but will be able to sleep better at night because of it.

Do the right thing..

In reply to I found things on my bosses

If I found images that were clearly illegal, I’d turn the guy in. I’d rather do what’s right and get fired than do nothing at all. To ingnore them and take a “let someone else deal with it” attitude is a cop-out (imho).

If the images were simply offensive, and there was a company policy, I’d bring it to his attention. We used to scour our network for images and contraband and when we found some we would contact the user and inform them that “a scan of the network found images that are against company policy”. 9 times out of 10, the files were off the network in seconds! They ALWAYS knew exactly what you were referring to.

Umm…blackmail?

In reply to I found things on my bosses

Ok, blackmail wouldn’t be the moral or ethical thing…but if he’s aware that YOU’RE aware, there won’t be any RGE’s in the future for you.

Does he OWN the company?

Are the pictures REALLY illegal? (Morally,legally, ethically if the answer is yes, then you gotta turn him in.)

#1 thing to keep in mind is covering your own bottom. Will it look bad if someone else finds out, then finds out you KNEW and didn’t say anything?

If they’re NOT illegal and you really don’t want to rat the guy out, then do what I do:

Block sites/IP addresses/yada yada…restrict his access. When he asks why…

Gently remind him that “nothing you do on this machine is private…”

“Please stop getting those javascript viruses.”
“What javascript viruses?”
“Oh, I don’t think you want me to go into that. Please just stop…you’re making extra unnecessary work for the IT dept.”

“If someone else notices the JS viruses (bandwidth consumption/DNS queries to pr0n sites/etc, etc, etc) I may be asked by management to investigate. Neither one of us wants that hassle do we?”

I’ve used each and every one of those (and other lines) and they work like a CHARM. I don’t want to get the guy busted. I just want him to STOP surfing for porn on company time. It makes work for me.

Besides, if I busted everyone whom I found pr0n under their login, we’d have to fire 1/4th of the company including some VP’s and department Supervisors.

If it’s ILLEGAL though, I’m straight to the HR director’s office with my laptop and I show him over the network via the magic of the C$ share… And yep, I’ve had to do that too.

Two edge sword

In reply to I found things on my bosses

I was in a similiar situation not long ago where a top executive had porn all over his PC. So here is what I did, the first thing was too send an email from his PC to the Administrator telling them you need help on this PC, let them VNC or Remote Into the box telling them what you have found. Then if they run SurfControl or any type of Reporting software this person will get the real picture. They ended up finding more that they wanted and utilmately firing this person. Do the right thing it make your job easier later on when this person contuities to break company policy, he did sign an agreement from your company “Acceptable Internet Use Policy”?

Black and white decision

In reply to I found things on my bosses

If it is company – go by the stated company policy for this discovery. Note: THE STATED COMPANY ADMINISTRATIVE POLICY/PROCEDURE…nothing more and nothing less.

If it is personal, leave it up to his own conscience and a higher power. Believe you me, when you turn the problem over to a “higher power” it gets results. Does your company policy cover personal equipment? I doubt it–so don’t become the “private affairs lawmaker” at your company when it is a personal, private matter. Think what you might about this so-called “leader” in your heart and let a higher power deal with your bosses heart…and try not to smirk with the results.

OK simple answer

In reply to I found things on my bosses

Provided that there is no Kiddy Porn involved you do absolutely nothing. He/She is the Boss and has the ultimate authority to do as they please as they are not liable to follow company policy but to make it and this is a good example of “Do As I Say Not As I Do!” 😉

Incidentally do you have so little to do that you can watch the data transfer instead of leaving it alone and getting on with other jobs?

This should have been a simple job to do just connect both LT’s with a crossover cable and then send the required folders across once you have started this running you should be able to walk away and not pay any attention until the job is finished at which point all you need do is drop the new unit on the Bosses desk and walk away knowing nothing. 🙂

If you look you have to be prepared to be responsible for what you may find so it is easier not to look in the first place. What you have to also remember is that what you personally might find offensive can be humor to someone else no matter just how sick you personally consider it to be. 😀

Of course if there is any Kiddy porn involved you just have to report it to the proper authorities and do not wipe the HDD of the old LT just so that the chain of evidence remains unbroken. If you wipe the old HDD you could be held to blame for the images or whatever have ended up on the new LT as there is no evidence that they where on the old unit before you got it to work on. The old HDD has date stamps when each thing was added so if they existed long before you got your hands on it you can in no way be responsible for the contents of the drive but if you wipe the drive you can be blamed for adding the images in an attempt to get the Boss into trouble at the very least and in all likely hood will be fired as you have not protected yourself in any way.

There is a very old saying “The Boss is Always Right” so if it came down to a straight out bun fight you would be the sacrificial lamb lead to the slaughter. Might is always right no matter how wrong it appears to be. 🙁

Col ]:)

You heve too much time on your hand

In reply to I found things on my bosses

Let me get this straight, somebody who needs your services for which you get paid, and they trust you with their secrets, want to transfer files to the new machine he/she bought and you are thinking, should you turn him in? Unless it is murder, the only winners here will be the lawyers and nobody else. Everybody else will have a pocket drain and tomorrow it will be business as usual. Seems that you had too much time on your hand to be looking the file transfer as it goes. I do not have that luxury. Try to find something to do more productive as file transfer goes.

Illegal violation of privacy

In reply to I found things on my bosses

There was absolutely no reason for you to view -any- of the content of the files you were transferring. To do otherwise is an complete violation of ethical principles.

What your boss had as content on his computer is of no concern to you, unless you happen to be a law enforcement officer tasked with searching all computers you encounter for possible controversial or illegal content.

“Watching files go by” is first a watch of only the file names, not content, unless you are intentionally snooping. A file copy process does not show the contents of the file.

If you “did not dig into the files because I do like to bother other peoples info” then you would not known of the content. File names have many times no relationship to content. Unless you -do- dig into the files you have no idea what they contain.

Digging into the files takes a bit more effort than transferring them.

Quite simply you were an unconscionable spy on your boss’s data. You violated his right to privacy to the ultimate. Asking you to transfer files implies, unless your boss is a complete moron, that you have been trusted to do so without concern for content.

Regardless of the file contents you violated that trust.

If I allow you into my house to move my belongings to another location does that give you the permission to read any and all papers and access any other informational material within the house?

You are nothing more than a thief yourself. You stole his information for your own purposes, be they nefarious or simply a ‘check everybody that they do no wrong’. The wrong being what -you- define as wrong.

There was no reason to view any of the file contents in order to transfer them. I have over 37 years experience in all phases of computer technology and I have never had to view the contents of a file when moving it unless necessary to, if possible, correct a transfer error.

I have no knowledge, nor do I wish to have, what information you ‘found’. Unless you are tasked with finding such you far exceeded your ethical boundaries.

make up your mind

In reply to I found things on my bosses

you say that “I do like to bother other peoples info”

is this a typo or do you actually LIKE BOTHERING other people’s information?

If it is just a typo (my guess) then pick a policy and stick with it. If you don’t like messing with your user’s data then stick to that motto and stop wasting our time with you wishy washiness.

Good one :)

In reply to make up your mind

Ah men too many moraliste in this world and not enough police to enforce the real abuse 🙂

Get the state out of my bedroom and get the beliver in the Church well they could pray for my soul.

If this is CP yes act on it and move on. If this is Paris Hilton distributing her porn well don’t watch it. If this is Compagny property and he own the compagny you have to leave as you are obviously against any kind of luxure.

I when to the middle east and for a country that condone pornography and alchool there is plenty available so again the moralist freak are the worst behind close door.

Were there is no commensens there is none.

Have a nice day.

Strange Fruit

In reply to I found things on my bosses

You say that you didn’t “dig” into the files. If you didn’t “dig”, then how do you know what they were? How do you know that they were not files left over in the ie cache from a legitimately subscribed service? Additionally, if you didn’t “dig”, then how do you know what they were, unless you recognized the filenames. If you recognized the filenames, then you have seen these pictures and mpg’s before. Tell us. How exactly did you gain that experience? Is it possible that you have done the same that you are accusing your boss of doing? If you turn him in, then turn yourself in too, while you’re at it.

You “think” you “have something on the boss” that could give you some sort of moral leverage in your own mind or in your job. Or, since you’re asking us what you should do, you’re looking for some “outside” support in making some decision that could affect you adversely for the REST OF YOUR LIFE, not to mention ruining someone elses life. You have absolutely no right to even make any moral assumptions about him, his character. Your job was to move files. And, since you are a service provider, there is such a thing as privelege. There are certain rights to privacy that are afforded you and your client (your boss). Such rights are even more acute than for everybody else. If you turn him in, you’re relinquishing those rights. And when you do, every computer in the business, your home, your bosses home and at least everybody’s home who could have had access to your bosses laptop. And, it’s not gonna stop there! The spotlight is going to be on YOUR FIRST!

Call in an air strike on your own position and so obliterate the enemy because we have seen the enemy and the enemy is us.

Your moral responsibility is to do your job, keep your nose out of other people’s business and keep your mouth shut. Go home and hug your family and thank the lord that you decided to ask for advice as opposed to executing a knee jerk reaction and call the authorities. I’ve seen this kind of think play out and it’s not pretty. It ruined about 5 families and a thriving business. Gave teh FBI about $ 60,000 worth of computer equipment and software that the didn’t return. It made the lawyers and the legal system a ton of money. …Gave the news people thier “pound of flesh” to roast in the media…It gave the villiagers with their pitchforks and torches a feeling that the monsters were yet again rooted out and lynched. And the FBI someone to arrest and hold in jail without bound. Do you really don’t need such “strange fruit” hanging from YOUR trees when you’re not exactly sure, since you didn’t dig – as you claim? Time passes, but the stench lingers there FOREVER!

Possible Virus

In reply to I found things on my bosses

I checked all your posts and couldn’t establish whether you
simply saw the names of the files while they were transferring,
or if you opened them up to look (a whole new ethical area). If
they were simply file names, there is a possibility that they were
put there by a virus.
I don’t know how effective your anti-virus system is, but I know
I’ve checked a staff members PC before and found literally
hundreds of “Britney Spears does gross things to ducks.mpg”
files that after destroying the main virus were picked up
themselves as viruses. Perhaps your boss just has a badly
infected computer.

the price of ignorance

In reply to I found things on my bosses

The question of illegal files is determined by
unanimous decision.

What is and is not cp or copyrighted material
would probably suprise you. How these thing can
get on a disk probably shouldn’t.

The question of slander, private property,
trespass and
how much a man career and reputation is worth —
decided by
simple majority.

Be EXTREMELY Carefull here!!

In reply to I found things on my bosses

You must be extremely careful here, consider all that could occur.

If you?ve seen contraband pictures/videos you must be extremely careful. First, if these are of minors, underage children, you have a legal responsibility to report it; IF YOU?VE SEEN IT! I emphasize here because an old adage comes into play from my Military days when I would occasionally observe infractions (fighting for instance) that, if I were to ?SEE IT? , I must act. I may however ?observe? something and not ?SEE IT?. You are in this position if there is no child pornography involved.

If you have not seen it (contraband, such as child pornography), I would stop NOW and return the laptop. Be discrete; indicate why without going into any detail at all; refuse to proceed.

Be aware that either of these choices may very well cost you your job. However, reporting the issue (if applicable) at least gives you a legal position to fall back on.

If you were to use your knowledge of what is on the computer to retain your position you may well be guilty of blackmail. Charges have been filed secussfully in the past.

A third alternative is to destroy the hard disk ?by accident?. However, depending on the content, you may well be contributing to the infraction.

I can go no further; this is all that can safely be said. Just be aware that you are in a precarious position that can easily lead to serious legal problems.

Is it illegal or not?

In reply to I found things on my bosses

Unless this is a hidden sociology survey like a lot of these immature help me post appear. You have already blown it by not using an anonymous userid for the post.
It would not be very hard for me to discover who this person is you a maligning and blow the whistle for you. Is that what you are hoping?
Well, never fear I won?t but others may. Courage is courage you never know if you have it until you are dodging the bullets.
Good Luck growing?

Politics of the problem.

In reply to I found things on my bosses

First is it his laptop or the companys, if it his the answer is simple child porn you report to police “anomously”, If not let it go this time and then push for policies and procedures to solve this problem next time through your legal and HR Departments, we only learn from mistakes and problems.

Delete Key

In reply to I found things on my bosses

During my years as a Network Manager, I learned that when I ran across these types of files on a “company” computer. I just deleted the files and went on about my business. I only remember one person asking what happened to his private pictures he had on the PC, I told him they were against company policy, but I’d be glad to go to his department manager about un-deleting his picture files for him. As you can guess, he declined the opportunity. You would be suprised how clean the other computers in his department were after this and I had no other problems out of his department.
I have deleted files on the Company CIO’s PC down to the pc’s in the sanatation department without any problems and no one even wanting to discuss them. I was lucky in that we had a well posted computer usage policy on what was appropriate and expected by the user’s. I know this can be a tough situation to be in, but the important thing is to be consistent and make sure that everyone is familiar with the Company Computer Usage policy.

Re: I found things on my bosses

In reply to I found things on my bosses

Is it a case that you have proof they are stolen? Could it he have purchase it? Also do you company have strict it policies?, if you do and it can be proven that it is stolen info then let him know the consequences if seen with such type of files/act. Is it that it turned your stomach on a morality issues?, if it is dont impose your belief/moral on anyone. Is the machine company or personal property? Deep down i think you will know what to do. Just be tactful.

Who are the exceptions to the rules?

In reply to I found things on my bosses

Aside from issues of legality, you need to find out who the exceptions are to the electronic resource policy before you burn your boss. If he’s in the “exceptions” group all you’ve done is sink your own career. Ask around – use your network to find out if the rules really do apply to everyone. Then, you should be able to tell if he’s in the group to which the rules don’t apply -and there’s almost always an “untouchable” group, even if it’s just the CEO.

Thing two – You didn’t say whether it was stolen copyrighted material, or pornography, or what. Depending on how bad the material was may also help you in knowing whether you should pursue it. Is it bad enough to risk your job? If it is – do the right thing! The right thing may be to contact the proper authorities.

I’d mind my own business, who cares?

In reply to I found things on my bosses

The title sums it up: I’ve seen all sorts of crap on people’s computers – you name it, I’ve seen it.
I don’t bite the hand that feeds me. I’m paid to make computers work, not to moralize about people’s tastes or to be a stool pidgeon to the authorities, who are just as corrupt as the people they prosecute.

Beware of the Law:

In reply to I found things on my bosses

Depending on your job responsibilities and company policy you could be at risk, especially if there is a sexual harassment policy in your company. I can speak from experience in this area, and you better be a good documenter to cover your ass. Policies differ from company to company but the law is the same for everyone. I would check your local laws which govern your work place to see what you are responsible for. My current company had no porn policy when I got here, they do now, and it coincides with their sexual harassment policy. One of the reasons they dumped the last Admin is he spent to much time in the server room browsing porn. I sent a clear message to my end-users about porn. There is no place for it in this workplace, and when I do find end-users abusing the policy they get a policy lockdown on their desktop. I have had to do that to only 1 user so far.

Simplest way out

In reply to Beware of the Law:

Hi having read all the experts views _ I reckon the simplest way out do a search for all *.xls mdb and doc files ie MS office or the equivelent on the machine transfer them, then “Format C:” if anything said claim the hard drives crashed as you were transfering – president won’t be happy but can hardly blame you for hardware failure – if he wants nasty pictures on his machine he’ll have to load them himself…..

Are you a cop or hired to be one

In reply to I found things on my bosses

Hmmm, the boss requested you to transfer his data, and as an IT pro, you do so, he’the boss. If you are there to also monitor morality, then do so, otherwise do not get involved. Some of this info is confidential and private so respect that. Snitching is mediocre behaviour and will eventually damage the trust peopl have in you, and also make you an impopular snoop and damage whatever career you plan to make. As an IT-pro you have accesss to all sorts of info stored on computers/servers, it may be confidential or not, and what ever it is, for the outside world it’s confidential, so if you leak on what’s on so and so’s computer you ignore the confidentiallity rule, and cannot be trusted by your colleagues at first, and later on by the rest of th co-workers. Be smart and just do what is requested, keep it to yourself untill asked by the highest in rank to spill the beans, however, if you spill, you’re on a tight rope. Just remember that. You can however tell the guy who’s computer it is that you disagree with whats on the PC and let him dicide if he’s going to trash it or keep it, it’s his job and don’t turn it it into a double whammy!

Glass Houses and Stones

In reply to I found things on my bosses

This is reply # two hundred and umpty-umpt to your original question.
I think that you need to consider something else, before sending your little love-note to Big Brother.
“He who lives in a glass house, shouldn’t throw stones.”
Might want to consider that, and check your own stuff for illegal material. Ever copied a CD of music from a friend? Ever rented a videotape and made a copy? Have you PAID for everything that you own that should really have been paid for?

If you send that letter, YOU will ALSO be investigated, to confirm whether you are a reliable informant. If you aren’t squeaky clean, then don’t send it. Handcuffs can hurt. But Bubba hurts worse.

I resigned my position

In reply to I found things on my bosses

At this company! I was told that what ever the CEO wants is ok and what he keeps on his personal computer is his Property and what you see is company property. I had a family member who is a Lawyer and she suggestd leaving the company with out going to court. Because the CEO has more money in Lawyers then I could bring in. And I do not know why he could know what I posted here. I do not use my ID here as I use there.

Thats fine provided you had another better paying

In reply to I resigned my position

Job to go to. If not you have only cut off your nose to despite your face!

In IT you are going to see things stored on computers that you will find offensive but provided that there are no obvious laws broken you just have to live with it of find a job doing something completely different.

My Pet Peeve is the Old Folks Home where I do some volunteer work all the inmates attempting to show me the newest porn sites that they have found and the women giving me not only a look see but sound effects as well. 😀

Col ]:)

Lighten Up

In reply to I found things on my bosses

Don’t be so self rightous. Lighten up. If he is really doing something Illegal, it’s none of your buisness ! He will eventually “hang himself” !
Do what you are hired for, migrate the data. That’s all. It’s not your concern, are you his Wife or Mother ? If not, stay out of his business.

If ift’s illegal

In reply to Lighten Up

You have an obligation to report it.

Several problems here

In reply to If ift’s illegal

Firstly as the data is already migrated and I suppose the original HDD either has been wiped or overwritten you would be leaving yourself open to a claim that you placed it there for some reason best known to yourself.

If it is just copyrighted material I wouldn’t bother as I’m not actually paid to look at data while it is being transfered, even hard core porn doesn’t worry me overly but if it was Kiddy Porn totally different story and I would at the very least keep the original HDD to preserve the chain of evidence.

But if it is just pictures of naked children I for one wouldn’t bother as they could be special photos of his kids/grandkids or whatever. I can still remember a case here where a chemist was charged with Child Pornography because he had a picture of his daughter {according to the complainant} naked and sitting on the floor. The child was actually a boy and just at the stage where he could sit up but other then the fact that there was no nappy on the child you could see nothing hence the mistaken identity of the child by the person who made the complaint.

It was a mess that eventually resulted in him selling the business and leaving the state just to get away from the stench of the allegations leveled against him.

This is an area where it is always better to step on the side of caution unless it is already known that the Boss is the only one with access to the computer and the images are down right wrong otherwise forget you ever saw the things! 🙂

Col ]:)

sss

In reply to I found things on my bosses

sssssssssssssss

It’s Illigal!

In reply to I found things on my bosses

The viewing of inappropriate or illegal images in the workplace can lead to criminal and civil claims, not only against the company but also it’s directors and the managers they appoint if negligence is found. Organisations have a responsibility to protect there staff from harassment in the workplace. Most companies will have some type in gateway filtering in place but this only solves part of the problem, images can be introduced via USB ports, memory sticks, CD’s, DVD’s etc… if an image is imbedded in a work doc or PowerPoint it will get through your gateway. My company specialize in protecting organisations and there staff from illicit image abuse by monitoring in real time at the desk-top, if you have a concern about potentially damaging images on your network drop me a line

Forget it!

In reply to I found things on my bosses

The title says it all… Forget what you saw. Do you like your job? Is the stuff about making bombs? Does it exploit children? If not, leave it alone.

[Author]

Replies