techrecovery | Ethics

docskurlock.livejournal.com posting in

Ok, so the other day, the owner of the company asks me to put some software on the server (his words) that would allow him to view what everyone in the company was doing. He claimed that he paid 900 bucks for some software that my predecessor had used, and it showed every page on every system every 5 seconds. He wanted to view websites, passwords, you name it.

My question to all of you is this:
Would you do this and why?

Would you have a problem if you were forced to do this?

Don't get me wrong, I know he's the big boss and he can probably find out more information about somenone, but wanting to see their passwords on their bank accounts or what have you, I mean, that's stretching it, in my opinion.

Current Mood: worried
Current Music: sweet blessed silence

Page 1 of 3 << [1] [2] [3] >>

Threaded | Top-Level Comments Only

From:

usekh.livejournal.com

Depends on your work IT policy. Does it allow for using it for personal reasons?

From:

docskurlock.livejournal.com

Most people spend a fairly large amount of time on the internet, mainly doing price research from other auction companies and other auction sites. It's not hard to browse to your bank account, check if something went through and then keep going. He wants to be able to view ALL data, and that bothers me.

From:

docskurlock.livejournal.com

In response, we have no official policy and since I'm the one that makes said policy, well....

Personally, I don't mind if they hit up their bank account, email, or what have you. As long as they aren't downloading viruses or porn, there is no issue.

From:

usekh.livejournal.com

Not quite my question though. If IT policy forbids you using it for personal reasons such as banking etc then I would say fair enough if he puts in something like that.

It becomes more of an ethical issue however if it does allow you to bank etc.

Also do the end users know he is putting this in?

From: (Anonymous)

Is there any evidence that the software was ever used before?

Or maybe the last person had to leave because they refused to install the software?

Or just maybe your boss said that so you wouldn't think too hard about the effects of installing it?

From:

docskurlock.livejournal.com

No, I've not seen any evidence of this prior software. The only thing I've found is ethereal, which is not exactly what he's referring to.

The last person left for other reasons, and they did not deal with the IT field.

Doubtful he said it to give me a reason.

From:

docskurlock.livejournal.com

Like I said, I write the policy and there is no policy against it.

No, they do not and that is what bothers me.

From:

thalionar.livejournal.com

There is no reason he should be able to see people's passwords. If he can see pages, he can have proof of what is being viewed, *without* having access to their bank accounts.

Really. At the point you have access to someone's bank account (or personal email or whatever), you've gone to far, especially if the point is to see if someone is using the machine for unauthorized purposes, just knowing what pages they're going to should be sufficient.

From:

usekh.livejournal.com

If there is no policy against using it for personal reasons AND they don't know. Yeah I would say it is unethical

From:

docskurlock.livejournal.com

What would you recommend?

From:

docskurlock.livejournal.com

I agree. It's fine if he wants to make sure that people are working, but he wants access to everything and that really bothers me.

From:

jcaswell.livejournal.com

We run a program called NetOp, but we're a school, and monitoring what the ~~bastards~~ little darlings are getting up to is unfortunately quite important - and often quite amusing :) We don't monitor anything the staff do though, and I think I'd have a bit of a problem with doing that :\

From:

docskurlock.livejournal.com

Right. If it was just knowing what they're doing and not trying to access their passwords and what have you, I wouldn't have a problem. It's that he wants ALL of their information (which might even include mine) and that really bothers me.

From:

jcaswell.livejournal.com

Yeah, the passwords thing is very very dodgy :\

From:

docskurlock.livejournal.com

Yeah, like your icon btw, where'd you get it?

From:

jecook

I occasionally get called upon by mid level management (site supervisors) and the HR department here to do some "checking" on sites.

Why is the big boss wanting to se this information? to make sure his employees are not slacking off?

As far as capturing passwords, that's a large red flag in my book. why would he need the password to his employee's bank accounts? For payroll, a perfectly legit means exists to put money in. removing it is theft in my book.

I have a problem personally with web monitoring software. However, I trust my users to not screw the machines up.

Plus, if I really wanted to censor content, I'd be putting in a content filter at the internet gateway before I toss anything intrusive on the machines. a gateway filtering machine is a better way of performing filtering anyhow.

From:

jcaswell.livejournal.com

Um, it was originally from a create your own South Park character site, but then a friend of mine animated it for me when I wasn't looking :)

From:

dazzedelf.livejournal.com

Get the order in writing. Have him put in writing the program he wants installed and the level of access he wants it to give him to be able to see what comes up. That way if he gets sued for the HR admin's credit card to buy porn on ebay he can't blame you for giving him to much access. If you are concerned with the ethics and the privacy violations, I would say something to HR.

From:

kalidor.livejournal.com

If it does not say they are being monitored in the policy, I would point that out. Then if he does want to continue, inform him that you have to draft a new Proper Computer usage policy, send it to all workers, and have them sign it, before you can do teh install ...

From:

docskurlock.livejournal.com

There is no HR. There's maybe 20 employees total. If he made me do this, I'd most definitely have it in writing and I'd probably ask that everyone be told about it. I don't like shady dealings like that.

From:

docskurlock.livejournal.com

Yeah, absolutely.

From:

docskurlock.livejournal.com

cool!

From:

docskurlock.livejournal.com

I completely and totally agree with you. I don't know why he wants the passwords to whatever, but I don't know if I can trust him, or anyone with that information. What if someone else finds the program running and uses the information? That is not something I want to deal with.

From:

redqueenmeg.livejournal.com

Ethically, I'd do a new policy that the users have to sign saying they know they'll be monitored.

As was pointed out by my law prof to me, though...

even if the company says they absolutely WILL NOT monitor your Internet activity, and they do anyway, (basically, if they flat-out lie), the law is STILL on the company's side right now, at least in the US.

The company's right to protect itself from legal action based on your Internet activity is considered to totally trumpt your right to privacy.

Just FYI.

From:

redqueenmeg.livejournal.com

*trump. Doh.

Page 1 of 3 << [1] [2] [3] >>

Threaded | Top-Level Comments Only

Profile

Elitist Computer Nerd Posse

Tech Comedy (Reddit)

April 2017

S	M	T	W	T	F	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Page Summary

Style Credit

Style: by timeasmymeasure

Expand Cut Tags

No cut tags

Page generated Mar. 19th, 2026 11:20 pm

Tech Support HELL

A Lesson in the Hatred of Humanity

Ethics

Ethics

no subject

no subject

no subject

no subject

A better question...

Re: A better question...

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

CYA

no subject

Re: CYA

no subject

no subject

no subject

no subject

no subject

Profile

April 2017

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags