Hi. Maybe I could help to clarify this a little. Although I now live in the USA, I was born and raised in the UK, and lived there until I emigrated six months ago. While I was in the UK I worked as a Network Administrator, and had to consider a similar situation - many bosses forget that Network Administrators also need to be legal experts ;-D As far as I could figure, the situation in the UK was that your company can basically track/log/view anything they want to, as long as the employees are aware that this can happen. What you need to do is this: Draft up a 'charter' for the use of the Internet within the company. Make sure that this charter contains clauses such as "All Internet resources are to be used for Company businss only", "The Company reserves the right to monitor any and all Internet traffic to and from the Company's site", "All e-mails to or from the Company's network are the property of the Company", and "Failure to adhere to these clauses may result in disciplinary action - serious breaches may result in the employee's dismissal". Issue a copy of this charter to any employees who may use the system, and have them sign and return it to you. You may wish to make this charter part of the employee's contract of employment - many companies do in the UK. Although some people talk of posting such logs on Company Intranet sites, etc., this can sometimes be more trouble than it is worth. Say for example, an employee logs into a child pornography site - do you really want that appearing to all your employees at your site, or would you rather just quietly gather the information/evidence that you need in order to assist the police in prosecution? Also, by publishing the logs, people can not only see what you are logging, but more importantly, they can see what you are NOT logging. Another aspect to consider is this. I did not have time to check all the logs, all the time. I was often working over ninety hours a week as it was - I was responsible for a WAN that covered sites up to 200 miles away, and was on call 24/7. So, I set up a random schedule of checking a particular set of logs for a week or so, then changing to a different set, etc. I also allowed rumors to spread that I was logging/monitoring more than I really was... Although some employees started to view me as the classic "Bastard Operator From Hell", these were very much in the minority - most supported my actions, especially once the reasons were explained to them. You also need to make sure that you do act on breaches. For example, I once caught a fairly senior manager e-mailing a movie file clip to a co-worker. This movie clip portrayed some extreme sado-masochistic pornography. Now, I was actually fairly friendly with this manager, but I could not allow such material to circulate on the company networks, so I had to take the necessary disciplinary action with the employees involved. At the time, the company only had 64K ISDN access to the Internet and their own WAN, and the thing that alerted me in this case was the sudden chronic drop in network performance as this file was doing the rounds... Anyway, to sum all of this up, as long as the employees are aware that they may be monitored, you can monitor just about anything that they do that involves Company equipment/Company time. Remember that an employee who is spending Company time browsing the web or e-mailing for their own (rather than business) use is effectively stealing from the Company, especially when dial-up costs are involved. I have seen people fired for stealing items worth only a few pounds... Hope this helps. Regards, Ozz.
Re: [expert] Re: tracking employees
Austin L. Denyer (SysAdmin.) as root Sun, 13 Aug 2000 19:29:16 -0700
- [expert] Re: tracking employees tom strickland
- Re: [expert] Re: tracking employ... Bruce E. Harris
- Re: [expert] Re: tracking employ... Austin L. Denyer (SysAdmin.) as root
- Re: [expert] Re: tracking employ... tom strickland
