IT Employment

General discussion


I found things on my bosses

By zlitocook ·
Laptop that turned my stomach. He had pictures, movies and other things that a company President should not even let others know he looks at. The way I found out about them was because he bought a new laptop and I had to migrate the data to it. It is a boring process, you just watch the files go by. That was when I saw alot of jpg, pic, mpg and other things going by.
A question to all if you see things you should not know about should you tell your boss?
I ask because there was things that were Illegal
to have like pictures of people and mpgs from actors. I did not dig into the files because I do like to bother other peoples info.
This could really hurt this guy and his company. I do not want that but if he steals others things and pictures what do I do?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Added task of moral gatekeeper

by dbeast In reply to I found things on my boss ...

There's alot of gray area in this whole issue, and much of it should fall under the umbrella of company policy (though it's usually more a case of "lack of policy"). The two guiding elements in end-users' behaviour is either they truly don't see their actions as illegal (or as "all that serious" - doesn't "everybody" do it?) or they don't believe they can or will be caught. Company laptops are an even grayer case as, due to the mobility and availability of these laptops to the user at all places and times, they are inadvertantly used as much for private, personal purposes as for work related issues. The three fields to juggle are: 1) What is downloaded over the company network and company time? 2) What is downloaded over the user's private, home network on private time? 3) What is left on the computer when it is on the company network?
In addition to the illegal character of actions, further implications are the repercussions this could have on the integrity of the company, exposing the company network to Spyware, Malware, Worms etc... (and many download sites are THE source for these hazzards). My company pretty much allows me a free hand to deal with these problems as I see fit - as long as there is proper documentation and a reasonable process of escalation. How far you can go and what you can threaten or do depends on where you stand in your company though... In general, I first try a general approach, claiming that I've noticed illegal downloads over the company network (or access to various sites or IPs on the firewall logs). I will openly announce that some of (or one of) the company computers contain illegal files, apps, downloads, etc, or that users' private downloads at home are exposing the company network to various possible hazzards... This usually results in two things: 1) The CEO immediately wants to know specific details of who and what 2) The culprit usually gets the hint and either stops or finds a way of covering his tracks (which I usually find out and then threaten to take action). I have found that people are usually more receptive when you make it clear that aside from being illegal, there would also be much personal embarassment if more details were known.
The fact that you refer to illegal actions could definitely (and ultimately should) be reported, but as I've encountered many individuals who really don't fully understand the implications of their actions, I try give a second chance. Miss that second chance and then I get nasty. Furthermore I undertake to occasionally post news articles relating to public cases of similar issues where all can see as a reminder. Every new employee who has access to the internet or gets a laptop first hears my rules, and I occasionally hold company enrichments which at face value emphasize network integrity and security issues for the end user, but also plant in everyons mind the feeling that I am aware of every single keystroke taken on any of the company computers...
The fact that it's the CEO is sensitive, but if you have a good enough line of communication with him (He did ask you to migrate his computer, knowing that you would likely have access to his soul...) you might find a way to convey that he "seems" to have on his laptop material which is best not to have for obvious reasons. Suggest that if he intends to continue, it might be advisable to keep it to his own personal private home computer and network only.
The loyalty dilema is complicated - You want to protect your place of work, you don't want to confront or offend your CEO and you don't want to be an accessory to criminal actions. In the case of extreme criminal action or beyond, I'd report it immediately, but try protect myself at the same time. On minor issues I think that being able to show that actions were taken to prevent the crime from being repeated is highly commendable, especially if these actions are successful. I feel that minor first time offences can go unreported to the authorities if I cn show that my actions were fruitful and at the same time allowed the perpetrator to save face without implicating or endangering the company.

Collapse -

he has since left the company...

by UncleRob In reply to Added task of moral gatek ...

this post's originator has left the company (he mentions in a post halfway down the list) and he also mentions having backup copies of this material in his possession. This was wrong & illegal, he should have dropped off this "backup" material with the HR dept and informed them of what he found if his intentions were genuine. Since he has kept this material, I can only assume that it's for his own use which makes me questions his ethics & morality. You are correct, this is a very grey area and if you are given the additional responsibility of performing these types of tasks wherein you have to directly examine the contents of files on someone else's computer, you can have it. I'll take no part of it. When I'm ask to setup equipment for a user, manager, boss, etc, I perform the said tasks without having to examine the contents of each individual file. I make sure the equipment has all the required sofware installed including all required security & critical updates, service packs, up to date virus & spyware def's, etc. If a spyware or virus scan returned results I would ensure that any viruses & spyware were quarantined & removed before giving the equipment to the intended user. This doesn't require me to check out & view any of the movies of photo files saved by this user to open & read any documents or spreadsheets. Never had to, never will. If you have an internet content filter in place to restrict internet access to p2p filesharing resources and questionable internet sites, that's half the battle. If you have a spam filter, internet access monitoring and email scanning solution in place that another piece of the puzzle. Let the HR dept deal with implementing and enforcing company policy, that's what an HR dept is for.

Collapse -

Testify !!!

by Shellbot In reply to he has since left the com ...

yer the man ! I think you've summed it up. Why on EARTH would anyone make a copy and keep it..especially when one is leaving the company ? Smells like mutated goldfish to me people.

Collapse -

Dump the porn

by Overcharge In reply to he has since left the com ...

They can only do it if they have knowledge of it. Sorry, but dropping a dime on a VP becomes he said, she said. Who besides him has access to the computer---YOU. Just wipe it and press on. You might tell him about external drives, however.

The usual reason we get involved is the gripe that the computer is s-l-o-w...and we find three copies of "Debbie does Dallas" and its kindred, with 30M of space left out of an 80G.

Had one exec who went to do a speech, and tried to load his PowerPoint presentation to his HD. His kid had 60G of Uberdownloads on his drive. Didn't quite make it. Good music, though.

Collapse -

Be Careful...

by dale.zjc In reply to I found things on my boss ...

If the boss in question is a principle of the company, he's under no moral obligation whatsoever to meet someone else's moral standards with company assets he owns! Even if you run across illegal (pirated?) software, I'd tread very carefully and approach it from more of a "I'm just letting you know what I found..." kind of approach.

Chances are if he/she is knowingly downloading illegal software, the last thing he wants to deal with is someone playing moral policeman.

Collapse -

Technician Not a Policeman

by smithwaa In reply to I found things on my boss ...

If the boss has illegal downloads, that's on his head. One function of your job as a paid employee is to look out for the companies interest. Turning in a corporate executive to the prpoer authorities is not looking out for the companies interest. If you feel compelled to, make the executive aware of what you found in the course of your normal duties and put the ball in his court as to what to do about it. However, be aware that this information is very politically sensitive material and there may be repercussions in regards to your career. It sounds like your boss has questionable morals to begin with so I would weigh very carefully how I would proceed. It's a credit to your character that you want to do the right thing but it's not a very noble feeling to be right and unemployeed.

Collapse -

take 'em out

by mipsv In reply to Technician Not a Policema ...

OK, make a ghost backup for your CYA protection first. Its called backstabbing and its how the "corporate world" works. Do you really think he would help you if the tables got reversed? nope.
Don't you think he "asked" YOU to do this dirty work for a reason? He doesnt have the right to make you break the law or make you uncomfortable at work. ****, you can already sue the company for pain and suffering (you are confused enough to post here, after all).
If you have HR tell them on a day your boss is out of the office. Call a lawyer first (its free at first - anyway). Tell the lawyer that you have a backup copy (and be sure you do).
The other advice is crap... though well meaning since nobody wants you to be the victum though you already are.

Proceed in this order:
backup copy -> lawyer -> HR (or another - pref. (older) female manager)

Collapse -

Where do you stand now?

by dj413 In reply to I found things on my boss ...

Let's see if I have this correct. You worked for this company, saw files that you found offensive, backed these up to disk, left the company, and now wonder what to do?

First, get rid of the in totally destroy. They are NOT your property and the fact that you have them makes you a thief!

Second, who in this field has not seen these files? I agree that unless they are child porn, let it go. I'm only paid to keep the network running and handle issues with that, not to police what people see/do.

Third, send the files to the Feds?? And tell them what? You have no proof that those files will even be there on the laptop anymore, but you still have the disk. Ever hear of a disgruntled ex-employee?

I guess your only option at this point is to let this issue is now some other IT persons problem since you don't work there anymore.

Collapse -

Need more info to judge

by NetworkGuy55 In reply to I found things on my boss ...

Zito, you didn't say if he was the president of a large company (and thus answerable to a Board of Directors) or whether he was "Bill" of "Bill's Sales"

If a large company, I do not envy the position of being caught between the corporation that sets policy and the person who could squash your career like a bug. Avoid that political battle, even if it comes to a necessity of changing jobs. Better to leave on your own terms than get caught up in a no-win situation--if you report him or don't report him, you are opening yourself to being pink-slipped either way.

On the other hand, if he's "Bill" he *is* the policymaker. It is not your job to determine policy. It is your professional duty to recommend sound policy, but setting it is not your prerogative. In this situation, even if his computer contents violate policy, it's his policy to break if he chooses.

You state some of the contents were illegal. My actions would depend on whether they were criminal (as in kiddie porn) or civil in nature (as in P2P music sharing). If the content is criminal, you must report it to the authorities, or be considered an accomplice. If it is a lesser variety of illegal, you may be well advised to, as someone recommended earlier, develop amnesia.

Collapse -


by rdursch In reply to Need more info to judge

I have read all 125 (at the time) posts for this article. I am not throwing my .02cents into the arguement. I just wanted to comment...

There have been sound pieces of advice, for and against persuing the issue, as well as some down right nasty comments. I guess the issue boils down to what you think is right for yourself. Not the company or the "boss". The company nor the boss will watch out for you. You have to do it yourself. You have to accept the consequences of whatever you decide. Weigh your decission carefully, then stick to it without second guessing yourself.

To all of the posters thank you for opening my eyes to the different view points. If I am ever put into a situation such as this, I will remember your thoughts and suggestions.

Related Discussions

Related Forums