Slashdot Mirror
System Adminstration and Corporate Ethics?
Not-a-BOFH asks: "About seven years ago while SysAdmin'ing for a (then) small software company, I was approached by the CEO regarding a technical issue. He explained to me that he got a bit hot headed at another employee and sent said person an email that he now wished he hadn't sent. His request to me was to dig through this person's email and delete it before he came in that morning. As the SysAdmin, this was certainly possible for me to do, but I've always tried to remain ethical when having such access to sensitive documents. In the case of email, I explained to the CEO that to me it was like tampering with the U.S. Mail, and I wasn't comfortable doing it. Long story short, my boss had no issue with it, and wound up doing it anyway. Looking back now, I'm not really all that surprised that that decision of mine led to my getting fired, but I've always wondered how many other people have had similar situations happen to them, where personal ethics and CEO heavyhanding came into play, and their job security suffered from the clash."
Sorry you said corporate so that means that they probably used Microsoft products. (I know I hate the thought too) But in Outlook you can recall the meesage that you sent. And as long as the receiver has not read the message it will delete the mail message and send the sender a note telling them that the recall either succeeded or failed.
...
To do this:
1. Find the message in the sent items folder.
2. open it
3. Go to tools
4. Click on Recall this message.
5. Follow the mini wizard and the it will try to recall the message.
And then optional steps are
6. ???
7. Profit
I am still working on steps 6 and 7 I can never get them to work.
At most companies (at least all the ones I've worked for: for profit, not for profit, government, etc) Email is the property on the company. That means that a company executive has every right to go and read/change/delete a person's email.
While you may not think it's ethical, it's usually spelled out in the company handbook of some kind. Ours states that computer, email, and phones are property of the company and should be used only for business use. While no one is going to fire me for checking out CNN, we were able to fire some people a few years back for trading some pretty nasty porn through company email.
Two additional points: our current corporate email system (GroupWise) allows a user to retract an email they've sent as long as the recipient has not read it. That gets the admin and his morals off the hook.
The other is that big boss is lucky he doesn't work is a different industry. A certain government-type place I worked at once upon a time has an obligation to keep all correspondance for a very long time, so there is a system that all email goes through -- be it inbound, outbound, or inter-postoffice -- that stores the message in a database for full text searches. If someone were to nuke that, they're next assignment would be turning big rocks into little rocks.
"All I ever wanted was to see Larry Wall give Bill Gates a Perl necklace."
http://www.eisenschmidt.org/jweisen
Boss: Shred these accounting documents and make sure that the shredded documents get burned. We're filing bankruptcy day after tomorrow!
Neck_of_the_Woods: Yes SIR!
Sound familiar?
I once adminned a very small NT-based network for a company that was CONTINUALLY involved in litigation with their customers. The big boss decided that he wanted every employees password so he could (he claimed) "Check up that company standards for desktop configuration were being complied with." Truth of the matter was that he wanted to snoop through his employees e-mail.
I very carefully explained to him that if he collected up the passwords and opposing counsel in a lawsuit discovered that fact, it would destroy the evidentiary value of every single document stored on his system because he would no longer be able to prove who authored them.
He persisted in his request, and I told him I would NOT do it.
I wasn't fired BECAUSE I refused (yeah RIGHT), but I was let go shortly thereafter because "the company is bleeding money and SOMETHING has to be cut."
'Sokay by me, though. I got out of there with my sense of personal integrity intact and with the knowledge that, while I'm SURE my successor complied with his request, I never personally acted against the best interest of my employer.
utter rubbish
As long as the employer has notified the employee that they monitor email, it is completely legal under the Human Rights Act.
http://www.itsecurity.com/papers/morgancole1.htm
http://news.bbc.co.uk/1/hi/sci/tech/957460.stm
Seems it's about the same in the UK, as is here. In other words tell them that you monitor the e-mail and you can read all of it.
This phrase is your friend. I've used it to put off bosses who've asked for things that seemed dubious, like tracking web surfing habits of individuals from our proxy logs.
;)
Bottom line is if you say "I won't", the boss might fire you but, if you say "I can't, because..."[1] - and can be convincing[2] - you can get away with not doing unethical things.
-Baz
[1] eg 'editing the mail spool by hand would invalidate the CRC's on the mail files, and might bring the server down. I could try it, but we could lose everybody's email back to the last backup - its a big risk'
[2] warning - dont try this crap on a CEO who is also a techie
The company does not always have these rights. It depends on what state the company is located in and what official policies the company has adopted.
The author did not mention whether the company he worked for had any official policies on the subject, but if they did then it doesn't matter who does the asking, if the action is not allowed by the published policy then it should not be done.
As recent history shows, the CEO does not always act for the best of the company; she/he is not above being questioned. And for something like this I would at the very least required the written request or just have refused to delete the mail.