Getting investigated for IT misuse at work!
#31
Scooby Regular
Join Date: Nov 2002
Location: Talk to the hand....
Posts: 13,331
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
Then there was that zurich thread which I scanned for 20 seconds and it has some lasses on nights out kissing, etc.
![Frown](images/smilies/frown.gif)
Still, as a valued and experienced planning officer working in a very busy planning department, I'm sure you will be considered far too valuable to lose over something so trivial.
UB
![Smile](images/smilies/smile.gif)
#32
![Default](images/icons/icon1.gif)
Originally Posted by unclebuck
Still, as a valued and experienced planning officer working in a very busy planning department, I'm sure you will be considered far too valuable to lose over something so trivial.
![Frown](images/smilies/frown.gif)
However, as you say, hopefully the worst you'll see is a informal or formal warning, and a "don't do it again" slap UNLESS they have a current agenda of making an example of someone.
#33
Scooby Regular
Join Date: Feb 2005
Location: "Comfortably Numb" since Aug 2003
Posts: 17,450
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
SB from memory, there was a thread about fishing which you had to guess the answer to, this contained a couple of women in all their glory..... may be this one??
#35
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Bradford
Posts: 13,720
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
Cheers for the advice and encouragement so far guys ![Smile](images/smilies/smile.gif)
During this process I'll try to get to the bottom of where this has come from. Maybe someone somewhere decided they wanted me out and a PC investigation is always the easiest way. The sad truth of the matter is that you can pick up just about any work PC in the world and find an email, cached picture or site visited that is sufficient to cause problems or get you sacked. Bring back typewriters I say![Wink](images/smilies/wink.gif)
![Big Grin](images/smilies/biggrin.gif)
Can someone link in the zurich thread so that I can review the material on it. Purely for defensive purposes you understand
![Smile](images/smilies/smile.gif)
During this process I'll try to get to the bottom of where this has come from. Maybe someone somewhere decided they wanted me out and a PC investigation is always the easiest way. The sad truth of the matter is that you can pick up just about any work PC in the world and find an email, cached picture or site visited that is sufficient to cause problems or get you sacked. Bring back typewriters I say
![Wink](images/smilies/wink.gif)
![Big Grin](images/smilies/biggrin.gif)
Can someone link in the zurich thread so that I can review the material on it. Purely for defensive purposes you understand
![Wink](images/smilies/wink.gif)
#36
![Default](images/icons/icon1.gif)
dunno if you have access to / use hotmail but lots of porno related spam on there including thumbs etc.
could any images be from spam email that has not been filtered out before reaching your inbox? (hotmail or other)
Hope it works out
could any images be from spam email that has not been filtered out before reaching your inbox? (hotmail or other)
Hope it works out
#37
Scooby Regular
Join Date: Dec 2000
Location: A land of lap-dancers and Lanson Black Label
Posts: 9,400
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
kenny - you're boned chap, I left a place once before I was pushed so it may be work looking at fish4jobs before they remove you from their servers
![Wink](images/smilies/wink.gif)
#38
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Bradford
Posts: 13,720
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
dunno if you have access to / use hotmail but lots of porno related spam on there including thumbs etc
#40
Scooby Regular
Join Date: Apr 2001
Location: Some country and western
Posts: 13,488
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
Have they actually told you that they log your internet pages? Is it in writing anywhere that it is logged? They do need to inform you if they are monitoring your websurfing.
If your performance is not suffering, then to me, that's good enough.
If your performance is not suffering, then to me, that's good enough.
#41
![Default](images/icons/icon1.gif)
AFAIK, they couldn't sack you for received spam email. I get viagra type (erection problems etc) emails at work all the time....not my fault. So long as I don't send it on, can't see how it IS my fault. I'm VERY careful where I register my work email, and the spam has only appeared recently yet I've not divulged my work email address for years....
Maybe someone else has divulged it, but suffice to say, doesn't bother me. It cannot be a sackable offence to receive spam.
Maybe someone else has divulged it, but suffice to say, doesn't bother me. It cannot be a sackable offence to receive spam.
#42
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Bradford
Posts: 13,720
Likes: 0
Received 0 Likes
on
0 Posts
#43
Scooby Regular
Join Date: Feb 2004
Location: At the bottom of a glass
Posts: 1,462
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
If you (hopefully!!) get away with this, then get your own back.
Never ever use your PC again lol. Hand write everything or go off with stress and sue them for harrassment.
Seriously though some people do take the **** and deserve to get some flak, but sounds like you were being reasonable and they are just being petty.
You haven't upset any colleagues recently who might have logged on as you and accessed some dodgy sites?? Make sure you get details of everything they accuse you of inc. times/dates and make sure it was definitely you.
Good luck.....
Never ever use your PC again lol. Hand write everything or go off with stress and sue them for harrassment.
Seriously though some people do take the **** and deserve to get some flak, but sounds like you were being reasonable and they are just being petty.
You haven't upset any colleagues recently who might have logged on as you and accessed some dodgy sites?? Make sure you get details of everything they accuse you of inc. times/dates and make sure it was definitely you.
Good luck.....
#44
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Bradford
Posts: 13,720
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
Everytime you log on to the internet you put in your own username and password so unless I've left a web window open then whatever has been access will have been by me.
That's not entirely true. My scoobynet use has IMHO been beyond what an employer might regard as reasonable but I have been getting my work done as well as the others to a standard acceptable to my line manager. I fully expect and accept a warning regarding this but I absolutely refuse to go down as, 'the guy that looked at dirty sites at work' as that's NOT me. I have pornband at home for that stuff ![Wink](images/smilies/wink.gif)
Seriously though some people do take the **** and deserve to get some flak, but sounds like you were being reasonable and they are just being petty.
![Wink](images/smilies/wink.gif)
![Big Grin](images/smilies/biggrin.gif)
#45
![Thumbs up](images/icons/icon14.gif)
try here for file deletion
http://www.tolvanen.com/eraser/ i have had it for ages it is free ware and sits conveniently on the right click drop down and writes over the offending file 12 times making it virtually imposible to recover.
sorry make that 35 times and can be set higher.
and if your not certain it will write over all the unused (or supposedly deleted space) on your hard drive
http://www.tolvanen.com/eraser/ i have had it for ages it is free ware and sits conveniently on the right click drop down and writes over the offending file 12 times making it virtually imposible to recover.
sorry make that 35 times and can be set higher.
and if your not certain it will write over all the unused (or supposedly deleted space) on your hard drive
Last edited by mattstant; 23 April 2004 at 06:18 PM.
#46
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Bradford
Posts: 13,720
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
Just to clarify any form of 'deleting' software, etc is like shutting the gate after the horse has bolted. They have my hard drive NOW and are looking at the stuff on it NOW
![Frown](images/smilies/frown.gif)
#47
Scooby Regular
![Red face](images/icons/icon11.gif)
Not good mate ![EEK!](images/smilies/eek.gif)
Do what I do and work stupid feckin hours and tell them that if they sack you... the whole place goes down![Big Grin](images/smilies/biggrin.gif)
PS I'm just delirious through overwork mate and obviously hope you get it sorted.... sorry I can't be of any help
If you need to chat, give me a bell.
![EEK!](images/smilies/eek.gif)
Do what I do and work stupid feckin hours and tell them that if they sack you... the whole place goes down
![Big Grin](images/smilies/biggrin.gif)
PS I'm just delirious through overwork mate and obviously hope you get it sorted.... sorry I can't be of any help
![Frown](images/smilies/frown.gif)
#48
Scooby Regular
iTrader: (2)
Join Date: Mar 2002
Location: Spec C - 12.5 @ 110(340/350)
Posts: 2,314
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
No one will be out to get you Kenny! Websense flags up restricted sites, then emails the system administrator with all the details, user, ip's etc. If you keep hitting the websense filters, you will get the attention of the person monitoring websense.
#50
Scooby Regular
![Default](images/icons/icon1.gif)
If it's just content on Scoobynet, I can't see them sacking you over it. Any really dodgy stuff usually gets vaped by the mods on here (or at least it should do
)
Being in IT I've been involved on the other side of the investigation. It's not pleasant, but the two cases I was ask to check involved some hardcore stuff. One bloke had already been warned and was dismissed for a repeat offense. The other was given a verbal warning, but since he was a contractor, his new contract simply wasn't renewed.
Large companies, especially Councils, are scared that any breaches get into the public domain so they tend to overreact.
Hopefully they'll see some sense and just give you some verbal.
Good luck,
Stefan
![Wink](images/smilies/wink.gif)
Being in IT I've been involved on the other side of the investigation. It's not pleasant, but the two cases I was ask to check involved some hardcore stuff. One bloke had already been warned and was dismissed for a repeat offense. The other was given a verbal warning, but since he was a contractor, his new contract simply wasn't renewed.
Large companies, especially Councils, are scared that any breaches get into the public domain so they tend to overreact.
Hopefully they'll see some sense and just give you some verbal.
Good luck,
Stefan
#51
![Default](images/icons/icon1.gif)
Saxo,
If you've not explicitly typed in the dodgy site and gone there on purpose then it should be very hard for them to pin anything major on you as any audit trail through proxy logs will show that the images have been referenced from scoobynet, a moderated forum regarding a motor sport hobby etc etc. Just the fact that the logs will show one "dodgy" image coming off one "dodgy" site will not prove to anyone that you're going out your way to view pr0n. If you were actively seeking the stuff, there would be a much higher number of hits to the said site, including navigation images, html etc which would all be stored in their logs.
Taking your hard drive, I’m sure is not right. Legally you should be in situ, and have everything explained to you while they analyse your drive as any information they find on there can be fabricated with ease and thus isn’t admissible. They should have a set of tools ready prepared to analyse your drive, with a document outlining what the operator types and does to use said programs. Just going into find, typing *.jpg and printing off the output isn’t good enough. How do you know they've not mapped a network drive to their "lets get them fired dodgy folder" before hand? Files and the times they were saved/accessed etc can be altered with ease. Im not 100% sure on this so you'll have to seek legal advice (if it comes to that).
On that note, also find out if the IT bods that check the logs are audited or monitored by an external company. If not, then technically they too can not be trusted with the log data as it would be very simple to find another user with terrible habits, and search and replace with you’re their username with yours.
Until it went to court, all this would be their word against yours, but if it did go all the way, then they would have a very hard time proving their log data had not been tampered with and that you do in fact go out of your way to browse pr0n and dont just see the odd image while generally browsing around that you have no control over stopping.
Check your internet use policy document.
-What does it say will happen if you fail any sections of the document?
-Are there degrees of "punishment" etc for doing different things?
-Ask around the office, is there anyone using hotmail/forums, has anyone else been selected for this audit?
-Is there anything in there about how they should be stopping you get to dodgy sites etc by accident, and why it might not have stopped all these inline images loading in SN when you're not specifically looking for pr0n?
-Check the usage policy, does the 1 hour count while you're "working" (as lunch hour shouldnt be included then) or while you're in the office in general?
-How do they enforce the rule about the internet usage? Someone could open one huge page that takes three hours to read but wouldn’t record anything in the proxy logs, so unless they were standing behind you, or had some spy software installed on the machine they wouldn’t be able to tell.
-Does the policy say who has access to your browsing information, who will be watching you and where you can contact them if you've accidentally stumbled across something you think might get you done?
If it comes to it, get a copy of all the proxy logs, unfiltered (important so you can see if your log file entries coincide with others in your office and haven’t been tampered with), so you can perform your own analysis. I'd be happy to take a look through them for you, as I did with Scooby96's when he was going through this.
I hope this gives you some ammo mate, and don’t worry too much about it, as how you've described it, it sounds like they've gone about this totally wrong.
Bunch of pen pushers got nothing better to do![Frown](images/smilies/frown.gif)
~Jules
PS. Note to the rest of you guys, there's no point trying to hide your tracks either as companies who tend to do this thing will always have the info they need before hand, and there's always a way for them to watch without you knowing
If you've not explicitly typed in the dodgy site and gone there on purpose then it should be very hard for them to pin anything major on you as any audit trail through proxy logs will show that the images have been referenced from scoobynet, a moderated forum regarding a motor sport hobby etc etc. Just the fact that the logs will show one "dodgy" image coming off one "dodgy" site will not prove to anyone that you're going out your way to view pr0n. If you were actively seeking the stuff, there would be a much higher number of hits to the said site, including navigation images, html etc which would all be stored in their logs.
Taking your hard drive, I’m sure is not right. Legally you should be in situ, and have everything explained to you while they analyse your drive as any information they find on there can be fabricated with ease and thus isn’t admissible. They should have a set of tools ready prepared to analyse your drive, with a document outlining what the operator types and does to use said programs. Just going into find, typing *.jpg and printing off the output isn’t good enough. How do you know they've not mapped a network drive to their "lets get them fired dodgy folder" before hand? Files and the times they were saved/accessed etc can be altered with ease. Im not 100% sure on this so you'll have to seek legal advice (if it comes to that).
On that note, also find out if the IT bods that check the logs are audited or monitored by an external company. If not, then technically they too can not be trusted with the log data as it would be very simple to find another user with terrible habits, and search and replace with you’re their username with yours.
Until it went to court, all this would be their word against yours, but if it did go all the way, then they would have a very hard time proving their log data had not been tampered with and that you do in fact go out of your way to browse pr0n and dont just see the odd image while generally browsing around that you have no control over stopping.
Check your internet use policy document.
-What does it say will happen if you fail any sections of the document?
-Are there degrees of "punishment" etc for doing different things?
-Ask around the office, is there anyone using hotmail/forums, has anyone else been selected for this audit?
-Is there anything in there about how they should be stopping you get to dodgy sites etc by accident, and why it might not have stopped all these inline images loading in SN when you're not specifically looking for pr0n?
-Check the usage policy, does the 1 hour count while you're "working" (as lunch hour shouldnt be included then) or while you're in the office in general?
-How do they enforce the rule about the internet usage? Someone could open one huge page that takes three hours to read but wouldn’t record anything in the proxy logs, so unless they were standing behind you, or had some spy software installed on the machine they wouldn’t be able to tell.
-Does the policy say who has access to your browsing information, who will be watching you and where you can contact them if you've accidentally stumbled across something you think might get you done?
If it comes to it, get a copy of all the proxy logs, unfiltered (important so you can see if your log file entries coincide with others in your office and haven’t been tampered with), so you can perform your own analysis. I'd be happy to take a look through them for you, as I did with Scooby96's when he was going through this.
I hope this gives you some ammo mate, and don’t worry too much about it, as how you've described it, it sounds like they've gone about this totally wrong.
Bunch of pen pushers got nothing better to do
![Frown](images/smilies/frown.gif)
~Jules
PS. Note to the rest of you guys, there's no point trying to hide your tracks either as companies who tend to do this thing will always have the info they need before hand, and there's always a way for them to watch without you knowing
![Frown](images/smilies/frown.gif)
#52
Scooby Regular
Join Date: Feb 2003
Location: Zed Ess Won Hay Tee
Posts: 21,611
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
Originally Posted by GaryCat
Tell them that your surfing was before 9am and after 5.30pm and you always made your hours up.
It's no use clearing your PC cache if the access logs are recorded in websense or whatever.
It's no use clearing your PC cache if the access logs are recorded in websense or whatever.
#53
Scooby Regular
Join Date: Aug 2002
Location: Sodding Chipbury
Posts: 2,702
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
To all those suggesting file deletion programs:
It is of no use in a client/server environment - the logs are on the server, as are cached images.
Saxo Boy, sorry to hear this. To be honest I'd be most concerned about the amount of time you've spent on the net, rather than content (if all is as you say). If you've a good, clean work record I'd hope for a written warning and big slap on the wrist.
It would be worth asking for SN to be added to the list of banned sites to remove temptation in the future too.
Hope it all works out for you.
It is of no use in a client/server environment - the logs are on the server, as are cached images.
Saxo Boy, sorry to hear this. To be honest I'd be most concerned about the amount of time you've spent on the net, rather than content (if all is as you say). If you've a good, clean work record I'd hope for a written warning and big slap on the wrist.
It would be worth asking for SN to be added to the list of banned sites to remove temptation in the future too.
Hope it all works out for you.
#54
Scooby Regular
Join Date: Sep 2002
Location: The biosphere
Posts: 7,824
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
On the "time spent on the net" issue - I have found most web access reporting software to be quite inaccurate and easily contended because it cannot know if the time spent between clicks is spent reading the page or doing something else. Most of them you press a button and it comes back with a report saying User X has spent Y minutes surfing - but the result has to be pretty meaningless and is probably only useful when used to compare against other people.
I would argue that since it is a forum you could well be refreshing the page every 10 mins and a quick glance to look for new messages. This doesn't necessarily imply that you have spent the time between reading the website and not working, and this is supported by the fact that you are meeting your targets.
I would also throw in a few "I feel underused" type arguments, concede that you could be more proactive in seeking more work to fill your time etc.
The more of these cases I see the more inconsistent it is between organisations and it is really down to your company/org and their policies. The daft thing is that they will most likely already decided how they would LIKE to deal with it, the time spent "investigating" is to make sure they do everything required to get that outcome, which is why it may be prudent to take a "cap in hand" approach, a few sob stories about how you have lost motivation but follow it up with a dazzling repetoire of how you intend to turn it around, subtley hinting at the cost of recruitment and retraining.
Our company doesn't waste any time snooping on internet usage.... if employees are wasting time on the net then it's a management issue, not an IT issue.... but then I am the IT manager!![Wink](images/smilies/wink.gif)
Anyway, I wish you the best of luck with it!
I would argue that since it is a forum you could well be refreshing the page every 10 mins and a quick glance to look for new messages. This doesn't necessarily imply that you have spent the time between reading the website and not working, and this is supported by the fact that you are meeting your targets.
I would also throw in a few "I feel underused" type arguments, concede that you could be more proactive in seeking more work to fill your time etc.
The more of these cases I see the more inconsistent it is between organisations and it is really down to your company/org and their policies. The daft thing is that they will most likely already decided how they would LIKE to deal with it, the time spent "investigating" is to make sure they do everything required to get that outcome, which is why it may be prudent to take a "cap in hand" approach, a few sob stories about how you have lost motivation but follow it up with a dazzling repetoire of how you intend to turn it around, subtley hinting at the cost of recruitment and retraining.
Our company doesn't waste any time snooping on internet usage.... if employees are wasting time on the net then it's a management issue, not an IT issue.... but then I am the IT manager!
![Wink](images/smilies/wink.gif)
Anyway, I wish you the best of luck with it!
![Smile](images/smilies/smile.gif)
#58
![Default](images/icons/icon1.gif)
I work for the Police and have been down (sort of) this route, got taken aside and asked about Scoobynet, manager was reasonable and told me to limit it to work related sites, I had been on here a lot but I was dead bored, everyone was caning the internet at work but I think a 'colleague' whos performance was not up to scratch dropped me in it, i.e. if I am going down I am taking someone with me, might be wrong but thats what I have heard, nothing came of it and I have never been on SN at work since, second talking to was for personal email, fair comment but being as half the office were at it again nothing came of it apart from being made to feel like a naughty schoolboy, a mate wasnt so lucky as he did little else and there were a few other offences to be taken into consideration and he ended up resigning.
Didnt much like having all my email read by the manangement, they are entitled to do it apparently so now I do absolutely no personal email at work, model employee, what I do at home is up to me !
Good Luck SB, from what you say I dont think that it will go much further than a warning and then further scrutiny. Then make sure you are in a union.
Didnt much like having all my email read by the manangement, they are entitled to do it apparently so now I do absolutely no personal email at work, model employee, what I do at home is up to me !
Good Luck SB, from what you say I dont think that it will go much further than a warning and then further scrutiny. Then make sure you are in a union.
#59
![Default](images/icons/icon1.gif)
reading thru the thread, I would think the best defence to a complaint of excessive use would be 'accepted practise'. You've done your work, got a bit of spare time so use the internet - as do the other staff.
And then if it's only you being investigated it's tantamount to victimisation
as to the sites visited, as said before, the sites you visit are moderated and you believed yourself protected by Websense.
?probably worthy of a warning and discussion with your manager about other work that needs doing?
good luck
And then if it's only you being investigated it's tantamount to victimisation
as to the sites visited, as said before, the sites you visit are moderated and you believed yourself protected by Websense.
?probably worthy of a warning and discussion with your manager about other work that needs doing?
good luck
Last edited by philc; 24 April 2004 at 10:44 AM.
#60
Scooby Regular
Join Date: Feb 2000
Location: Potters Bar
Posts: 2,924
Likes: 0
Received 0 Likes
on
0 Posts
![Default](images/icons/icon1.gif)
As someone who has been sacked from thier first job at the age of 22 for recieved emails of an explicit nature and now work for a company where over 40 people have been sacked for viewing **** I'll cut to the chase.
Most companies have a policy regarding the use of IT kit. If you breach it thats a disciplinary offence.
If the material you view if offensive in any way shape or form and I mean ANY, that could be a breach of your " code of ethics" type policy. If any people in the office have complained about a boobie here or there then thats a big problem as this can be viewed as harassment !! I know its mad !
Also if you were doing this when you should be working then you could be seen to be breaching your contract again which is a disciplinary offence.
To offer some help. Read carefuly the policies around the use of IT and any ethical statements about the employees expected conduct. I know councils can be very PC correct so they could be quite strict.
Also check carefully the disciplinary procedure which should be very clearly documented.
If you are doing your job well, have not been looking at anything very offensive and have not revisited any naughty threads then you could be in for a strong slap on the wrist. Also as someone else said if what you do is common practice then they must look at all other cases and act accordingly with the same ruels applying to everyone.
I do sympathise with you as we all look at non work stuff at work and it doesn't have to affect our jobs. Hope it works out Ok and keep us posted.
AllanB
Most companies have a policy regarding the use of IT kit. If you breach it thats a disciplinary offence.
If the material you view if offensive in any way shape or form and I mean ANY, that could be a breach of your " code of ethics" type policy. If any people in the office have complained about a boobie here or there then thats a big problem as this can be viewed as harassment !! I know its mad !
Also if you were doing this when you should be working then you could be seen to be breaching your contract again which is a disciplinary offence.
To offer some help. Read carefuly the policies around the use of IT and any ethical statements about the employees expected conduct. I know councils can be very PC correct so they could be quite strict.
Also check carefully the disciplinary procedure which should be very clearly documented.
If you are doing your job well, have not been looking at anything very offensive and have not revisited any naughty threads then you could be in for a strong slap on the wrist. Also as someone else said if what you do is common practice then they must look at all other cases and act accordingly with the same ruels applying to everyone.
I do sympathise with you as we all look at non work stuff at work and it doesn't have to affect our jobs. Hope it works out Ok and keep us posted.
AllanB