How to tell if you are spying by your employer
2015-09-08In the earlier part of this year, CEO of one of the Christian publishing companies gathered his employees in a meeting. In that meeting he should his anger about different rumors which were being spread by the internal sources about the company. He didn’t stop there and fired 25 of the employees in order to punish unidentified culprits. The meeting was secretly taped by an employee and hence received press coverage. It was revealed by Ryan Tate that he was monitoring the computers activity of his employee in order to know the person responsible.
He said that I let the employees watch Netflix if they want to watch Netflix and even he let them put it on projectors in case they wanted. If the employees wanted to use Facebook, they were allowed to do so. Since he was paying them just for these activities, he went on with his rant sarcastically. Then he said that I don’t mind that employee goof off, but they should not be badmouthing about the company. He told the employees that he regularly reads the Facebook pages of the employees and he was really amused by some employees posting some stuff and taking it down. He told them that it was all being archived.
Well, I reached the company in order to see their method of monitoring, but I was told nothing. Tate might have been monitoring the social media activities of employees because of the company policy or the Facebook sessions of the employees might have been captured or maybe none of it was true and it was only a bluff. The truth is that Tate is not the only employer who snoops on the digital activity of the employees. Currently, FDA is fighting off the lawsuit by the scientists who have claimed being fired because of the whistleblowing. It was realized by the federal agency all thanks to SpectorSoft’s spyware program which captured the emails and the computer activity of these scientists. Thanks to the mess-up by one of the contractors who was maintaining files, 80,000 pages in spying dossier were leaked online temporarily, making it clear that how extensive this monitoring was.
It is not that unusual for the employers to monitor the computers and the smartphones of their employees, but most of the employees do not think about it during their working day. They spend the breaks during work to look at some sensitive emails of personal nature, enjoying by having some sexy chats, looking at different photo albums on Facebook, or checking out the job listings from other companies. Before one does anything outrageous on his work computer, it is important to consider if he is being monitored. In order to know some things which can reveal if one is being monitored by someone, I talked with Michael Robinson who is an expert of computer forensics and Ashkan Soltani who is a security researcher.
The first thing is to check the computer usage agreement or the employee handbook. In case the employer mentions that the computer activity can be monitored then they do have the right to do so. But in this case the question is if they are taking any advantage of this right.
According to Robinson whether you will be able to spot the monitoring or not, depends on the place where monitoring is being carried out. If the monitoring is at Firewall, it will be hard for user to spot. This will simply tell employers about the websites which employees are visiting, so for example, they can check the number of employee who visited Monstor.com in a particular month. But in case the employer wants to see more detailed activity, the monitoring software will have to be put on the employees’ computer.
In case you are on some corporate network, all the non-https communications are visible to the person who controls network. It is mistakenly thought by some employees that if they are on Facebook or Gmail – who offer the https security – the communications won’t be encrypted, so no one will be able to read them. It might be true in case the monitoring is being done upstream, though companies have such methods by which they can see through the encryption as they control network and those devices used by employee to access their personal information. For example, you can see the BlueCoat guide which is used for getting control of the encrypted sessions. If software is on the employees computer, no protections I offered by https-ssl.
Screenshots and keystrokes are captured by the monitoring software on computer. It means that the software is able to reconstruct the Facebook or Gmail sessions of yours. Such programs cannot be seen in the running applications, but they can be seen in the running processes.
• In case you are on a personal computer, the running process can be seen by pressing “Ctrl – Alt – Del”. It will pull up the “Task Manager” and you can switch to “Processes”.
• In case you are on Mac, bring up the “Gadgets and Gizmos” by going to the “Launchpad”. After that go the “Utilities” and click on the “Activity Monitor”.
Probably the process has an innocuous name and will be quite busy as it will be capturing large amount of activity. So how will you identify the spyware process? One of the options can be to compare the processes of your computer with those running on the computer of a colleague. In case only one of you is getting monitored and other isn’t then you are likely to notice a different process running. But in case both you and your colleague are getting monitored then it won’t be helpful. But there is another option which you can run to check.
Many of the spyware programs get flagged as malicious by anti-malware and antivirus programs. This has resulted in some companies who offer such programs to make “white lists”. This is so that IT departments who run such spyware programs are able to ensure that McAfee, Symantec and others show these process as regular ones and not evil. In most cases, such white lists are made public by the companies who make the, so one can see the exact file names. Had the consultants of FDA looked at the processes, it is likely that they would have observed such programs running on the computers via the whitelist of SpectorSoft.
In case you are seeing some strange process running on your computer which is a spyware and you Google it, you will be lead to the website of spyware vendor.
Unfortunately, some of the spyware programs are much savvier than the others. According to Soltani the sophisticated spyware programs behave like rootkits as they are able to hide themselves.
Robinson tells that those bosses who run full scale monitoring of all the activities of the employees are quite rare. Such things are much more likely in case a boss actually is worried about some particular employees or if the boss is worried that some sensitive information might leave the company. FDA was doing it as they had suspicion that consultants were perhaps leaking the critical information to the Congressional members (their suspicion was right).
As there are many ways in which an employer can spy on the employees and as many spyware programs are not detectable, it is probably wise to not do any activity too sensitive on the office computer and save it for home or personal computer.
In the closing remarks of the meeting with his employee, Ryan Tate told them that they should be smart in the current digital age. He told them that it was fine if one was at his home and complaining to the love ones, but who would go online just for doing that or sending emails?
Well, I’d say everyone does. But you should be smart about the computer form which you are doing it. And of course in case you do choose safer option of the home computer, you should keep the fingers crossed that a loved one is not snooping on you.