Roger.Wilco
Senior Member
I hope you have a VERY thorough IT policy, which clearly states you're allowed to view personal details like personal email and Skype conversations. It it doesn't you're making a lot of trouble for yourself.
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
I hope you have a VERY thorough IT policy, which clearly states you're allowed to view personal details like personal email and Skype conversations. It it doesn't you're making a lot of trouble for yourself.
Blocking at the firewall might not be enough. users can bypass firewalls by pluggin in their cellphones or 3G cards.
as The_Librarian said, data copied to USB is a big threat. Has a look at the spector 360 software from my earlier post. It keeps independent tamper-proof logs of all the above mentioned activities.
treating internal data security threats, like external threats (will a firewall alone) will leave some gaps.
The standard laws are clear on this: If it is a company PC then All the information contained on the harddrive belongs to the company(their wording would be more formal but still mean the same thing). They should have kept personal stuff seperate from work stuff if they wished for that privacy.
So yes people IF you dont want work to know about it....... dont do it at work. & certainly dont use their pc's for it , if you must do it in working hours.
Certainly, an employer may monitor whether an employee is distracted from the employer's business and may take disciplinary action if an employee engages in personal matters during work hours; that right to discipline or terminate, however, does not extend to the confiscation of the employee's personal communications.
What standard laws are you referring to? I've been involved in this before, and unless the IT policy was very clear about it, the companies always end up in bigger trouble.
Companies normally gets away with this because the workers don't know better. They get bullied into signing admission of guilt forms, because the employer tells them "it's a work pc so we have the right to monitor you".
No need for admission of guilt forms or any of that.
The PC belongs to you & so does all the data contained on it even with out any confidentiallities & other such come into play.
The PC get provided for work puposes not for other use. This means the PC still belongs to the company & has not been made your personal property. So unless you as the employeee made the boss sign a conttract preventing him from inspecting the company's property, ...... sorry they have all the rights & access to ANY data contained on the PC, even if it was historically deleted(retrieveable permitting HDD has not been formatted).
So basically the first law that comes into play is the law of ownership. The PC firstly belongs to the company & not the employee.
The employer may not set traps for the employee, yes, that is called entrapment. (just to underline) There is no law that says a company manager/boss or owner cannot have a look at or inspect the information belonging to a company. Which it does as it is on the company PC. This information can then be used to protect the company if needed.
lol. So by your reasoning, it's not even necessary for any employees to sign IT contracts, since the employee should let the employer sign a contract?
There's a huge difference in finding information on a pc, and monitoring PRIVATE emails.
no contracts are good & have a purpose. to protect the company.
for this example I will imagine you work here @ myBB.
your girlfriend sends a provacative pic of her to your work email on [email protected] just before your going home time.
that makes it company property as it was sent to mybb.co.za
however if she had sent the same pic to your cellphone it will remain private & the boss cannot ask to look at your phone unless(but very unlikely) the company had started so in their contract with you.
no contracts are good & have a purpose. to protect the company.
for this example I will imagine you work here @ myBB.
your girlfriend sends a provacative pic of her to your work email on [email protected] just before your going home time.
that makes it company property as it was sent to mybb.co.za
however if she had sent the same pic to your cellphone it will remain private & the boss cannot ask to look at your phone unless(but very unlikely) the company had started so in their contract with you.
I 100% agree, but that's work email. What's being discussed here is the employer monitoring private emails (Gmail).
But the IT policy states that the computer is for work purposes only. So if the user uses it for private purposes they are breaking the rules of the IT policy.
But the IT policy states that the computer is for work purposes only. So if the user uses it for private purposes they are breaking the rules of the IT policy.
Exactly, and then you can take action and give them a warning or whatever. But does your policy say that you can monitor private email? Just because they're breaking the rules, doesn't mean you can do it too.
But your allowed to monitor their internet browsing so if they browse to gmail are you not allowed to monitor that?
No. Because you can't get to their emails from browsing their internet history. The have to enter their username and password to get to their private email, and that makes it private. If you monitor their private emails, it means you have something in place like a keylogger, or you're monitoring what's going on while they're working on the pc. That also means that you then have access to all their banking details if they use the pc for internet banking. And this just makes it all a lot more serious for the employer.
Basically, you can take action against them for using the pc for private purposes, but that's a minor offence. You monitoring private emails is a lot more serious, unless you specifically specify that in your it policy.