Computer Privacy At Work
Can the boss really see when you're surfing the Internet at work? Can the geeks from the IT Department monitor everything you do on your PC? Are any of them keeping tabs on those last twenty minutes of your lunch hour when you're playing Solitaire?
Is Big Brother Watching?
The real answer, is most likely. Corporate IT departments usually have network tracking and auditing programs in place that can record an employee's Internet usage, downloaded files and activity on a PC. They can probably even take remote control of any computer on the company's network, install new software, and scan your hard drive for questionable files. And don't even think about email privacy. If you use a computer at work, you should assume that ANYTHING you send or receive by email will be monitored, filtered, or scanned for certain keywords.
Some businesses have a more laid-back approach when it comes to monitoring employees' computer activities. As long as work is getting done and there is nothing offensive or objectionable on a staff member's computer, employees are pretty much left alone. Other companies may need to adhere to stricter monitoring practices, either due to the nature of the business, or to the number of employees on the network. For example; imagine a company with over 10,000 employees, and a large percentage of staff were watching YouTube on their computers during the workday. Not only would this halt productivity, but it could put quite a strain on the corporate network's bandwidth, causing a myriad of problems with the network's performance.
In this age of spam, viruses, rootkits and other forms of malware, it is in the best interest of a company's technological well-being to be on the more restrictive side, rather than the permissive, when it comes to monitoring computer use. Most Human Resources and Information Technology Departments have computer usage policies outlining what is acceptable and unacceptable use of the company's computers. Employees usually receive this documentation upon hire.
Surfing at Work
The reality is that most of us will at some time or another, use our work computers in a non-job related fashion. Just like we will use the phone, fax or copier for some personal task. One recent study (commissioned by a company selling employee monitoring software) stated that "More than 81 minutes of work time per employee is wasted doing non-work related computer activity." I doubt that anyone is shocked by this. People are checking their mail, paying a few bills, catching up on news, or doing a little shopping. Twenty years ago, employees did pretty much the same thing, but (less efficiently) without computers.
I believe any business that allows employees to take care of some of the stress of daily life during work hours will see a happier, healthier and ultimately more productive workforce. Of course you always give 110% at work, and we HOPE the boss knows that, but that doesn't mean you have to make your Internet usage at work obvious.
If you must access personal email during the workday, use a free webmail account. Hotmail, Yahoo and Google all offer free webmail services. Best of all, your emails cannot be monitored. The only thing corporate IT can potentially see is that you went to Hotmail.com, or Yahoo.com. They cannot see what you are sending or receiving within your personal webmail account, as long as you use the secure login option.
And if you're tempted once in awhile to interrupt a mundane or stressful workday by browsing the internet, there are some ways to anonymize your web surfing and keep your recreational cyber-travels on the down-low. Setting ethics and potential ire of the boss aside, how might one go about sneaky surfing? First of all, forget about simply deleting the history files from your browser. Deleting history files doesn't prevent the IT department from being able to see where you've been on the Internet. There are an endless number of tools that can recover deleted files, and network admins don't even need that data to track your internet usage.
One possible way to keep your browsing anonymous is to use anonymizers. Anonymizers are web-based services or downloadable programs that keep your Internet browsing anonymous. One site that provides this service is Anonymouse. You enter in the site you want to visit and it acts as a proxy, hiding your destination from the boss, and your computer's IP address from the destination web server.
Another way anonymous browsing is achieved is though onion routing. Through onion routing, your Internet communication travels through a sequence of onion routers, via an untraceable pathway. Tor is a shareware product that will allow you to install the tools to browse through these onion routers also known as "proxies". You might also want to check out this listing of anonymizer sites and services. Be advised though, it is best to familiarize yourself with your company's Internet and computer usage policies to ensure you do not engage in anything that might get you fired. Be especially careful about installing unauthorized software at work, as it could cause unexpected problems such as malware, poor network performance, etc.
And despite the name, anonymizers are not 100% guaranteed anonymous. Additionally, they usually are unable to access ftp or secure (SSL) sites, although a service called ProxyDrop claims it can access secure sites. And of course the savvier your company's IT Department, the more likely they will have these anonymizers blocked. It will take some diligence on your part to find an anonymizer site they haven't blocked.
Other Options: Remote Desktop Access
Another option would be the free LogMeIn.com service, which will allow you to login to your home computer, and do your surfing and email tasks remotely. For the more adventurous and determined, SSH tunneling can be used to bypass corporate or school firewalls. For help setting up something like this, here's an SSH Tunneling How-to guide. This method may not work if your company has SSH traffic blocked.
It's an ongoing struggle for IT Departments everywhere, giving just enough access to ensure that users on a network are able to efficiently do their work, while trying to preserve network security. There are endless debates about freedom of Internet browsing, and whether or not restricting certain websites is a form of censorship. While the question is a valid one in a setting such as a school or university; there isn't much room for debate when it comes to a corporate network.
Businesses own the computers and the network, and must have policies in place dictating acceptable and unacceptable conduct, and employees are expected to follow those policies. Although there are always evolving techniques for anonymous surfing and getting around firewalls, it might be the safest bet to do your recreational browsing on your computer at home.
This article was posted by Bob Rankin on 7 Aug 2007
|For Fun: Buy Bob a Snickers.|
Sued For Downloading?
The Top Twenty
There's more reader feedback... See all 29 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Computer Privacy At Work (Posted: 7 Aug 2007)
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Computer Privacy At Work"(See all 29 comments for this article.)
01 Feb 2008
I use my personal computer and plug into my company's network at work. Any way to protect myself? Is this compromising my company's security?
EDITOR'S NOTE: You should make sure your hard drive is not shared on the network. And be aware that any viruses or spyware on your PC could possibly infect other computers on the company network.
13 Mar 2008
What if you work from home, but your employer pays for your DSL line. I use the router my employer provides me. I think my employer has a contract with my phone company. Can my employer still track what sites i go to? Do the phone companies provide employers information about the sites i visit? Or can my employer get infor from the router they gave me? THanks!
EDITOR'S NOTE: I'd say it's very unlikely that the phone company would provide that information to your employer.
27 May 2008
Can my employer find out what I have been using my laptop for at home, when I connect through my own wireless network, when I return to work and plug into their network?
EDITOR'S NOTE: That depends on whether or not you share your hard drive on the network. If not, then no.
11 Jun 2008
Thanks. What do you mean by sharing my hard drive on the network?
EDITOR'S NOTE: In My Computer, right-click your C: drive icon, then select Sharing. You can share (make accessible) the files on your hard drive with other computers on your home network.
15 Jun 2008
I have a laptop which I use remotely from work - conecting through my own network - and I use the laptop for pleasure, as well as work. Can my employer tell what I have been doing with the laptop whilst at home, when I visit the office and connect to their network?
EDITOR'S NOTE: Only if you have "shared" your entire hard drive, and given access to your browser history. That's unlikely, but you should check the sharing and security options on the C: drive.
26 Aug 2008
So as long as you use your own internet connection on the company issused laptop, they cannot view what you looked at or see what you wrote, even when you log on and it has a disclaimer about using the company computer?
EDITOR'S NOTE: That's not exactly true, as I've mentioned before. If you don't clean out your browser cache and history file, it MAY be possible for your employer to view them.
24 Jan 2009
if an IT guy (he is a friend) came to my house and use my wire less internet connection with password using his laptop... can he see and check what i do online, what site i visited? after he goes home?. he have my internet password connection i am just wondering what he can see because he logged on to my internet at home using his laptop i am not sure if he got my pass word but i know he entered it to his laptop himself. thanx in advance.
EDITOR'S NOTE: Not unless your network is horribly misconfigured. But why not change your password anyway?
16 Mar 2009
Ok, what if... 1. The ISP is paid for by a third party, and the router is owned by my company. I do not have to connect to a company server to get access to the internet. What information can the router record if I use a personal laptop while at work?
2. If the third party were interested, can they use any sort of program to record information about my internet activities with my personal laptop. I ask because they pay for the ISP and we share the router.
3. If the third party asked for records from the ISP would they receive the personal laptops history or all the history of all computers on the router? How is that ISP information typically broken down? Finally, does the ISP supplied information give just IP addresses or host names/website names as well?
Even if your unable to answer these questions, you've been extremely effective in explaining this topic. Thank you.
17 Mar 2009
First of all I have a remote desktop with dual monitors. When I access the remote desktop, I can only work on one screen as the remote desktop does not have remote capability. I can use the second monitor, but not as part of the remote desktop connection. I can use it just as I would normally do if I did not have the remote desktop on one monitor. What I am being told from my IT department is that I am over my internet usage amount and that I have blocked sites on their report. How is this possible if I NEVER access the internet from the remote desktop connection, but only from the other monitor which is not connected to the remote desktop, but through my home internet connection. I have asked the IT Director at my company to call me, but of course he hasn't. My director knows that it is not possible that I am on the internet as much as the report says because that would reflect in my productivity. Also, the report shows that I am accessing the company's internet at times when I am not even working. No one else has access to my computer. I live alone. Any ideas what is going on here? Is it possible that in some cases, my internet access is being picked up even though it is not being accessed thru the remote desktop.
EDITOR'S NOTE: Your description of remote, local and dual leaves my head spinning. I can't make sense of which computer you're physically at, where the remote desktops are, and why a dual screen setup would even matter. But here's a thought... if you have a wireless router somewhere in the mix, perhaps unknown parties are connecting to your network due to missing or weak password on the router.
30 Jul 2009
My company is completely remote (meaning that all employees work from home using company-issued laptops). My employer uses LogMeIn software, which they claim is for maintenance and repair. I do not have to log in to a corporate server; all of my work is performed locally, through my own home internet and router.
My Question: What exactly can my employer track?
Since I leave my computer on almost all the time, can they determine what time I start/end my work day (i.e. am active/inactive on my PC)? Can they track my website history? What else might they be tracking?
EDITOR'S NOTE: If someone can log in to your computer via LogMeIn, then it's just like they are sitting at your desk. They have access to EVERYTHING you do.
13 Aug 2009
I am unclear as to whether my employer (a government office) can track or see what I am doing on my home computer if I am connecting to my home computer via Remote Desktop.
I don't see how this is possible. I am sure that if they wanted to look for it they can tell that I have a remote desktop connection active, but that's about it.
EDITOR'S NOTE: I agree.
26 Nov 2009
You could also take a look at I'm InTouch for remotely accessing your PC at home
16 Dec 2009
If I use my personal laptop at work, connecting to my jobs WiFi, can my employer track what websites I have visited?
EDITOR'S NOTE: Connecting via wifi is no different than connecting with a network cable. You're still being routed through your employer's network connection, so YES!
03 Jul 2010
If I am travelling with a work laptop and I log into the hotel's Internet system can my Internet usage be traced by my employer? We aren't allowed to log into youtube or facebook etc... but if I was using the hotel's connection would this be traceable?
EDITOR'S NOTE: Only if your laptop contained special software supplied by your employer to track your internet usage.
12 Apr 2011
My employer just paid to have Comcast set-up a business internet account, separate from my personal internet account I already have set-up which is also through Comcast. When the technician arrived, he told me I could cancel my personal account and just use the business account through my employer to do my personal computing. He says he does it all the time and mentioned past examples (ie, Boeing employees that work from home, Microsoft, etc.). However, I have concerns about privacy. If plug my personal computer into the Comcast supplied business router that my employer just had installed, can they track what I'm doing? The tech said it was just a matter of plugging it in to one of the three remaining open ports (labeled LAN2, LAN3 and LAN4 - the work computer would be plugged into LAN1 and I would use one of the other ports for my personal computer). I am looking for another job and really don't want them knowing.
07 Jul 2011
Can my IPS detect what am doing on remote desktop which was connected on VPN. I need an explanation on this
04 Apr 2012
The link above for a how-to guide for SSH tunneling (http://www.buzzsurf.com/surfatwork) now redirects to https://www.google.com/ .
EDITOR'S NOTE: Thanks, I've updated the link.
18 Oct 2013
Bob, what do you think about using CYBER GHOST FREE VPN?
Do you recommend using it?
31 Jul 2016
If I am using Xfinity Wifi logging into my Comcast app on my personal phone, can my employer still track me?
01 Dec 2016
If I use my personal laptop with my work wifi, can they see my browser history?
What if I browse using Chrome Incognito?