On 25 juil. 05, at 14:15, Dave Ewart wrote:
On Monday, 25.07.2005 at 13:48 -0700, Curtis Vaughan wrote:
We have an issue where management wants to monitor possible leaks
through the use of Hotmail, etc. web-based email accounts. They do
not want to just prohibit usage of such accounts. So, the question
is, using SQUID, is it possible to cache what information employees
are passing through such accounts, even if they are https?
If you are wanting to record traffic sent over https, then you
cannot do
this anywhere between the desktop and the remote server, since all
that
traffic is encrypted. You will need an application on the desktop
recording this data before it is encrypted.
However, I would investigate the legal and ethical aspects of this
first, as there are a number of issues here.
Dave.
--
Yeh, I was afraid that the encrypted factor would cause problems. As
for legality, it would be interesting to know what other people know,
but it is my understanding that: whereas the computers belong to the
business, all activities carried out on that computer are the
property of the company. This is precisely why email, internet
activity, etc. can all be legally monitored by a business as long as
such activity is carried out within the business' LAN and on the
business' computers. For example, when auditors from a hired
accounting firm come in, then I don't we would have the legal basis
for monitoring their computers or their traffic.
Curtis
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
