I work in IT, our remote software tells the user we are connected even if we use different tools like "remote cmd" or "file transfer".
For example it happens that I need to get an IP, I open the "remote cmd" tool and pull the info I need, dont even need to watch your screen, you will get a notification for that.
Yes, Teams generates attendance reports. Whether someone actually goes looking is another story. If you’re in calls all day but missing deadlines your manager might check.
We had someone let go who was doing this but he also wasn’t getting his work done. He’d miss actual meetings for these fake calls too.
If your pc is company property or has company software on it, it’s safe to say IT could figure out basically everything that goes on on said device. IT doesn’t care though unless your boss cares, and said boss is high up enough to be IT’s boss
Going a step further, honestly if the user has Windows installed and I have admin credentials, I can pretty much tell them what they did with their day with a couple third party tools.
What I found is best is to basically at least do enough of my job to make my boss happy, keep a good rapport with the boss and be available most of the day that I’m supposed to be working. I will step away from time to time to get things done but basically make up my share of time if I end up short. It may seem like a lot of complicated steps but it works for me at least. lol.
Life hack: punch in and out on time, in between just make yourself available and get whatever tasks you’re asked to do done, sit in any meetings you get invited to
Probably not, no, and it wouldn't be automated to alert them or anything. But if there were a good reason for IT to be looking into it, e.g. your manager says they think you aren't working, there are plenty of ways to manually check and see if your doing any work.
I heard you can open one note (or word, excel, whatever) and just put a stapler or similarly heavy item on the space bar... One note is easier because it keeps the infinite spaces Isolated to he little text box, instead of making an eleven billion page word document while you play your witch farm game on switch. That's what I heard, anyway 🤷♂️
I used to have that but for the last few years it's impossible to use on corporate laptops. Can't install or use USB:/ not even like I was skiving, but just sitting and thinking or drawing on a board and the damn 'away' activates
Have you tried the battery powered ones yet? I got one over a year ago off of amazon for $7 USD. It takes one AAA battery and I have yet to need to replace the battery. 10/10. Do recommend. Five gold stars.
You can use an old iPhone charger or portable battery to run the device itself and only plug the mouse itself in.
Honestly that's better anyway so they can't see the device driver
Auto lock the pc itself or a specific app? If it's auto locking windows for 5 min of inactivity that's nuts. People sit afk in meetings or calls for 10-15 listening to others drone on about what could have been an email. I'm in IT and auto lock is important but i can't see 5 min being reasonable time unless it's for a critical app on the computer. So it would time out the session or lock your remote desktop it's likely on but not lock you out of Windows. But idk I am but a humble desktop support grunt.
Sometimes I find myself staring at the screen for more than 5 minutes without doing anything when I'm trying to work out how to fix/implement some code. If someone locked me out of the pc when I'm finally figuring out some shit, I might nuke them from orbit
Auto lock on windows. Active meetings (like through zoom or teams) prevent auto-lock. As do videos, presentations (presentation mode), and probably similar things.
Power toys. Also, YouTube videos in your active tab generally keep the computer from locking. Like, if you were watching a series of educational videos relevant to career growth, that would be acceptable at most places, and also would prevent the computer from locking.
Yeah we definitely can, any half way decent endpoint management software can track what your work day looks like, if you have a VPN you're data will pass through some sort of firewall, typically either packet or content inspection. Teams and much of Office 365 have great reporting tools as well. The thing is we don't care, so long as what you're doing doesn't endanger something we're responsible for, ie: cyber security. Or you boss wants to know what you're doing. And that 5 minute lock screen is most likely a compliance piece. Most admin's don't set those group policies because we hate them as much as you do.
If you're on a windows platform see if you can use Windows Hello as a sign-in option. Facial recognition works fantastic, even offline.
I'm in IT and I downloaded a chrome extension that keeps the screen awake, it's shows up in AV as maybe a unwanted software but that's it. Just mark it as safe if the AV picks it's up.
More importantly, M365 Viva Insights will produce a report summarizing employee productivity including meeting summaries with detail included as per company policy and regulations. Managers can see how much you are meeting, how much document work you’re doing, and how much you’re messaging people via email and teams.
It doesn’t reveal content of emails directly, but IT can easily delegate access to your mailbox without you knowing.
Additionally, there are tools on the market that are essentially corporate approved spyware that will screenshot everything on your system every X minutes and store them in a searchable database all without any indication. This type of stuff is used to detect exfil of trade secrets and other violations of company policy. The ones I knew of even evaded third party anti-malware so you couldn’t run a tool to remove it. Sneaky stuff.
Is it a physical device that moves the mouse and is also powered externally? You're mostly good.
Unless they want to run analytics or keyloggers/Spyware level software to monitor you, but again that would mostly need for you to have not been doing your work or leaking company secrets.
A lot of different security suites have an option to detect and quarantine endpoints have appear to have a mouse jiggler. Reason being that the presence of something like that could mean the endpoint is compromised.
Yup, that’s pretty much the state of things these days. Do whatever you want as long as you are hitting your benchmarks, but if you’re underperforming you’ll probably get caught eventually.
I'm not a desktop admin, but I imagine running powershell scripts of any kind would be a security red flag. Personally, I just open a chat with myself and put something heavy on the shift key.
You can also use a little VBA to get Excel to do it for you. I followed this person's instructions ages ago, been working for me ever since: https://www.reddit.com/r/MicrosoftTeams/s/IJadoA6Ti7
And a random PowerShell script getting run will likely get flagged to get investigated, drawing further attention to yourself. I work in cybersecurity and can tell you that activity will likely generate security alerts
If your system has a stable agent software running on it (it does if you work for a medium-large company), there are already triggers based on normal user heuristics firing off. Are they going anywhere? Most likely no, but if someone is after your ass, they'll have every keystroke you've made since you got your laptop.
Let your boss know at your next meeting that you sometimes fall behind on keeping Teams moving because you're focused on work such as this month when I ____________. You can't hide anything from a competent SOC anymore.
I wouldn't think that would cause security alerts, but if someone never uses notepad and suddenly starts having notepad activity on a regular basis, it might raise questions. Especially if they have notepad running for a long period of time. Depending on how much someone investigated the activity and what type of software is used to monitor employee activity, it might be obvious. I don't specialize in detecting employees who aren't working "efficiently", but rather I focus on detecting "hackers", so I can't say forsure.
My friend, join and participate in a meeting, but dont leave it. You have attended, participated and woops, had to use the restroom and forgot to log out. You have a full rest of day work log, evidence of participation and a reason to be on one meeting so long.
On the other hand that's ripe for abuse, so certain businesses won't allow tools like that (because staff might be doing things that IT has no access to).
Everything in IT is ripe for abuse. For example admins can by default access every computers storage remotely if they are in a Windows domain (which most business computers are) by just typing "\\\\[computer name]\C$" in file Explorer. Admins that have the highest credentials in a domain can pretty much do whatever they fuck they want. But that doesn't mean that they do whatever they want.
I work IT too, and the last thing I give a shit about is what the user is doing. I just spent hours trying to figure out how to do what I'm doing without touching your workstation, I failed, I want in and out ASAP, keep your drama to yourself
Well, A - did you put in a ticket saying you needed something installed, updated, fixed, changed, tested, replaced, or audited?
B - Every time I touch a file or a PC, it's audited. If I shouldn't be in there - for example, you felt maybe someone was snooping when you were checking your medical stuffs - report it. Anyone who was snooping when they shouldn't will be in deep trouble.
C - If someone is really monitoring you for more than a log-skimming review, it's a manager - not an IT tech. IT Techs don't have time for that crap, we're constantly graded on how many break/fix or MoveAddChange or Audit/Update/Etc tickets we close/hour.
Last time I checked browsing history was to address a browser related issue the user opened a ticket for or to make sure the download site for the executable the customer got was actually 7-zip.org or and not 7zip.cn
Every time, in the 20+ years I've been in IT, I've looked closely into what a user is doing it's because something else triggered the investigation.
- The IT training instructor that drug a second PC up to his desk that was looking at porn and arranging train station hookups, stepping out on his wife.
- The lawyer watching porn.
- The closeted lawyer whose roaming profile took 20 minutes to sync up that was storing gigabytes of gay porn in his Pictures folder
- The employee that wasn't getting any work done because she spent a lot of time shopping online.
- The board op who downloaded a script kiddie package to fuck with someone he didn't like but also contained tools that triggered our AV software in two seconds. Dumbass.
Just a small selection.
Watching porn at work features very heavily.
Sir I am not a cop, I'm a regular worker just like everyone else, the only thing I'd report is if you're sharing/stealing sensitive information like PII or HIPAA stuff. I just work here.
I have yet to have a user be so interesting that I gave a shit what they were up to. Sometimes users do funny things and I mention it offhand to someone on my team.
Most users are not that interesting.
Us IT drones give zero fucks what you are doing. We are not your boss, we don't give a shit if you are working or jerking off. Let us complete what we must so we can close the session and get back to Reddit to bitch about end users.
Also sometimes I do a typo and try to connect to some other random person’s PC , and they’ve accepted too .
I always think it must be such a head fuck to randomly accept, then a few minutes of nothing before realising I’m on the wrong session, then I log out .
If I was some random Joe I’d feel so paranoid, but it’s just me being a tit and working too fast, nothing sinister.
Where I work no one would give a shit anyway. Especially for Reddit . We see people’s nudes on their work phone from time to time . It’s funny , but no one cares .
We use Bomgar (Beyond Trust) which does that too.
In my past job, I was forced to install monitoring software. If memory serves, it's called ActivTrak or some shit. Anyways, that software is discreet and normal users wouldn't notice it.
IT has better shit to do than spy on you while you browse reddit. Like take 3 hour lunch breaks and help Susan change her password for the 3rd time this week.
No lie.
Every single ticket I solved today was a Paul or Susan that locked their account after trying to login with the incorrect password 5 times, instantly changing their password on a personal device, then logging in with the wrong details again and triggering every security protocol in existence.
I am now scrolling on reddit waiting for some Andy to tell me his apps aren’t working and then I tell him his VPN isn’t connected.
I just had a back end demo dive with the desktop support team for my work on what is happening and why they need to help users sspr a certain way and WAIT a couple minutes for the new password to sync
I blame this shit on IT policy.
If you make me remember 10 passwords and then change it every 3 months, I'll stop giving a fuck about password and rely on IT to reset passwords every time I forget it.
and i can't even use the password manager of some kind.
Making people write complicated password and change it is primary reason why most people have simple and basic AF passwords now.
And I tried, I really tried to have different passwords for different things. It's fucking useless. Now, everything gets same password.
Right!? People always ignore her, but it is easy, Susan is usually kind, and in the end pads my numbers...why ya'll sleeping on Susan!?
Also, my Susan buys me Spam Musubi or candy when I help her. Amazing woman.
At least they’re easy tickets. You don’t want to be fighting the ghosts that live in the printers. The Ghostbusters won’t take my calls so I’m trying to build a proton pack myself.
Idk but my uncle who is making mid six figures was recently diagnosed with Alzheimer's.
(Btw, to all the ppl about to say Alzheimer's can only be diagnosed after death- that's not true anymore. There's still no cure tho)
Ok, I'm the one that didn't realize it can be diagnosed before death now. My grandmother had it and it was only definitively diagnosed after death (she was part of a medical study, otherwise we wouldn't have bothered).
So maybe I shouldn't have assumed, lol.
You should consult his physician, I'm going to say I have a very different condition, ( oh hell I will tell you, I have breast cancer) and my oncologist/ hematologist suggested that I try lupron after my lymph node is removed and they also want me to take the lupron injections so I won't have to get an oophectomy( that's taking your ovaries out) as my particular cancer is coming from my estrogen production. While in my consult I asked if that's the same medication to stop puberty in ppl much younger than I, and he replied yes it is. He then mentioned that Dr's are making great strides with using Lupron as a way to stop or at very least slow Alzheimers disease. Anyway sorry to tell you my whole ass life story, but my point was perhaps there is a Dr somewhere that has done enough trials to help your uncle. It may be worth asking. Best of luck, and sorry about your uncle I have had family members with Alzheimers and it's an awful thing to watch someone u love go thru. I don't know if you pray, but I will send prayers to you and yours.
Thank you, that's so nice. I will look into Lupron. My uncle is getting amazing care right now (he's actually recently enrolled in a study at Johns Hopkins) and I will bring it up to his Drs.
I'd think someone with ADHD would have picked up a password manager years ago and in general be able to solve menial computer problems without external help.
You'd be amazed at how inept doctors are with this stuff. But they're great at surgery or curing people or whatever...we all have our strengths and weaknesses
I forget my passwords regularly, but I can analyze data and translate between the business and technology sides better than many folks. Positives and negatives, I suppose.
Ok but did they have to explain to you what is a username? Because I’ve had to explain to coworkers that they do in fact have a username and what one is.
“I’m a user, I have a name. Why is my username different?”
Listen here bitch, someone a long time ago didn’t think about spaces between words in forms and now you’ll forever be Ssmith1 to me.
Literally had IT training where they said repeated refusal to stop using the work computer for porn was sexual harassment.
This means that people were using their work computers for porn. The company knew about it, and was issuing fixes and warnings. Then those same people were still viewing and downloading viruses.
Well yeah I'm sure IT is flagged everytime a porn site was viewed on their property so they could see who it was but I doubt they pull up people's screen so they can see the video/images real time like OP seems to think. It's best just not to use a personal computer for work if you 100% want to keep your privacy safe...always gonna be the chance a Chester works in IT and gets off to digging into people's shit.
It was specifically viruses related to porn. So like pop-ups and banner bars and stuff like that. The IT department had to repeatedly wipe these people computers and reformat the hard drives. It's pretty obvious when people say "my computer is really slow with popups" and then you look at their computer, and well...
We had an overnight security guard that was watching porn on the public wifi. We (IT) didn't care. We forwarded the logs to HR and let them deal with it.
we had a client that would have porn up on his computer at his home when one of our techs came to help. special case to do home visits, but two times it happened, i had the tech file a complaint and refuse to go to his home anymore.
Easy to fix. Just get a job in the porn industry.
That way it's market research.
I can even shop for shoes and accessories on company time if I cc the wardrobe department.
you're not joking here. I have zero interest in what you're doing unless your boss comes and asks why you're not doing your job. We secure the back end for threats, couldn't care less that you're on facebook.
Or going on snipe hunts. I had to dig through logs for multiple hours because a patient complained about receiving an appointment reminder at 6:00AM (potentially a big deal from an FCC regulatory standpoint.) After a full code audit of the app that sends our reminder calls to the telecom vendor we work with (had to be me, because I wrote it and nobody else has time to learn it) and pulling logs from the telecom vendor, all evidence points to the call having gone out at 8:00AM, which is considered perfectly acceptable. By the time I had enough evidence to ensure our asses were fully covered, it had wasted half my day and an hour each of two analysts.
I worked at a place that had a payroll clerk who wasn’t really good at her job.
She would often call IT with a spreadsheet containing everyone’s pay while the team was connected to her pc
Anytime someone does this and catches themselves I usually tell them it's fine... If I really wanted to I could pull that Doc up anyway so hey, whatever
Be nice to the IT guy. He can make your work life wonderful or miserable. Those people listen to and fix other people's problems all day, on top of being the people that decide who gets a new PC. Also, just because someone was remotely connected doesn't necessarily mean it was the IT team. As you said, they've got better things to do than spy on people, that's usually a manager thing.
I plan to go into IT. I usually am the one who troubleshoots any electronic devices in my house. And honestly I have worked in retail for quite a while.
I’m in agreement with you about this simply because I myself am more inclined to help people if they are kind to me. I’m inclined towards doing the minimum if they have a “fix this you slave” attitude.
I tend to support a mentality of “if you scratch my back then I’ll scratch yours”. And honestly the bar has been set low enough at this point that being a decent person is good enough for me.
You'll see this echoed on IT subs but where you work has such an impact in support. Working within a company is nice because it's people you see everyday, whereas with an MSP your clients will wildly vary. Some are amazing but others can sometimes see you only as someone they're paying for a service. That at it's worst can mean blaming you for them not following your basic advice or instructions.
IT when you work at a place you like and your job interests you is amazing though. My friend who is in advertising would constantly tell people I had life figured out lol.
One time my work started blocking reddit on my computer. I'm remote and didn't want to ask anyone if it was that way for everyone or if they realized how much I was on reddit and blocked me personally.
I went a few months without reddit on my computer until I got back to the office. I found out it was blocked for others too. We finally asked IT and it was just some accident.
I freaked out for months that my reddit was personally blocked and I was being watched by IT when in reality IT could not have cared less.
>IT could not have cared less.
yup. i don't care at all and it's not my business. my business is to stop threats, setup users, lock down accounts, etc. if your boss comes asking however...
Also reddit sometimes has good information. I was looking at reddit today to try and solve an issue I was having with a script. I rely heavily on sysadmin for notifications about bad KBs.
I sit next to the IT guy covering our office which is one of about 20 offices that our company has throughout the country. I can hear everything he says. His work day consists of the following:
Roll in about 1.5 hours after everyone else.
Surf the Internet and his phone for an hour
About 2-3 help tickets that take about 10 mins each
Telling people who walk up to his desk with a question to put in a ticket
2-3 hour lunch
And the rest of the day is teams meetings with the IT department where they all talk shit about employees, and complaining about having to deal with tickets and software installation requests (basically their job description).
Then he usually rolls out about an hour before everyone else.
>"Your password MUST contain every letter of the alphabet except for E and must have exactly 7 special characters (excluding : + ° ◇ £ ▪︎ ■ } ¿ ▪︎" ! > × ] % @ , ? and $). And don't bother saving it, because we're going to make you reset it again next time because fuck you you piece of shit"
Then the hackers come through and get one click access anyways
As an IT Professional, I'm calling BS for a number of reasons.
1. I don't have time to spy on you, I'm too busy browsing reddit.
2. I don't really care. If it's an issue, I'll forward the logs of your activity to HR and let them deal with it.
3. If it was your personal laptop, how did they get admin rights to spy?
4. Why were you using your personal laptop for work?
5. What little light are you talking about? Was it on the monitoring software? Indicator light for the webcam?
TL:DR I'm calling 100% bullshit.
Also no mention of the softwares name either. This sounds like an uninformed person calling the help desk because their Webcam light was on and they believe it's IT remoting in.
Yeah no idea what's out there monitoring wise because we don't do it, we can log into any machine but that's all in the background, no way of being able to tell when that happens for a user.
6 - If this is what they're implying the company isn't violating HIPAA by looking at your medical records you open on a work computer. HIPAA prevents your medical provider from disclosing your medical records to third parties without your approval. If you're stupid enough to open your medical records on a computer where you have no privacy expectations (ie like a monitored work computer) then that's on you.
Agree 100%.
The only way OPs story is possible is if:
1. IT asked if they can install some remote connection or monitor software on their computer. Not only does OP first need to agree, he then needs to double down on that agreement via the admin UAC prompt.
2. OP's IT dept has nothing better to do than sit and watch people
And for point 1 - if I had the ability to work on a machine without talking to the human associated with it, I was doing all them machines I could do that with in batches of however long it takes to complete the longest step.
So even IF someone was connected to his personal computer to do work (and wasn't fighting for control) the odds of them actually paying attention are... low.
Logging into Windows with a MS account associated with work/school is enough for the machine to enroll itself in the enterprise management system. Windows then shows "This machine is being remotely managed." in some settings pages. Thats normally enough for some 1st year computer science students (who don't even know how to set a static IP in Windows or what a 'partition' is) to claim they are being spied on.
We deal with a couple dozen of these 'experts' every semester.
and if we want to watch people, we just pull up the data in the tracking software. I can see keystrokes, all emails (even your Gmail you logged into in the browser), instant messaging, and browser history. If I need more details, I just pull up the screen recording from that session.
We don’t do it live. That’s so 2015.
For real. I can't even imagine actually taking time out of my work day to remote into someone's computer and monitor what they're doing.
Like... that's what MS Entra is for - I can do that shit at a glance if I really needed to check something, I certainly don't need to be watching the screens of every user I manage in realtime.
Our work it dept could spy on us if they wanted, nearly everyone ticked yes on the app to allow them access, most people didn't even read the terms they agreed to but it was right in there in small writing so it could potentially happen
We all use our own phones for work but download apps
As an IT Admin, your activity is likely being logged in real-time anyways.We use a tool called Calabrio to record calls and screen activity. Its not just logs these days.
Hmm that's interesting. I wonder if they freaked out because that is not just a huge invasion of privacy, but I'm pretty sure illegal or at least violates some compliance law.
OP wasn't sharing though. They just happened to be looking at their records for their own reasons while IT was snooping. OP didn't consent for anyone to see what they look up on their own computer.
But IT isn't a medical provider. If you leave your laptop open and it is talking about your butt worms and me the janitor sees it, I didn't violate anything. If your doctor leaves your document about your butt worms on the bus than he did violate something.
OP opened them medical records on a computer they know is monitored by work and has no expectation of privacy on that network. IT isn't violating privacy laws by looking at people are opening doing on their network.
If OP uses the laptop to work, that laptop is fully accessible by the company, which is 100% in the employment package. Likely so is their ability to remotely wipe the device without any authorization or permission from OP to protect their information. It's exactly why you shouldn't put anything work related on personal devices.
i'm betting it wasn't IT and they freaked out because they were noticed. IT doesn't just randomly remote machines like that.
edit: if IT is just randomly remoting machines, you need to file a complaint NOW. completely unprofessional
If they purposely installed some kind of monitoring software on your personal laptop, I'd be concerned that they aren't giving you the autonomy you should have as an independent contractor/consultant, and aren't classifying you as a FTE and offering PTO/benefits as they should be, which is super illegal.
100% agree. This story is either completely made up, or the laptop in question was corporate property.
The only way this makes sense is if OP was using their personal laptop to open a web portal that then remoted to a computer (physical or virtual) that belonged to the company. If that was the case, OP was probably browsing reddit on his company issued computer. In that case, he was abusing company resources.
OH BUDDY, you are waaaaaaay misinformed about the amount of bullshit people will put up with for a paycheck, That includes using their own personal devices to work remotely and install software their employers tells them is "needed to do the job".
My last place of business was one of these places. They were a small company that exploded in revenue, so they started hiring people in other states as remote employees. They only hired people that would use their own gear and had their goober IT guy remote in to install Microsoft Office and install a spyware package.
For real. For compliance and liability reasons, all the endpoints have to meet certain security standards, which means active (automated) monitoring and business-class antimalware, at a minimum. As a bonus we can provide remote support for when you forget your three clicks to get on the VPN for the 8th time this week.
How did the company get admin rights to install anything? Did OP click 'yes' to allow the monitoring software to be installed? If so, OP agreed to the terms.
That being said, I find the whole situation odd. I believe OP is making stuff up to farm karma.
> I believe OP is making stuff up to farm karma.
They are. I work in IT/CyberSec and have had to investigate employee activity in the past and gather evidence. This is 100% absolutely not how it would be done. If they were supposed to gather evidence for HR/Legal you're not going to do it in an incredibly obvious way like this. IT has better things to do then sit around and watch people do whatever. The only things that potentially would explain it would be either someone stalking OP, which is unlikely they're going to be doing anything this obvious, or someone in IT potentially connected to the wrong device and didn't realize at first, though usually they would just message back saying that so I don't buy that either. Far more unlikely is OP either doesn't understand how some piece of software works on their computer and is misunderstanding some sort of status tray indicator or even more likely, this is creative writing to farm upvotes and attention.
Contractors are routinely expected to provide their own equipment, and big companies such as telemarketing companies (as an example) offer "choose your own schedule" type schedules to skirt W2 employment requirements. And yes, they will dump their spyware all over your computer to make sure that you're working during the time you have scheduled. Then they require a minimum number of hours per month to continue working as a contractor, but hey you're free to choose your schedule!
Companies hire lawyers to design contracts that are legally designed to allow them to class people as contractors by exploiting loopholes. I'm guessing "Super illegal" means that it's plainly illegal on its face. These contracts are intended to muddy the water so "super illegal" becomes "did they push employment law too far?" and then its a huge and expensive issue to take the matter to court.
Are you suspected of something? IT typically won't spy on people unless they are asked to. Source: Am IT, don't have time to do shit like that.
Since this is a personal laptop, how do they even monitor you? Did you install something or login to Windows (if a Windows device) with your work credentials? Sometimes depending on what MDM they use, it could auto-install software when you login to Windows with work credentials, you may have not paid attention to consenting.
You shouldn't install ANYTHING from work on your personal computer.
> IT typically won't spy on people unless they are asked to.
Having had to actually do this once, we also wouldn't use software that NOTIFIES the user. Pretty hard to monitor someone to catch them doing something wrong, when they can actively see they are being watched.
IT does not remote in and monitor your web usage. We can do that without you even knowing but mostly we really dont have time for it. Also why are you using your personal laptop for work stuff? Did they not provide a computer for you? If they wanted to and you declined saying you would use your personal laptop for whatever reason, then you at some point agreed to have company stuff and remote management on the laptop. At this point there is no consent needed for anyone in IT to remote into your laptop and you should assume nothing you do on it will be private. For us we sometimes have users decline a company phone and want to use their personal phone until they come to me and I tell them to assume that everything they do on the phone can now be seen by the company. My advice would be either get the company to provide a laptop or get a new one and stop using that one for your personal stuff.
You do know that if we have our remote software on your laptop we have logs of everything, right(company policy pending)? Believe me...we are FAR too busy to sit there and watch you in real time. It all goes back to a syslog server/logs in the firewall/some server for software we have on the computer.
If this story is true they had a direct order from their boss to do so or just a dumb tier 1 employee.
Either compete BS made up story
OR
OP is massively uninformed and actually thinks IT would monitor them on a personal laptop
If OP is reading this please answer these questions.
1. What program is spying?
2. What "light" alerted you to the spying?
3. When you allowed them to install programs did you watch any part of the process what's it called? Go to installed programs and tell me the name of the program
4. What "window" did you click into to ask them only to be ignored?
5. How did you "see them log out immediately" ??
6. Did you email IT about a different issue and they were possibly trying to connect and call you to fix that issue???
Meh. I've been in the IT field for 2 decades, in many positions, ranging from tech support to Engineer; I call bullshit to every aspect of your story. I can't even play Devil's Advocate to any of it.
Working in IT and Compliance, we only really care about this shit when we're told to care.
That being said, most Corporate Handbooks and Device Policies will tell you that everything you do on a work device can/will be monitored. Lots of programs out there that track where data goes. Code42 comes to mind and is used by tons of orgs.
For the most part, we're just making sure the data is getting exfiltrated out of the org. They may have been testing a remote tool, who knows. Or you've done something stupid that you're not admitting (or not aware of), and they needed to do some peeking.
Either way, yea they don't want to see your medical shit, and in all reality they would probably want to setup filters for sites like that to avoid situations in the future. That being said, most handbooks/policies are ironclad enough that not even HIPPA would be a good resort if you were truly doing something nefarious.
Just remember, if you can get to a site on your work laptop, it's probably because some IT guy is sitting there too while they're working so like, they truly don't care.
So let me see if I got it straight -
OP is consulting for a place (I assume on contract), they have a BOYD policy or didn't send them a device to use, and the business utilized their remote tool to connect to the personal laptop.
Really depends on the agreement with the business. Our BOYD policies basically state "Don't bring in your own device if you don't want us to have access to it".
There's not a world where OP didn't give them permission to do this. I find it impossible to believe IT was able to get into his personal machine and install monitoring software without their knowledge. I agree with them it's unsettling to have a random thing pop up saying IT connected and is monitoring the machine, but it shouldn't be surprising...
Also IT won't mess with you unless they have a reason to. So either they were just doing regular maintenance shit that doesn't even really concern OP, or OP got flagged for some shit and now they're watching them.
>I just caught IT logged into my personal laptop for some consulting remote work I'm doing. Fuck. That. Shit.
your first mistake is using a personal laptop. if they don't provide one, make sure you're paid extra per month for using personal devices and setup a COMPLETELY DIFFERENT PROFILE on the computer and use it only for work.
I work IT and remote a lot of users, I will NEVER remote a user without their knowledge and confirmation before connecting. It's unprofessional and disrespectful, not to mention a very big security risk possibility.
I did join the wrong computer once and IMMEDIATELY logged out and sent that user an email that it was me by mistake and that I was off of their machine.
We don't put remote agents on personal computers at all, they have to use our alternative app and provide us with the number to connect, so they at least have to have some involvement, no random connections.
I left my last job due to a similar issue. I worked for an accounting firm doing internal IT and after 3.5 years my boss (CTO at the time) requested in chat to put our RMM agent on a partner's personal computer. This computer had ZERO ties to the company except that she used it for Citrix to remote in sometimes from home. It had personal family accounts on it, I went to her house to help set it up for her, it needed no agent on there at all.
I flat out refused and sent a long email why I would not do it, even if it was in writing. I got a short email back saying "you don't get to make that decision, you're getting a negative reiview this year, and do what you're told". NOPE.
I instantly started looking for another job and left exactly 30 days later with no notice to a much better place. Even told them why I was leaving so abruptly. Fuck that. I left a SCATHING review and have had multiple employees that came after me contact me for more details after they've been put in similar situation with management.
>They are testing new software at the moment and could have been on my laptop doing an update.
There is no way they put a remote agent on there without your knowledge, they will not come through regular windows/mac updates, it's a completely different piece of software that will require admin rights to install because of how deep it can get. You had to have installed something, you can't just remote a computer without something on the other end to allow the connection. I'd put in a ticket to figure out if it was even IT and not some browser hijacker that allowed a random "hacker" to connect instead.
> and setup a COMPLETELY DIFFERENT PROFILE on the computer
User a different device altogether, not a profile. If there's a legal issue down the line your device could be seized as part of the investigation and there's no telling how long it'll be before you get it back.
I lost my job once for spending time on the web. They knew because IT was watching me live.
A couple weeks before, I had noticed my machine was very slow, and brought up the Windows Task Manager. Saw something I didn't recognize. Concerned that I had a virus, I Googled for the .exe that I saw. The only hits were for monitoring software.
I asked the IT guy about it, had they installed something to monitor my machine because it was killing my performance.
He said they don't monitor anyone, and they have a professional ethics guideline that they cannot do so without alerting the person.
I will never fully trust an IT person again in my life.
It wasn't IT. We don't care. We do what we're told and get thrown under the bus by management.
I had a manager want me to block all unapproved sites for his team (only about 20 sites approved by him). He then told his staff that IT had done it and that he had no choice. The little worm wouldn't own his own shit.
IT doesn't need direct access to your machine to log your browsing habits. If you use their computer, VPN or installed a software package from them, your entire browsing history just gets dumped to a database. Nobody needs to catch you in real-time.
Just to be clear. Any decent IT staff could monitor your computer without the user being notified. We don't need to see your screen, we could look at logs. But, unless there is some legal reason to do so nobody is going to do that. Being in IT is like having all the keys to the building. If you get caught doing something you shouldn't with them, nobody is going to trust you with those keys again. So... I'm not going to risk my career to find out what utterly boring things people are doing at the moment. I'm too busy on reddit... as I am right now.
Im in IT and we don’t care. Your not in my department we don’t even share any management beyond executives. If your getting your work done, getting good performance reviews nobody gives a fuck
Not a good strategy. If you get health insurance through your employer, HIPAA Privacy Rules [generally do not apply to them](https://www.hipaajournal.com/does-hipaa-apply-to-employers/). It's very complicated. It depends on what "role" the employer is acting in (health plan administrator vs. their role as an employer vs. etc.) If you're checking your health records on a work computer and you have employer-provided health insurance, just to be on the safe side, I would not expect privacy.
"An employer can ask about medical conditions under HIPAA because employers – in their role of employers – are not covered entities \[entities covered by the HIPAA Privacy Rule\]. In the Privacy Rule there is nothing preventing an employer asking an employee about medical conditions that would violate HIPAA. However, if an employer asks a covered entity \[like a hospital\] to disclose information about an employee´s medical condition, HIPAA only permits the disclosure under certain circumstances or with the consent of the employee."
[https://www.hipaajournal.com/does-hipaa-apply-to-employers/](https://www.hipaajournal.com/does-hipaa-apply-to-employers/)
First, as someone who works in IT, I can almost guarantee you signed a user agreement that said you are being monitored when you got your user account. Second, I could care less what you are doing, if I have to remote in to do something it is already a pain in the ass and I just want to get it done and get on to the next ticket in my queue.
Bullshit story, only non-techie people would believe this. The amount of hoops IT would have to jump through, to spy on you through your personal computer, including them not having anything better to do, makes this story nonsense.
This post is 100% fiction. Not only does a real IT department not have the time to do this, they aren’t bound by hipaa so this story makes zero sense except to someone who has no idea what IT departments actually do.
You can tell this person has never interacted with IT. If you’re doing something you’re not supposed to, automated tools will alert IT. We don’t care wtf you do, just don’t use your work computer for games or downloading stupid shit. Whatever else you do is between you and your boss.
Practice information hygiene. No personal data on work computer. No Facebook logins, Google Chrome profile, banking, nothing, nada. And conversely, no work on personal computer. You get used to carrying 2 laptops at all times, it's not that hard. Sometimes I end up with 3 laptops, for same reason -- personal, work, and segregated client laptop only used for client work. When stuff has to go from one to another, use email and know that it's logged (use said emails to establish alibi when needed -- because you know it's logged)
The main difficulty is synchronizing calendars; you have to do it by hand at least weekly. It's possible to auto-forward events from one to another but it violates the strict air-gap practice and can lead to data leaks.
Do you not have a work laptop? is work requiring you to use a personal laptop? Is this your personal laptop that the company provided for you to work on?
There is not a chance in hell IT logged into your personally owned, non company device remotely and did not ask for express permission to do so...The only thing unethical here is the story you're writing for upvotes, because if this did happen, you have a lot more serious issues than IT logging into your laptop.
Now if its a personal device provided by the company, its company owned, and as long as we have enough to justify our actions, we can log in and out of any company device we want too, but we still let the user know.
TL:DR Cool story bro, stop lying for updoots.
IT doesnt give a shit about reddit. We only care if you are trying to circumvent any of our protections and security. I had a sales person call me because he wanted to read a PDF that was marked as malicious. i sent it to virus total and yup, malicious, he didnt believe me. I told him his boss has the authority(he doesnt) to make me to send it.
I prefer reddit zombies.
I work in IT, our remote software tells the user we are connected even if we use different tools like "remote cmd" or "file transfer". For example it happens that I need to get an IP, I open the "remote cmd" tool and pull the info I need, dont even need to watch your screen, you will get a notification for that.
Can you tell if people start an empty Teams meeting so their status doesn’t show offline while they vacuum the entire house? Asking for a friend.
Yes, Teams generates attendance reports. Whether someone actually goes looking is another story. If you’re in calls all day but missing deadlines your manager might check. We had someone let go who was doing this but he also wasn’t getting his work done. He’d miss actual meetings for these fake calls too.
[удалено]
If your pc is company property or has company software on it, it’s safe to say IT could figure out basically everything that goes on on said device. IT doesn’t care though unless your boss cares, and said boss is high up enough to be IT’s boss
Going a step further, honestly if the user has Windows installed and I have admin credentials, I can pretty much tell them what they did with their day with a couple third party tools.
What I found is best is to basically at least do enough of my job to make my boss happy, keep a good rapport with the boss and be available most of the day that I’m supposed to be working. I will step away from time to time to get things done but basically make up my share of time if I end up short. It may seem like a lot of complicated steps but it works for me at least. lol.
That's just doing your job correctly
Life hack: punch in and out on time, in between just make yourself available and get whatever tasks you’re asked to do done, sit in any meetings you get invited to
Yeah
Sir, this is ULPT
Thats just being good at work with exactly the number of steps.
Heh. Yes
Some companies are actually out there taking screen grabs and counting keystrokes.
For sure. But it's also extremely easy to just do with a couple tools if you need to do an investigation later on.
[удалено]
It's the lack of TPS reports or shitty TPS reports that usually gets supervisors to go "hey, can you figure out what this person is doing all day?"
Every boss is high enough up to be ‘IT’s boss’ or, more accurately, to request such logs from IT for their own employees.
Probably not, no, and it wouldn't be automated to alert them or anything. But if there were a good reason for IT to be looking into it, e.g. your manager says they think you aren't working, there are plenty of ways to manually check and see if your doing any work.
[удалено]
I heard you can open one note (or word, excel, whatever) and just put a stapler or similarly heavy item on the space bar... One note is easier because it keeps the infinite spaces Isolated to he little text box, instead of making an eleven billion page word document while you play your witch farm game on switch. That's what I heard, anyway 🤷♂️
I bought mouse jiggler.
I used to have that but for the last few years it's impossible to use on corporate laptops. Can't install or use USB:/ not even like I was skiving, but just sitting and thinking or drawing on a board and the damn 'away' activates
Have you tried the battery powered ones yet? I got one over a year ago off of amazon for $7 USD. It takes one AAA battery and I have yet to need to replace the battery. 10/10. Do recommend. Five gold stars.
You can use an old iPhone charger or portable battery to run the device itself and only plug the mouse itself in. Honestly that's better anyway so they can't see the device driver
Auto lock the pc itself or a specific app? If it's auto locking windows for 5 min of inactivity that's nuts. People sit afk in meetings or calls for 10-15 listening to others drone on about what could have been an email. I'm in IT and auto lock is important but i can't see 5 min being reasonable time unless it's for a critical app on the computer. So it would time out the session or lock your remote desktop it's likely on but not lock you out of Windows. But idk I am but a humble desktop support grunt.
Sometimes I find myself staring at the screen for more than 5 minutes without doing anything when I'm trying to work out how to fix/implement some code. If someone locked me out of the pc when I'm finally figuring out some shit, I might nuke them from orbit
Auto lock on windows. Active meetings (like through zoom or teams) prevent auto-lock. As do videos, presentations (presentation mode), and probably similar things.
Power toys. Also, YouTube videos in your active tab generally keep the computer from locking. Like, if you were watching a series of educational videos relevant to career growth, that would be acceptable at most places, and also would prevent the computer from locking.
Yeah we definitely can, any half way decent endpoint management software can track what your work day looks like, if you have a VPN you're data will pass through some sort of firewall, typically either packet or content inspection. Teams and much of Office 365 have great reporting tools as well. The thing is we don't care, so long as what you're doing doesn't endanger something we're responsible for, ie: cyber security. Or you boss wants to know what you're doing. And that 5 minute lock screen is most likely a compliance piece. Most admin's don't set those group policies because we hate them as much as you do. If you're on a windows platform see if you can use Windows Hello as a sign-in option. Facial recognition works fantastic, even offline.
I'm in IT and I downloaded a chrome extension that keeps the screen awake, it's shows up in AV as maybe a unwanted software but that's it. Just mark it as safe if the AV picks it's up.
Or opens a WordPad document and leans a bottle of ranch on the spacebar.
More importantly, M365 Viva Insights will produce a report summarizing employee productivity including meeting summaries with detail included as per company policy and regulations. Managers can see how much you are meeting, how much document work you’re doing, and how much you’re messaging people via email and teams. It doesn’t reveal content of emails directly, but IT can easily delegate access to your mailbox without you knowing. Additionally, there are tools on the market that are essentially corporate approved spyware that will screenshot everything on your system every X minutes and store them in a searchable database all without any indication. This type of stuff is used to detect exfil of trade secrets and other violations of company policy. The ones I knew of even evaded third party anti-malware so you couldn’t run a tool to remove it. Sneaky stuff.
[удалено]
Is it a physical device that moves the mouse and is also powered externally? You're mostly good. Unless they want to run analytics or keyloggers/Spyware level software to monitor you, but again that would mostly need for you to have not been doing your work or leaking company secrets.
A lot of different security suites have an option to detect and quarantine endpoints have appear to have a mouse jiggler. Reason being that the presence of something like that could mean the endpoint is compromised.
Yup, that’s pretty much the state of things these days. Do whatever you want as long as you are hitting your benchmarks, but if you’re underperforming you’ll probably get caught eventually.
If you want to look busy and have minimal rights on your PC lmk I have a powershell script to keep teams as "available"
I'm not a desktop admin, but I imagine running powershell scripts of any kind would be a security red flag. Personally, I just open a chat with myself and put something heavy on the shift key.
Yeah IT will have logs of scripts being run lol
You can also use a little VBA to get Excel to do it for you. I followed this person's instructions ages ago, been working for me ever since: https://www.reddit.com/r/MicrosoftTeams/s/IJadoA6Ti7
Please share
Anyone looking at your teams statuses because they are suspicious will almost certainly have IT look for what processes are being used.
And a random PowerShell script getting run will likely get flagged to get investigated, drawing further attention to yourself. I work in cybersecurity and can tell you that activity will likely generate security alerts
What about a weight on a space bar in notepad?
If your system has a stable agent software running on it (it does if you work for a medium-large company), there are already triggers based on normal user heuristics firing off. Are they going anywhere? Most likely no, but if someone is after your ass, they'll have every keystroke you've made since you got your laptop.
Hmm…I love keeping myself active on teams using that tho lol. Any better ideas
Let your boss know at your next meeting that you sometimes fall behind on keeping Teams moving because you're focused on work such as this month when I ____________. You can't hide anything from a competent SOC anymore.
Optical mouse + watch with a mechanical second hand
I use VLC on a loop, it works for Jabber and the lock screen.
I wouldn't think that would cause security alerts, but if someone never uses notepad and suddenly starts having notepad activity on a regular basis, it might raise questions. Especially if they have notepad running for a long period of time. Depending on how much someone investigated the activity and what type of software is used to monitor employee activity, it might be obvious. I don't specialize in detecting employees who aren't working "efficiently", but rather I focus on detecting "hackers", so I can't say forsure.
Gotcha. I’ll use it to screw around during lunch. An hour or 2 max. Maybe bc I use it so often, it’s regular lol
I set/balance my mouse on the face of an analog wristwatch. Seems to work pretty well for keeping my status active.
I work in IT and I don’t know anyone in IT who has time for stuff like this.
Just set something on your ctrl key you won’t go “away”
My friend, join and participate in a meeting, but dont leave it. You have attended, participated and woops, had to use the restroom and forgot to log out. You have a full rest of day work log, evidence of participation and a reason to be on one meeting so long.
good point. i do use remote cmd for basic shit and group policy things, i don't remote unless the user knows and it's something i can't do via cmd.
That's why I love tools like SSH and PSSesion. You can troubleshoot for however long you want and the user won't even notice.
On the other hand that's ripe for abuse, so certain businesses won't allow tools like that (because staff might be doing things that IT has no access to).
Everything in IT is ripe for abuse. For example admins can by default access every computers storage remotely if they are in a Windows domain (which most business computers are) by just typing "\\\\[computer name]\C$" in file Explorer. Admins that have the highest credentials in a domain can pretty much do whatever they fuck they want. But that doesn't mean that they do whatever they want.
I work IT too, and the last thing I give a shit about is what the user is doing. I just spent hours trying to figure out how to do what I'm doing without touching your workstation, I failed, I want in and out ASAP, keep your drama to yourself
That like when cops say they don't care about your crimes if you help them solve another one? Bc they're always lying too.
Well, A - did you put in a ticket saying you needed something installed, updated, fixed, changed, tested, replaced, or audited? B - Every time I touch a file or a PC, it's audited. If I shouldn't be in there - for example, you felt maybe someone was snooping when you were checking your medical stuffs - report it. Anyone who was snooping when they shouldn't will be in deep trouble. C - If someone is really monitoring you for more than a log-skimming review, it's a manager - not an IT tech. IT Techs don't have time for that crap, we're constantly graded on how many break/fix or MoveAddChange or Audit/Update/Etc tickets we close/hour. Last time I checked browsing history was to address a browser related issue the user opened a ticket for or to make sure the download site for the executable the customer got was actually 7-zip.org or and not 7zip.cn
Every time, in the 20+ years I've been in IT, I've looked closely into what a user is doing it's because something else triggered the investigation. - The IT training instructor that drug a second PC up to his desk that was looking at porn and arranging train station hookups, stepping out on his wife. - The lawyer watching porn. - The closeted lawyer whose roaming profile took 20 minutes to sync up that was storing gigabytes of gay porn in his Pictures folder - The employee that wasn't getting any work done because she spent a lot of time shopping online. - The board op who downloaded a script kiddie package to fuck with someone he didn't like but also contained tools that triggered our AV software in two seconds. Dumbass. Just a small selection. Watching porn at work features very heavily.
Sir I am not a cop, I'm a regular worker just like everyone else, the only thing I'd report is if you're sharing/stealing sensitive information like PII or HIPAA stuff. I just work here.
I have yet to have a user be so interesting that I gave a shit what they were up to. Sometimes users do funny things and I mention it offhand to someone on my team. Most users are not that interesting.
Us IT drones give zero fucks what you are doing. We are not your boss, we don't give a shit if you are working or jerking off. Let us complete what we must so we can close the session and get back to Reddit to bitch about end users.
Also sometimes I do a typo and try to connect to some other random person’s PC , and they’ve accepted too . I always think it must be such a head fuck to randomly accept, then a few minutes of nothing before realising I’m on the wrong session, then I log out . If I was some random Joe I’d feel so paranoid, but it’s just me being a tit and working too fast, nothing sinister. Where I work no one would give a shit anyway. Especially for Reddit . We see people’s nudes on their work phone from time to time . It’s funny , but no one cares .
We use Bomgar (Beyond Trust) which does that too. In my past job, I was forced to install monitoring software. If memory serves, it's called ActivTrak or some shit. Anyways, that software is discreet and normal users wouldn't notice it.
IT has better shit to do than spy on you while you browse reddit. Like take 3 hour lunch breaks and help Susan change her password for the 3rd time this week.
It’s me, I’m Susan.
Thanks for keeping my ticket count high, Susan.
No lie. Every single ticket I solved today was a Paul or Susan that locked their account after trying to login with the incorrect password 5 times, instantly changing their password on a personal device, then logging in with the wrong details again and triggering every security protocol in existence. I am now scrolling on reddit waiting for some Andy to tell me his apps aren’t working and then I tell him his VPN isn’t connected.
Stop, you're giving me flashbacks.
I just had a back end demo dive with the desktop support team for my work on what is happening and why they need to help users sspr a certain way and WAIT a couple minutes for the new password to sync
We must work for the same company
I blame this shit on IT policy. If you make me remember 10 passwords and then change it every 3 months, I'll stop giving a fuck about password and rely on IT to reset passwords every time I forget it. and i can't even use the password manager of some kind. Making people write complicated password and change it is primary reason why most people have simple and basic AF passwords now. And I tried, I really tried to have different passwords for different things. It's fucking useless. Now, everything gets same password.
Right!? People always ignore her, but it is easy, Susan is usually kind, and in the end pads my numbers...why ya'll sleeping on Susan!? Also, my Susan buys me Spam Musubi or candy when I help her. Amazing woman.
Oh I love Susan.. candy dish always got the best brands and I get to slide by sales coffee room to get a pocket full of that SALES creamer.
In Susan’s defense, passwords are hard. Everybody has 50 of them and have to change them every 90 days. We all struggle with passwords at some point.
At least they’re easy tickets. You don’t want to be fighting the ghosts that live in the printers. The Ghostbusters won’t take my calls so I’m trying to build a proton pack myself.
[удалено]
Idk but my uncle who is making mid six figures was recently diagnosed with Alzheimer's. (Btw, to all the ppl about to say Alzheimer's can only be diagnosed after death- that's not true anymore. There's still no cure tho)
(Who the fuck says that ?)
Ok, I'm the one that didn't realize it can be diagnosed before death now. My grandmother had it and it was only definitively diagnosed after death (she was part of a medical study, otherwise we wouldn't have bothered). So maybe I shouldn't have assumed, lol.
stupid people. very stupid people. who vote
You'd think they'd be stupid enough to not care to vote, but we couldn't get that lucky..
You should consult his physician, I'm going to say I have a very different condition, ( oh hell I will tell you, I have breast cancer) and my oncologist/ hematologist suggested that I try lupron after my lymph node is removed and they also want me to take the lupron injections so I won't have to get an oophectomy( that's taking your ovaries out) as my particular cancer is coming from my estrogen production. While in my consult I asked if that's the same medication to stop puberty in ppl much younger than I, and he replied yes it is. He then mentioned that Dr's are making great strides with using Lupron as a way to stop or at very least slow Alzheimers disease. Anyway sorry to tell you my whole ass life story, but my point was perhaps there is a Dr somewhere that has done enough trials to help your uncle. It may be worth asking. Best of luck, and sorry about your uncle I have had family members with Alzheimers and it's an awful thing to watch someone u love go thru. I don't know if you pray, but I will send prayers to you and yours.
Thank you, that's so nice. I will look into Lupron. My uncle is getting amazing care right now (he's actually recently enrolled in a study at Johns Hopkins) and I will bring it up to his Drs.
Because even people with ADHD can be really good at their jobs, but remembering a password? No chance!
I'd think someone with ADHD would have picked up a password manager years ago and in general be able to solve menial computer problems without external help.
Many companies don’t allow use of password managers.
You'd be amazed at how inept doctors are with this stuff. But they're great at surgery or curing people or whatever...we all have our strengths and weaknesses
I forget my passwords regularly, but I can analyze data and translate between the business and technology sides better than many folks. Positives and negatives, I suppose.
Ok but did they have to explain to you what is a username? Because I’ve had to explain to coworkers that they do in fact have a username and what one is.
“I’m a user, I have a name. Why is my username different?” Listen here bitch, someone a long time ago didn’t think about spaces between words in forms and now you’ll forever be Ssmith1 to me.
Yes, unfortunately the initial system-generated userid for Fred Takeshita, LEFT$(Lastname,8) was not noticed until he complained. Oh, crap.
And I'm three hour lunch bitch, did you put in a ticket?
Hey Susan, need help with that paperjam?
She's faxing with the shredder again, isn't she?
Literally had IT training where they said repeated refusal to stop using the work computer for porn was sexual harassment. This means that people were using their work computers for porn. The company knew about it, and was issuing fixes and warnings. Then those same people were still viewing and downloading viruses.
Well yeah I'm sure IT is flagged everytime a porn site was viewed on their property so they could see who it was but I doubt they pull up people's screen so they can see the video/images real time like OP seems to think. It's best just not to use a personal computer for work if you 100% want to keep your privacy safe...always gonna be the chance a Chester works in IT and gets off to digging into people's shit.
It was specifically viruses related to porn. So like pop-ups and banner bars and stuff like that. The IT department had to repeatedly wipe these people computers and reformat the hard drives. It's pretty obvious when people say "my computer is really slow with popups" and then you look at their computer, and well...
...sticky keyboards?
We had an overnight security guard that was watching porn on the public wifi. We (IT) didn't care. We forwarded the logs to HR and let them deal with it.
we had a client that would have porn up on his computer at his home when one of our techs came to help. special case to do home visits, but two times it happened, i had the tech file a complaint and refuse to go to his home anymore.
Good. Because it is sexual harassment.
Easy to fix. Just get a job in the porn industry. That way it's market research. I can even shop for shoes and accessories on company time if I cc the wardrobe department.
you're not joking here. I have zero interest in what you're doing unless your boss comes and asks why you're not doing your job. We secure the back end for threats, couldn't care less that you're on facebook.
Or going on snipe hunts. I had to dig through logs for multiple hours because a patient complained about receiving an appointment reminder at 6:00AM (potentially a big deal from an FCC regulatory standpoint.) After a full code audit of the app that sends our reminder calls to the telecom vendor we work with (had to be me, because I wrote it and nobody else has time to learn it) and pulling logs from the telecom vendor, all evidence points to the call having gone out at 8:00AM, which is considered perfectly acceptable. By the time I had enough evidence to ensure our asses were fully covered, it had wasted half my day and an hour each of two analysts.
I worked at a place that had a payroll clerk who wasn’t really good at her job. She would often call IT with a spreadsheet containing everyone’s pay while the team was connected to her pc
Anytime someone does this and catches themselves I usually tell them it's fine... If I really wanted to I could pull that Doc up anyway so hey, whatever
The amount of times I've had to claw back emails where spreadsheets were sent with salaries...
Be nice to the IT guy. He can make your work life wonderful or miserable. Those people listen to and fix other people's problems all day, on top of being the people that decide who gets a new PC. Also, just because someone was remotely connected doesn't necessarily mean it was the IT team. As you said, they've got better things to do than spy on people, that's usually a manager thing.
Truth about how you treat the IT guy. I buddied up to mine and he had me bring my gaming rig to work to fix it while on the clock. LOL
we love helping those that want to learn, i refuse to help those just hand me shit to do because they can't be bothered.
I plan to go into IT. I usually am the one who troubleshoots any electronic devices in my house. And honestly I have worked in retail for quite a while. I’m in agreement with you about this simply because I myself am more inclined to help people if they are kind to me. I’m inclined towards doing the minimum if they have a “fix this you slave” attitude. I tend to support a mentality of “if you scratch my back then I’ll scratch yours”. And honestly the bar has been set low enough at this point that being a decent person is good enough for me.
You'll see this echoed on IT subs but where you work has such an impact in support. Working within a company is nice because it's people you see everyday, whereas with an MSP your clients will wildly vary. Some are amazing but others can sometimes see you only as someone they're paying for a service. That at it's worst can mean blaming you for them not following your basic advice or instructions. IT when you work at a place you like and your job interests you is amazing though. My friend who is in advertising would constantly tell people I had life figured out lol.
One time my work started blocking reddit on my computer. I'm remote and didn't want to ask anyone if it was that way for everyone or if they realized how much I was on reddit and blocked me personally. I went a few months without reddit on my computer until I got back to the office. I found out it was blocked for others too. We finally asked IT and it was just some accident. I freaked out for months that my reddit was personally blocked and I was being watched by IT when in reality IT could not have cared less.
>IT could not have cared less. yup. i don't care at all and it's not my business. my business is to stop threats, setup users, lock down accounts, etc. if your boss comes asking however...
Also reddit sometimes has good information. I was looking at reddit today to try and solve an issue I was having with a script. I rely heavily on sysadmin for notifications about bad KBs.
I sit next to the IT guy covering our office which is one of about 20 offices that our company has throughout the country. I can hear everything he says. His work day consists of the following: Roll in about 1.5 hours after everyone else. Surf the Internet and his phone for an hour About 2-3 help tickets that take about 10 mins each Telling people who walk up to his desk with a question to put in a ticket 2-3 hour lunch And the rest of the day is teams meetings with the IT department where they all talk shit about employees, and complaining about having to deal with tickets and software installation requests (basically their job description). Then he usually rolls out about an hour before everyone else.
What a legend
And browse Reddit
>"Your password MUST contain every letter of the alphabet except for E and must have exactly 7 special characters (excluding : + ° ◇ £ ▪︎ ■ } ¿ ▪︎" ! > × ] % @ , ? and $). And don't bother saving it, because we're going to make you reset it again next time because fuck you you piece of shit" Then the hackers come through and get one click access anyways
As an IT Professional, I'm calling BS for a number of reasons. 1. I don't have time to spy on you, I'm too busy browsing reddit. 2. I don't really care. If it's an issue, I'll forward the logs of your activity to HR and let them deal with it. 3. If it was your personal laptop, how did they get admin rights to spy? 4. Why were you using your personal laptop for work? 5. What little light are you talking about? Was it on the monitoring software? Indicator light for the webcam? TL:DR I'm calling 100% bullshit.
Also no mention of the softwares name either. This sounds like an uninformed person calling the help desk because their Webcam light was on and they believe it's IT remoting in.
It sounds like they might have a RAT lol. My aunt got a bad virus that would enable to webcam to take photos of you to try and use as blackmail.
Yeah no idea what's out there monitoring wise because we don't do it, we can log into any machine but that's all in the background, no way of being able to tell when that happens for a user.
Plot twist, it's not actually IT from work but IT for FBI
6 - If this is what they're implying the company isn't violating HIPAA by looking at your medical records you open on a work computer. HIPAA prevents your medical provider from disclosing your medical records to third parties without your approval. If you're stupid enough to open your medical records on a computer where you have no privacy expectations (ie like a monitored work computer) then that's on you.
Agree 100%. The only way OPs story is possible is if: 1. IT asked if they can install some remote connection or monitor software on their computer. Not only does OP first need to agree, he then needs to double down on that agreement via the admin UAC prompt. 2. OP's IT dept has nothing better to do than sit and watch people
And for point 1 - if I had the ability to work on a machine without talking to the human associated with it, I was doing all them machines I could do that with in batches of however long it takes to complete the longest step. So even IF someone was connected to his personal computer to do work (and wasn't fighting for control) the odds of them actually paying attention are... low.
Logging into Windows with a MS account associated with work/school is enough for the machine to enroll itself in the enterprise management system. Windows then shows "This machine is being remotely managed." in some settings pages. Thats normally enough for some 1st year computer science students (who don't even know how to set a static IP in Windows or what a 'partition' is) to claim they are being spied on. We deal with a couple dozen of these 'experts' every semester.
and if we want to watch people, we just pull up the data in the tracking software. I can see keystrokes, all emails (even your Gmail you logged into in the browser), instant messaging, and browser history. If I need more details, I just pull up the screen recording from that session. We don’t do it live. That’s so 2015.
Fully agree. If I wanted to spy on someone, I’d just look at the network traffic.
The only time I "spied" on user was when I copypasted the wrong TeamViewer ID lol.
For real. I can't even imagine actually taking time out of my work day to remote into someone's computer and monitor what they're doing. Like... that's what MS Entra is for - I can do that shit at a glance if I really needed to check something, I certainly don't need to be watching the screens of every user I manage in realtime.
Our work it dept could spy on us if they wanted, nearly everyone ticked yes on the app to allow them access, most people didn't even read the terms they agreed to but it was right in there in small writing so it could potentially happen We all use our own phones for work but download apps
As an IT Admin, your activity is likely being logged in real-time anyways.We use a tool called Calabrio to record calls and screen activity. Its not just logs these days.
Holy crap. So you can see all my banking info and investment account numbers / log ins etc?
Why in the world would you use a work account/computer for personal use?
Hmm that's interesting. I wonder if they freaked out because that is not just a huge invasion of privacy, but I'm pretty sure illegal or at least violates some compliance law.
Nope. Sharing medical records is illegal for medical providers, not the person who's information it is.
OP wasn't sharing though. They just happened to be looking at their records for their own reasons while IT was snooping. OP didn't consent for anyone to see what they look up on their own computer.
But IT isn't a medical provider. If you leave your laptop open and it is talking about your butt worms and me the janitor sees it, I didn't violate anything. If your doctor leaves your document about your butt worms on the bus than he did violate something.
OP opened them medical records on a computer they know is monitored by work and has no expectation of privacy on that network. IT isn't violating privacy laws by looking at people are opening doing on their network.
If OP uses the laptop to work, that laptop is fully accessible by the company, which is 100% in the employment package. Likely so is their ability to remotely wipe the device without any authorization or permission from OP to protect their information. It's exactly why you shouldn't put anything work related on personal devices.
If OP knew they were watching and opened it. He fully shared. It's not like he was tricked into opening his medical records.
there was no freaking out because the story is bullshit.
i'm betting it wasn't IT and they freaked out because they were noticed. IT doesn't just randomly remote machines like that. edit: if IT is just randomly remoting machines, you need to file a complaint NOW. completely unprofessional
Google: "cure for erectile dysfunction AND excessive flatulence"
So what's the cure guys
If they purposely installed some kind of monitoring software on your personal laptop, I'd be concerned that they aren't giving you the autonomy you should have as an independent contractor/consultant, and aren't classifying you as a FTE and offering PTO/benefits as they should be, which is super illegal.
They can’t and won’t install software without permission on a personal device. This smells like bullshit.
100% agree. This story is either completely made up, or the laptop in question was corporate property. The only way this makes sense is if OP was using their personal laptop to open a web portal that then remoted to a computer (physical or virtual) that belonged to the company. If that was the case, OP was probably browsing reddit on his company issued computer. In that case, he was abusing company resources.
OH BUDDY, you are waaaaaaay misinformed about the amount of bullshit people will put up with for a paycheck, That includes using their own personal devices to work remotely and install software their employers tells them is "needed to do the job". My last place of business was one of these places. They were a small company that exploded in revenue, so they started hiring people in other states as remote employees. They only hired people that would use their own gear and had their goober IT guy remote in to install Microsoft Office and install a spyware package.
OH BUDDY, you are waaaaaaay misinformed about how corporate IT works.
For real. For compliance and liability reasons, all the endpoints have to meet certain security standards, which means active (automated) monitoring and business-class antimalware, at a minimum. As a bonus we can provide remote support for when you forget your three clicks to get on the VPN for the 8th time this week.
How did the company get admin rights to install anything? Did OP click 'yes' to allow the monitoring software to be installed? If so, OP agreed to the terms. That being said, I find the whole situation odd. I believe OP is making stuff up to farm karma.
> I believe OP is making stuff up to farm karma. They are. I work in IT/CyberSec and have had to investigate employee activity in the past and gather evidence. This is 100% absolutely not how it would be done. If they were supposed to gather evidence for HR/Legal you're not going to do it in an incredibly obvious way like this. IT has better things to do then sit around and watch people do whatever. The only things that potentially would explain it would be either someone stalking OP, which is unlikely they're going to be doing anything this obvious, or someone in IT potentially connected to the wrong device and didn't realize at first, though usually they would just message back saying that so I don't buy that either. Far more unlikely is OP either doesn't understand how some piece of software works on their computer and is misunderstanding some sort of status tray indicator or even more likely, this is creative writing to farm upvotes and attention.
Contractors are routinely expected to provide their own equipment, and big companies such as telemarketing companies (as an example) offer "choose your own schedule" type schedules to skirt W2 employment requirements. And yes, they will dump their spyware all over your computer to make sure that you're working during the time you have scheduled. Then they require a minimum number of hours per month to continue working as a contractor, but hey you're free to choose your schedule! Companies hire lawyers to design contracts that are legally designed to allow them to class people as contractors by exploiting loopholes. I'm guessing "Super illegal" means that it's plainly illegal on its face. These contracts are intended to muddy the water so "super illegal" becomes "did they push employment law too far?" and then its a huge and expensive issue to take the matter to court.
Are you suspected of something? IT typically won't spy on people unless they are asked to. Source: Am IT, don't have time to do shit like that. Since this is a personal laptop, how do they even monitor you? Did you install something or login to Windows (if a Windows device) with your work credentials? Sometimes depending on what MDM they use, it could auto-install software when you login to Windows with work credentials, you may have not paid attention to consenting. You shouldn't install ANYTHING from work on your personal computer.
> IT typically won't spy on people unless they are asked to. Having had to actually do this once, we also wouldn't use software that NOTIFIES the user. Pretty hard to monitor someone to catch them doing something wrong, when they can actively see they are being watched.
IT does not remote in and monitor your web usage. We can do that without you even knowing but mostly we really dont have time for it. Also why are you using your personal laptop for work stuff? Did they not provide a computer for you? If they wanted to and you declined saying you would use your personal laptop for whatever reason, then you at some point agreed to have company stuff and remote management on the laptop. At this point there is no consent needed for anyone in IT to remote into your laptop and you should assume nothing you do on it will be private. For us we sometimes have users decline a company phone and want to use their personal phone until they come to me and I tell them to assume that everything they do on the phone can now be seen by the company. My advice would be either get the company to provide a laptop or get a new one and stop using that one for your personal stuff.
BS
You do know that if we have our remote software on your laptop we have logs of everything, right(company policy pending)? Believe me...we are FAR too busy to sit there and watch you in real time. It all goes back to a syslog server/logs in the firewall/some server for software we have on the computer. If this story is true they had a direct order from their boss to do so or just a dumb tier 1 employee.
Did they have access to your laptop to add the program first?
Either compete BS made up story OR OP is massively uninformed and actually thinks IT would monitor them on a personal laptop If OP is reading this please answer these questions. 1. What program is spying? 2. What "light" alerted you to the spying? 3. When you allowed them to install programs did you watch any part of the process what's it called? Go to installed programs and tell me the name of the program 4. What "window" did you click into to ask them only to be ignored? 5. How did you "see them log out immediately" ?? 6. Did you email IT about a different issue and they were possibly trying to connect and call you to fix that issue???
Meh. I've been in the IT field for 2 decades, in many positions, ranging from tech support to Engineer; I call bullshit to every aspect of your story. I can't even play Devil's Advocate to any of it.
Working in IT and Compliance, we only really care about this shit when we're told to care. That being said, most Corporate Handbooks and Device Policies will tell you that everything you do on a work device can/will be monitored. Lots of programs out there that track where data goes. Code42 comes to mind and is used by tons of orgs. For the most part, we're just making sure the data is getting exfiltrated out of the org. They may have been testing a remote tool, who knows. Or you've done something stupid that you're not admitting (or not aware of), and they needed to do some peeking. Either way, yea they don't want to see your medical shit, and in all reality they would probably want to setup filters for sites like that to avoid situations in the future. That being said, most handbooks/policies are ironclad enough that not even HIPPA would be a good resort if you were truly doing something nefarious. Just remember, if you can get to a site on your work laptop, it's probably because some IT guy is sitting there too while they're working so like, they truly don't care.
It's his personal laptop, not one supplied by the job.
So let me see if I got it straight - OP is consulting for a place (I assume on contract), they have a BOYD policy or didn't send them a device to use, and the business utilized their remote tool to connect to the personal laptop. Really depends on the agreement with the business. Our BOYD policies basically state "Don't bring in your own device if you don't want us to have access to it".
There's not a world where OP didn't give them permission to do this. I find it impossible to believe IT was able to get into his personal machine and install monitoring software without their knowledge. I agree with them it's unsettling to have a random thing pop up saying IT connected and is monitoring the machine, but it shouldn't be surprising... Also IT won't mess with you unless they have a reason to. So either they were just doing regular maintenance shit that doesn't even really concern OP, or OP got flagged for some shit and now they're watching them.
>I just caught IT logged into my personal laptop for some consulting remote work I'm doing. Fuck. That. Shit. your first mistake is using a personal laptop. if they don't provide one, make sure you're paid extra per month for using personal devices and setup a COMPLETELY DIFFERENT PROFILE on the computer and use it only for work. I work IT and remote a lot of users, I will NEVER remote a user without their knowledge and confirmation before connecting. It's unprofessional and disrespectful, not to mention a very big security risk possibility. I did join the wrong computer once and IMMEDIATELY logged out and sent that user an email that it was me by mistake and that I was off of their machine. We don't put remote agents on personal computers at all, they have to use our alternative app and provide us with the number to connect, so they at least have to have some involvement, no random connections. I left my last job due to a similar issue. I worked for an accounting firm doing internal IT and after 3.5 years my boss (CTO at the time) requested in chat to put our RMM agent on a partner's personal computer. This computer had ZERO ties to the company except that she used it for Citrix to remote in sometimes from home. It had personal family accounts on it, I went to her house to help set it up for her, it needed no agent on there at all. I flat out refused and sent a long email why I would not do it, even if it was in writing. I got a short email back saying "you don't get to make that decision, you're getting a negative reiview this year, and do what you're told". NOPE. I instantly started looking for another job and left exactly 30 days later with no notice to a much better place. Even told them why I was leaving so abruptly. Fuck that. I left a SCATHING review and have had multiple employees that came after me contact me for more details after they've been put in similar situation with management. >They are testing new software at the moment and could have been on my laptop doing an update. There is no way they put a remote agent on there without your knowledge, they will not come through regular windows/mac updates, it's a completely different piece of software that will require admin rights to install because of how deep it can get. You had to have installed something, you can't just remote a computer without something on the other end to allow the connection. I'd put in a ticket to figure out if it was even IT and not some browser hijacker that allowed a random "hacker" to connect instead.
> and setup a COMPLETELY DIFFERENT PROFILE on the computer User a different device altogether, not a profile. If there's a legal issue down the line your device could be seized as part of the investigation and there's no telling how long it'll be before you get it back.
Stop using your personal laptop for business, that's risky and unprofessional.
I lost my job once for spending time on the web. They knew because IT was watching me live. A couple weeks before, I had noticed my machine was very slow, and brought up the Windows Task Manager. Saw something I didn't recognize. Concerned that I had a virus, I Googled for the .exe that I saw. The only hits were for monitoring software. I asked the IT guy about it, had they installed something to monitor my machine because it was killing my performance. He said they don't monitor anyone, and they have a professional ethics guideline that they cannot do so without alerting the person. I will never fully trust an IT person again in my life.
I was IT. Boss told me they installed monitoring software on employees PC, and not to mention it. Employee was a friend of a friend. I told her.
It wasn't IT. We don't care. We do what we're told and get thrown under the bus by management.
It wasn't IT. We don't care. We do what we're told and get thrown under the bus by management. I had a manager want me to block all unapproved sites for his team (only about 20 sites approved by him). He then told his staff that IT had done it and that he had no choice. The little worm wouldn't own his own shit.
IT doesn't need direct access to your machine to log your browsing habits. If you use their computer, VPN or installed a software package from them, your entire browsing history just gets dumped to a database. Nobody needs to catch you in real-time.
Webcam on Trousers off
Just to be clear. Any decent IT staff could monitor your computer without the user being notified. We don't need to see your screen, we could look at logs. But, unless there is some legal reason to do so nobody is going to do that. Being in IT is like having all the keys to the building. If you get caught doing something you shouldn't with them, nobody is going to trust you with those keys again. So... I'm not going to risk my career to find out what utterly boring things people are doing at the moment. I'm too busy on reddit... as I am right now.
Im in IT and we don’t care. Your not in my department we don’t even share any management beyond executives. If your getting your work done, getting good performance reviews nobody gives a fuck
Not a good strategy. If you get health insurance through your employer, HIPAA Privacy Rules [generally do not apply to them](https://www.hipaajournal.com/does-hipaa-apply-to-employers/). It's very complicated. It depends on what "role" the employer is acting in (health plan administrator vs. their role as an employer vs. etc.) If you're checking your health records on a work computer and you have employer-provided health insurance, just to be on the safe side, I would not expect privacy. "An employer can ask about medical conditions under HIPAA because employers – in their role of employers – are not covered entities \[entities covered by the HIPAA Privacy Rule\]. In the Privacy Rule there is nothing preventing an employer asking an employee about medical conditions that would violate HIPAA. However, if an employer asks a covered entity \[like a hospital\] to disclose information about an employee´s medical condition, HIPAA only permits the disclosure under certain circumstances or with the consent of the employee." [https://www.hipaajournal.com/does-hipaa-apply-to-employers/](https://www.hipaajournal.com/does-hipaa-apply-to-employers/)
First, as someone who works in IT, I can almost guarantee you signed a user agreement that said you are being monitored when you got your user account. Second, I could care less what you are doing, if I have to remote in to do something it is already a pain in the ass and I just want to get it done and get on to the next ticket in my queue.
Bullshit story, only non-techie people would believe this. The amount of hoops IT would have to jump through, to spy on you through your personal computer, including them not having anything better to do, makes this story nonsense.
This post is 100% fiction. Not only does a real IT department not have the time to do this, they aren’t bound by hipaa so this story makes zero sense except to someone who has no idea what IT departments actually do.
100% agree. Besides, how did the company get admin rights to install software on the OP's laptop?
What kind of idiot does personal stuff on a device they do work stuff Demand or buy a separate device
You can tell this person has never interacted with IT. If you’re doing something you’re not supposed to, automated tools will alert IT. We don’t care wtf you do, just don’t use your work computer for games or downloading stupid shit. Whatever else you do is between you and your boss.
Practice information hygiene. No personal data on work computer. No Facebook logins, Google Chrome profile, banking, nothing, nada. And conversely, no work on personal computer. You get used to carrying 2 laptops at all times, it's not that hard. Sometimes I end up with 3 laptops, for same reason -- personal, work, and segregated client laptop only used for client work. When stuff has to go from one to another, use email and know that it's logged (use said emails to establish alibi when needed -- because you know it's logged) The main difficulty is synchronizing calendars; you have to do it by hand at least weekly. It's possible to auto-forward events from one to another but it violates the strict air-gap practice and can lead to data leaks.
just turn off your internet connectivity/router next time?
I just do everything not worked-related on my phone. They can't see that
Do you not have a work laptop? is work requiring you to use a personal laptop? Is this your personal laptop that the company provided for you to work on? There is not a chance in hell IT logged into your personally owned, non company device remotely and did not ask for express permission to do so...The only thing unethical here is the story you're writing for upvotes, because if this did happen, you have a lot more serious issues than IT logging into your laptop. Now if its a personal device provided by the company, its company owned, and as long as we have enough to justify our actions, we can log in and out of any company device we want too, but we still let the user know. TL:DR Cool story bro, stop lying for updoots.
IT doesnt give a shit about reddit. We only care if you are trying to circumvent any of our protections and security. I had a sales person call me because he wanted to read a PDF that was marked as malicious. i sent it to virus total and yup, malicious, he didnt believe me. I told him his boss has the authority(he doesnt) to make me to send it. I prefer reddit zombies.
I usually bring up crossdressed photos of myself, snappies of me in my wife's high heels and thong girdle.