Join or sign in Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use FacebookUse Linkedin

Misuse of Technology

Locked

I’m in a bit of a curious situation. THey’re really cracking down on misuse of computers (though I fail to see how surfing the web for an hour is any different than, say, a one hour personal phone call or visiting the office of another employee for an hour about personal matters).

Today I got an email from the next level up IT saying their system detected a PC on a remote project (connects via a VPN router hooked to local ISP) running Limewire and to remove it.

Well, I logged onto the PC remotely and looked and there’s nothing on there that’s not supposed to be. I looked at the program files directory, where Limewire installs by default, and the “modified date” on the directory was a few months old (the modified date coincides with the date I installed some other software on the machine), so I don’t think anything’s been removed recently. I also checked the registry and history, cookies, etc. and found absolutely nothing unusual.

I even checked two other machines using the same router, even though they had different IP addresses, and there was nothing there either.

The only thing that was “unusual” was the fact that the times they showed me on the log for the “IDS sensor” (apparently what they use to monitor packets) showed the illicit activity at 4:00 yesterday, yet our server’s logs showed the user logged off at 3:24 yesterday and didn’t log back on until 7:06 this morning.

These are XP pro systems, and are locked down, meaning that admins are the only ones who can install anything or change any major settings, and authenticate to the domain, so I am at a loss. This happenned once before at this site, everything the same except all of the PCs have been replaced since then, and THAT time they claimed it must’ve been hackers (???)

But that’s not what this is about. This is about the fact that their monitoring software is obviously wrong, and since it is wrong now, it has probably been wrong before. And this software’s reports have been used to discipline employees… anywhere from several day’s pay to several weeks!

I have absolutely no doubt that many employees have been unjustly disciplined, losing hundreds or thousands of dollars of pay in the process, and that bothers me big-time. But I have no proof, and if I raise a stink, I will become a target…. damned political hacks!

Topic

sounds like you need a lawyer

In reply to Misuse of Technology

Maybe he can get some of the money back for them
It would take a real slick tech to track it down
and find the real definition of their data
instead of jumping the gun.

Reply To: Misuse of Technology

In reply to sounds like you need a lawyer

They don’t like it when they’re made to look wrong, and if they are, they have subtle ways of getting even.

Misconception about XP Admin and Installing Apps

In reply to Misuse of Technology

It’s quite easy to install selected applications on an XP Pro box without Admin rights. As long as the install process doesn’t modify the registry outside of HKCU, make changes to the Windows directory, or alter a few other critical files, you can install apps all day long. If the user can log on, there’s a long list of undesirable apps he can install without Admin or Power User privs. I’m not familiar LimeWire, but it may fall into this category. WeatherBug and WebShots certainly do.

I just wanted to point out that you can install some apps without advanced privs. This has nothing to do with your monitoring problem. Any company that is taking personnel actions based on a monitoring log and a remote access check probably needs to beef up the Legal department.

Not computer nerds

In reply to Misconception about XP Admin and Installing Apps

Limewire does require admin priveleges and will tell you that if you try to install it with less than that. I’ve heard that it’s possible to set some of these programs up to run completely off of a CD rom, but it requires a bit of technical expertise. These guys are highway construction employees, not computer nerds (They forget their passwords on long weekends!). They log on and use three or four applications, CMS (Mainframe project management app), Web based email and weather radars (intranet), and Word and Excel. The internet logs show some surfing during lunch hour, but nothing that indicates going to a site and downloading anything.

I tried to find a way to politely voice my concerns to someone higher up but was given a direct order by my supervisor not to. Instead I told them of my findings and offered my assistence in case they wanted to examine the problem further. I then forwarded all of the correspondence to my union steward, since my supervisor can’t tell her not to raise concerns!

There is a difference

In reply to Misuse of Technology

“though I fail to see how surfing the web for an hour is any different”
The difference is when you have multiple people surfing the internet on their own time, it is taking away bandwidth from the remaining users who are trying to work.

I’m a Tech that works in a building with 1500+ users. Between the hours of 11:00 and 2:00 there may be several hundred users on their lunch break at any one time.
The employee may be on “Their” time but the computer is a tool supplied by the company, the use of which affects others.
When Joe Blow is talking with a coworker it does not affect any one else. However, when he starts to download audio/video or or other items it starts to affect everyone on the network.

I would rather the users do their surfing throughout the day instead of confining it to their break times. This helps to smooth out the peak useage.

However, it sounds like you have bigger problems to deal with than congestion if they are trying to dock peoples pay.

Reply To: Misuse of Technology

In reply to There is a difference

They aren’t “trying” do doc people’s pay, they ARE docking people’s pay. Anywhere from a day to in one case several months (the “average” is 10 to 15 days).

We don’t have any bandwidth problems (at least for now). There is no technical reasoning behind their policy, only business reasoning (and if you ask me this fails on both reasonings). If you’re on the clock, including paid breaks, it supposed to be “work related only”. That much makes perfect sense, but THENt they make a specific exception for streaming audio (net radio). Lunch and before/after work are not paid, so surfing is allowed with some restrictions (blocked sites, porn, file sharing software, illegal activity, etc.)

A particular website might be both illegal and legal, depending on who goes to it and when and why (for example, I can look up prices for USB cables for use here at work and I’d be OK, but someone else looking at the same site (during work hours) for USB cables for home use should be technically in violation). But what’s bad is the way they monitor. They set a trigger of 3 hours total browser time in a month and anybody over that gets scrutinized more closely (a detailed activity report). What you end up with is the guy who went three hours and ten minutes with two and a half hours being work related and forty minutes being personal use getting disciplined for the forty minutes, but the guy who does two and a half hours of personal surfing, all of it during work time, not even showing up on their radar. Even worse, the person who monitors this plays favorites, somehow excluding his buddies from even being monitored at all, and nobody is checking him!

I have even seen the monitoring software be wrong. My supervisor sent me an email to check a certain computer because the monitoring software had reported LimeWire packets coming from the IP address. I checked and nothing was there, nor had anything ever been there (directory update timestamps, nobody logged into the computer at the alleged time, etc). Another report showed a user going to the same several websites at the exact same time on 4 consecutive days, each “hit” the same… to the second! And to top it all off, he was off on vacation for the last three of those days! It really scares me that they are depending on this crap to discipline people. Upper management just accepts the reports “because the computer said so, it can’t possibly be wrong”.

Frankly, I think it should be up to the person’s direct supervisor to decide what and when is acceptable, as he is the one responsible for the work output of those under him. If someone is getting all their assigned tasks done, it shouldn’t matter to IT what they’re doing, as long as it’s not causing technical problems.

Sometimes I think the tail (IT) is wagging the company dog. For some it’s a power trip I guess. The sad thing is that I suspect many IT managers know about this or similar stuff that is going on, but don’t want to rock the boat.

you should have…

In reply to Misuse of Technology

dear friend,
you should have strong security policies. misusing a technology will always happen, for example mobile phones, memory sticks..etc. employees should aware of security policies and they should know the results of their works.. communicate with them always

[Author]

Replies