Slashdot Mirror
1 In 3 Sysadmins Snoop On Colleagues
klubar writes "According to a a recent survey, one in three IT staff snoops on colleagues. U.S. information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 percent said they had accessed information that was not relevant to their role. Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?"
Down! That's a bad sysadmin!
It's a damned poor state of affairs that so many people put in that situation of trust betray it.
I've been a systems admin for the better part of a decade, and the only time I've ever accessed the company's assets are when it was warranted.
The same goes for user files. I'm not going to snoop through other people's files. Really, I don't care what boring files you keep, just that they don't fill up the partition they're sitting on.
Do that, and suffer my wrath.
Check out my sysadmin blog!
I know a place where they have'nt changed the root/admin passwords in years. They have so many servers that it would be "a huge pain" (their words exactly) to change all the passwords. I wonder how much of a pain it would be for a former DBA or sysadmin to snoop around and start publicly posted how much everybody makes?
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
Maybe I'm missing the point but I don't see where there is an issue.
In nearly all IT environments, either you trust your IT staff, or you have some killer PKI. Reality suggests management in the typical company wouldn't pay for or be bothered to use, so we're back to IT having super-snooping powers.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Given the nature of a sysadmin's job, I think I'd be more worried about the other 2 out of 3 that don't snoop around. A curious sysadmin will find more problems and more possible solutions than one who doesn't care.
That's an extremely small survey sample to try and draw relevant conclusions on. 30,000 might be a better indicator. Otherwise, you're talking too wide of a margin for error.
If all they snoop on is other sysadmins, I'm fine with that...
What? They *said* colleagues, and I'm as chummy with my sysadmin as the front desk receptionist even though, for the purposes of trade magazines, as a software developer I'm an "IT professional".
Did they lie on the survey or really don't snoop?"
I say most lied. Knowledge is power and it would be too damn tempting when you could have your finger on the company's pulse.
It would also explain the smug look. (kidding!)
If you've never been modded as "flamebait" or "troll," you've never tried to argue a minority viewpoint here!
They probably have a life. It's pretty pathetic to have to get one's jollies snooping on others rather than actually doing something.
Great minds think alike; fools seldom differ.
So in other words, a significant majority of sysadmins are honest. Given that they have "the keys to the kingdom" in the words of the article, that's pretty impressive.
Loose lips lose spit.
According to that survey, 2 out of 3 sysadmins realize that spying in a CLI (career limiting move) if they get caught. That, and the whole ethics and honour thing, are why we are able to manage the confidential data without snooping.
Feed the need: Digitaladdiction.net
snooping with the number of hotties at the office?
Come on people, for 'computer nerds' it's amazing how little logic you collectively display.
The company that sponsored the "poll" makes products for encrypting information and compliance with SOX..
Do you think they'd release a study that DIDN'T imply your information was in jeapordy?
This is simply marketing hype, don't fall for it -- it's positioned to get executives to suspect their IT staff (in my company's case, very respectable and honest IT staff) --
1 in 3 is a completely made up number for the benefit of the company trying to SELL PRODUCT
News at 11.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
of those SysAdmins who feel it necessary to snoop on people? If you're bored, get out of Admin Pack and head over to /. or Technet (if you are of the MS persuasion) and learn something new. I don't care who you are or how good you are, you don't know EVERYTHING...
Maybe it's just me, but I just don't get it...
I probably have access to more account information and networked shared space than most people, but I have no urge, need, or desire to see what's in their accounts or shares. (Beyond making sure private data is secured and there isn't pornography or other bad files out there using up all our networked drives. That's one of my monthly chores)
Only reason I'm here right now posting is because I'm in the middle of a scan. Our scans take 6-7 hours to run (with the process set to realtime priority) so about the only thing my computer is able to do is browse the web (slowly, I might add)
"Could" I snoop? Sure. "Would" I? Never. That's one of the reasons why I have this job.
Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
I don't snoop. Truth be told, I don't really care about anyone or what they're doing. Besides, most sysadmins are lazy. Good sysadmins do their best to automate as much as possible so they have to do as little as possible. Do you seriously think we want to create more work for ourselves?
I'm a system administrator.
Where the fuck do these people get the time to snoop?
And let me guess, they're selling a brand new solution to this problem, and it's perfect for all of us!
The other 2 know better than to out themselves as snoops on any kind of survey... I mean what is the guarantee that the survey wasn't a snoop by the employer to catch "honest spies"?
stuff |
Do cashiers and bank tellers pilfer from their tills? Rarely. Those that do lose their jobs. Most of the general population is generally honest and of good character.
Ethics aside, people in IT departments usually seem to fall into one of two categories...
/. can be the cause or a symptom of either of those to options...)
1. Those that are so bored they have nothing better to do than to snoop.
2. Those that are so busy they don't have time to snoop.
(Note:
I host for a few friends of mine, and I don't really snoop unless their disk space crosses threshold. Then I ask if they'd reduce application XYZ's data footprint because it's encroaching on other users backup space.
In non-shared, it's more often snooping of port activity for security audits. Hey, you don't need that derelict FTP server running. Mind shutting it off so we can get VISA certification?
I made the mistake of looking at a co workers pay who I thought was equal in status to me. BIG MISTAKE. After finding out he was paid several hundred dollars more than me a paycheque for doing basically the same job, I never looked at him or the company the same way again. I left that company not too long after, partly because I felt ripped off. Its very hard to unsee things sometimes.
As for internet history or watching peoples screens while their back is turned, I would never do that *TO A PEER*. Its just a respect thing. I have definitely been told to monitor subordinates internet accesses as well as various people throughout the companies I have worked for. Ive gotten people fired for looking at facebook on work hours, but thats part of the job in some corporations. I wonder if the article is talking about peers (in the IT department) or extra-departmental persons whom you could legitimately be instructed to snoop on.
As a potential lottery winner, I totally support tax cuts for the wealthy
Yeah, I definitely have done it. No matter how you define it.
/home
I CAN say that I have never logged into systems I wasn't allowed in, but I have
cd
and looked around.
However, I have never USED the information. I never really found anything incriminating, except TONS of porn. Hey, if you have a proxy server at work, all the porn you view is cached on the proxy. Our proxy used to show the file owner, ha ha, you are busted. I never busted anyone however, just backed up the porn to CDs and deleted it. Anyone want some old CDs?
Also, I used to work nights. If you just turned me down for a raise (poor-mouthing how bad the company is doing), do not leave your 6 month $14K bonus paperwork lying around on top of your desk. I was just delivering reports, but damn, I lost all respect for you. That is why I do not work for you anymore.
- I live the greatest adventure anyone could possibly desire. - Tosk the Hunted
As far as I know, sysadmins are bound by privacy laws.
And if those are the same laws that apply everywhere I've worked at, then it doesn't matter if they access my files or read my email.
As long as the info is not made public, used maliciously, discussed between colleges, then it doesn't matter.
It's not what you know, it's how you use it.
said Yes but then logged into the recipients' e-mail server and edited the mbox file to make it say No.
I used to Snoop on my collizzles until they told me to knizzle it off, dizzle bizzle.
My comments are my own, and do not represent the views of my employer, my spouse, my children, or my cats.
Of those 2 out of 3 left, 4 out of 5 were found to have lied on the survey. Of those that lied, it was found that 2 out of 3 only snoop on those they think they have a romantic connection with and considered it not snooping but pre-mutual love investigation. Of those that act and are rejected, 50% continue to snoop to plan murderous intentions that later end in the woman of said attraction kicking said admins ass. Makes you wonder where all these stats come from really though doesn't it..
1 in 3 Sysadmins don't have enough to do.
At a previous sysadmin job, I never snooped on colleagues.
However, as part of my duties, I was instructed to monitor some individuals and to scan for specific keywords in the logs.
No sig. Move along - nothing to see here.
It's called ethics. Plain and simple. Most people do not have ethics or a code of honor, on or off the job, so is it really so surprising that some sysadmins (many of whom are fed up with ID10T errors and ready to snap) don't practice either? I might kick a fallen opponent in the ribs (multiple times, generally - there ain't so such thing as a fair fight) if I'm brawling, but I will not read users' email - as I respect their privacy much as I expect mine to be respected. Ethics, honor, responsibility, etc. - all things that are required in a free society. And people wonder why this country is swirling down the proverbial shitter...
PC moderators can suck my White pierced, tattooed dick. If you think pride == hate, s/dick/Aryan meat mallet/g.
"1/3 sysadmins snoop! The other 2/3 don't admit to it!"
If creativity is the field, copyright is the fence.
Marking this redundant would be redundant itself - I'm just chipping in my $0.02.
I very much have the ability to spy on my colleagues in my position in IT. There are inevitably times when I see personal data on people's PCs. But I don't snoop because it's really much easier that way.
You can rationalize this to not having time, being caught, having ethics, not having to hide something big or decide whether or not to, etc, but really they all factor in. It's just not worth the trouble and risk in general.
Thankfully where I work we have policies that prevent us from ever knowing user passwords, and various others to keep us from having too much control over their accounts in the wrong ways, or having to know things we don't need to.
'Cause if you are, you should know I got dirt on you...
"0% of respondants say they lie on surveys"
Given that anyone with both the access and the inclination will have harvested any information they want long before they hand in their notice, having them escorted out is going to be ineffective. From that position, threatening dismissal will not be an effective deterrent, especially now that it's so hard to put allegations into a job reference, unless there's a criminal case that's been proved.
Probably the only industry where safeguards come close to working is in the financial sector - where the regulations about insider trading make it hard to exploit privileged information without getting caught. However, that's a legal solution, not a technical one.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
I have users that want to give me their passwords all the time or move sensitive documents for them. I would rather walk over to their desk and direct them to do it themselves than even know where the document it located. Sure, I have access but I have better things to do than see what is in random documents.
At many jobs, I have had access to my boss's, and his boss's (etc.) e-mail since I ran the e-mail server. I am not going to make any legal admissions here, but why wouldn't I read it? I would find out ahead of time about such things as layoffs and that type of thing. Being that I am a wage slave, I want to know about this sort of thing. This is like the "ethics" of slave snooping on their slave master. I am waiting for a Lenin/Pol Pot type to come along and wipe out these bosses, company boards, majority shareholders and the like, so the e-mail snooping is a no-brainer.
There's surely one way to know. But who watches their sysadmin's sysadmin?
--
make install -not war
...did it a couple of times and realized that (a) snooping was largely a waste of time, there wasn't much to snoop for, and that (b) the risks were high and if they got caught, it'd be all over.
It's been said that "Gentlemen don't read other gentlemen's mail" except of course when they do.
This should be tagged "slashvertisement".
All this snooping talk, as if there's something good to be found!
As if any of my fellow workers have any remotely interesting files. Please. Even the worst offender could not hold my attention for long, I'm used to really salacious scams.
And knowing top secret company info? My company rightfully keeps me in the loop, otherwise how could I offer my expertise and advice? Also, it's our job to know what's on our network.
They also pay me well enough that I would never jeopardize my job for some silly bullshit. Besides, ANYTHING goes wrong and I have to deal with it anyway!
Maybe it helps that I have a busy life outside of work, too.
IT folk, like police and others in a position of power, need to be held to exacting standards, and should be beyond reproach. Nothing else can be tolerated.
Regarding the 1/3, does that include sysadmins in small shops tasked with reading through the near-miss SPAM? I had to do that for a while, and it left a bad taste in my mouth whenever I saw a real email (strange considering the SPAM should have made me want to use LAVA soap on me eyes). Did it also include Information Security departments, whose job it is to snoop judiciously?
I'm a sysadmin, and I don't snoop at all. Sure it's "honorable" and "ethical" not to, but I feel that the more real issue is that the more privileged knowledge you have, to more responsibility you have. I know my own passwords and the network passwords, that's it. If someone tries to tell me their password for convenience, I tell them "I don't want to know it, keep it to yourself." I have enough shoulder-crushing responsibilities as it is, I don't want to know more shit that would put me in a position of necessary action. Say that I'm not living up to my potential, and that my company would want someone more proactive, but I'm pretty damn proactive when it comes to my job responsibilities and the responsibilities of my department. This isn't to say that when I'm tracking down legitimate problems and they lead me to a user's personal data or habits that I don't go there; that's part of my job, but there is a thick line that I never cross. This all assumes that the admin would take responsibility for the information they gained by snooping, which I would feel compelled to do, and for that I don't have an explanation. On the other hand, I used to work with an admin who snooped, I knew about it and he knew I knew about it, but I really didn't have a problem with it. It led to some catches, too, but I still never took part in it. I think some people just have an aversion to invading other people's personal space, and some people don't. Apparently that ratio for sysadmins is 1/3.
The ultimate recipe for disaster is where you have bored staff, and the IT policy does not permit personal internet use. As the old saying goes: The Devil makes work for idle hands. So in that case it's better they focus their boredom into outward-facing activities than inward-facing ones.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
JPEGs of the "wrong" kind of content can be an equal liability as MPEGs and they'll never show up on any polite filecount or diskspace checks.
Let the sysadmins browse.
Keep your private photos at work, do you?
First off, it's none of my business what photos or personal documents our employees store on their work PC -- as long as it's legal, of course. I also just don't feel like I care that much to know, let alone go out of my way to snoop for it. Must be some lonely sysadmins that have nothing better to do for themselves than to butt into the privacy of others.
Getting off topic for a moment, is anyone else getting tired of the closing, troll-like comments that end up on the end of almost every article? No klubar, it actually doesn't make me wonder what the other 2 out of 3 sysadmins are doing because they are probably off doing their real job. Article summaries should set the frame up for an even discussion, rather than attempting to beat first posters with some lame opinion that can't be moderated.
</rant>
I went to eat some animal crackers and the box said, "Do not eat if seal is broken." I opened the box and sure enough..
..... Were too busy reading Slashdot to snoop on anything.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
I am Bennett Haselton! I am Bennett Haselton!
It's not linked in the article, and it doesn't appear on Cyber-Ark's website, at least not in the PR or white paper sections.
Ok, here's the thing...
After you've flipped through dozens of inboxes and home directories as part of your job, you know how pointless it is to do it for fun. People are boring. They have boring mail. They have boring files.
See that "Preview" button?
They held off the entire Persian army. Dont underestimate 300
Alright, TFA says "IT Professionals" of which I bet only 1/3 has access to such info. That would imply all snoop that can.
I don't buy that.
Members of professional organizations such as the IEEE Computer Society Have promised to follow a "code of ethics and professional conduct".
As a member, and having read the document, I understand that it is ethically wrong, a career limiting move, and not worth violating my promises just to satisfy my curiosity.
The other 2 were lying.
Strictly from the P-O-V of a UNIX admin.
/. -- shutup :P) ::eyeroll::
1. 300 is too small a sample. Far too small.
2. No breakdown on size of shop per admin. My SA/server ratio is 1:100, which means very little time. (I MAKE time for
3. No breakdown on 'admin' roles. If this is a mom-pop-shop admin survey, then I guess it makes sense. Cisco riders can't touch a server in my shop. Neither can the Domain/AD Admins.
4. MSNBC? Now -theres- credibility.
5. These shops obviously don't log admin activity. Someone needs to watch the watchers.
6. I am not a snitch. I don't get paid to snitch.
7. auto_home FTW, baby!
8. 1 out of 3 survey topics are meaningless.
I've been a system administrator for about 10 years now and I've never really found snooping to be interesting. I even tend to look away when people type their passwords, open files with their personal finances or other information. I show them how to use encrypted FUSE file systems. In general, I don't care about someones personal files unless they're taking up too much space.
However, I should say, from time to time you stumble across "information that (is) not relevant to (your) role," unintentionally. That can't be helped, but it is possible to not abuse the situation.
This article is presented as if most sysadmins are a bunch of non-ethical geeks but please keep in mind that at first this was a US study. Second they only interviewed 300 people and I'm somewhat confident that the US has a lot more admins. So how can low minority (even by US standards) set the tone for the market as a whole?
Or if you're smart, you setup all servers to use NIS+ or LDAP. That way, once the userid is removed, all systems are non-accessable to that user anymore.
I've sys admin'd for over a decade and can say that I've never intentionally spied on a colleague. However! I have stumbled onto quite a lot of unusual and interesting things. Some of these things I chose to ignore, some I reported, and some I think might have even been planted for me to find.
Also, I was never asked to spy on a colleague by an employer. Basically the rule was, as long as you're getting your job done and you're not breaking any laws or offending any coworkers, why should we stop you from doing as you please?
No sig for you. YOU GET NO SIG!
It's much more than schools. Read any
I have a fair idea of what every employee in the company I'm in makes, and, I suspect, so does everybody else - plus, they don't try to hide salaries too much, when you sign your receipt you can see many of the others.
And I've asked friends or former classmates in other companies (and I look at the job offers too) so I have an idea of how much the "market value" for someone with my skillset is - depressingly not much
There are three kinds of lies: lies, damned lies, and statistics.
Quit downloading pr0n.
Your mp3 collection has some nice hits though.
Back to work now!
I'd say we're just looking over their files, for their own protection.
Really though it's kind of part of the job to a certain extent, ethically of course.
Most people aren't thought about after they're gone. "I wonder where Rob got the plutonium" is better than most get.
Like watch YouTube for a few hours
The other two weren't busted.
Question everything
The trick is to keep your automated scanning away from the prying eyes of all the other systadmins, who might just stumble across it while they're installing their own methods of getting one step ahead of the rest of the crowd.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
It doesn't apply to private companies.
I finally updated my sig, but now it's lame.
Claiming that the IT people who are snooping at stuff they know they shouldn't is purely a lack of planning on behalf of management is just trying to act like these people involved don't bear any individual responsibility. I can't agree with that assertion.
Well said. I totally agree that there is an individual responsibility in there that *should* kick in. That doesn't make a story people want to read.
At some hypothetical point, information becomes very sensitive. That information needs to be accessible by a select few. I was trying to make that point by painting the issue as black/white.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
*I* am one of those 66.66666666% that do not snoop. It is a matter of principle. I go out of my way to access as little information as possible when I solve e-mail server problems or do other things. I have even been cleaning some really nasty stuff from computers belonging to a very high-ranking staff members and nobody has heard any juicy story from me. I am also administrator for online banking system and I have never been tempted to take a peek. I also make point in not knowing passwords I am not supposed to know and I insist on responsible banking system operator to type her password with me standing out of sight. I have their trust. Period.
You make a decent point.
A friend of mine, who has a mischievous bent, would always have people call me as a personal reference. Invariably, I would tell them the truth. "He's a hard worker. He'll be a credit to your team". etc, etc. At the end, when they asked if there was anything else I'd like to add, I'd always say "Yes. Like I said, if you hire him, he'll be an excellent member of your team. Just don't let him get bored".
Check out my sysadmin blog!
Although I have never spied on any colleagues i'll admit that the temptation is there. If you keep a sys admin happy there really isn't much to worry about though. Most companies, however, are grossly underpaying good admins nowadays due to the current job market. Couple that with the normal disdain for IT professionals outside of the department and you can see what happens. Although at least they aren't all like Milton and end up "burning down the building"
Today a DBA came to me and asked why the partition filled up. I had to drill into oracle to find the answer (Oracle trace files. Let's just say I've worked with smarter DBA's). Was that snooping? Granted, that was in the realm of solving a problem.
As an email admin, I've routinely seen subject lines of emails that made me raise eyebrows. It was almost always in the context of looking for a missing email. Is that snooping?
Personally, I'd REALLY like to see the data. 1) What does '300 Senior IT Professionals' mean? 2) I'd REALLY like to see the survey questions asked.
I often tell people that, as a sysadmin, if you don't trust me, fire me now, and escort me out the building. I have more than enough power to do irrevocable damage to the company.
Zapman
...the mail that comes through the symantec mail security filters. Some of the spam and chain letters that are sent around are outrageous, and NWS. If Susan in Accounting sends another god damned Jesus Loves You chain mail I may just blacklist her for jokes.
In a lot of environments I've been in, it's not so much the admins snooping, it's peers snooping on each other.
How many typical users really know how to do something as trivial as a password protected PST. Even worse are the network drives being littered with "New Folder" and "New Folder (2)-(38)" users add and keep their personal information unsecured, including their mail. It's fun to right click when you don't understand what you're doing I suppose.
Some shops run a tight ship, the others are so far at the other end of the spectrum... it's about collecting a check.
Ummm...I know how we can find out...
-Loyal
I aim to misbehave.
Everyone on here is soooo ethical. You have never checked anything your weren't supposed to. BULLSHIT! We have all taken a glance at something that we thought might be interesting and you know it!
Yeah thats just what I want to do..... I dont like reading my own email, nevermind someone elses.
i'm currently the technical director of an ITO provider and while I don;t snoop on my customers I do snoop on my staff.
email (including personal accounts accessed from company equipment), IM history, web history, home folders, all are fair game as far as I'm concerned.
I got burned by a staff member I trusted before with confidential information. so now I trust no one and check everything.
Who has time to snoop for prurient, or other illegitimate interests? However, a good part of my job requires that I 'snoop'. I have the responsibility to enforce policies about what, where, how much, etc. Depending on how the question was phrased, I would give an emphatic no, or Pfft, sure, all the time.
I know of one case (many years ago) when a sysadmin used his privilege to obtain copies of licensed software, code in progress, and even a resume from a workstation assigned to a colleague of mine.
When the SA's boss was presented with the various logs that proved that this stuff had been going on, the SA was moved to another building within the same company.
Why wasn't that bastard fired outright?
This is just FUD meant to scare people.
Depending on your position in an organization, there is a good possibility you've been tasked with snooping on someone as part of your job. At the very least, many of you have probably been asked to help a member of management snoop on someone.
How many people monitor internet traffic at their company? How many people are in charge of sensitive DB's? Call monitoring?
Snooping on employees has become the norm in organizations since any technology that enables it has been developed. As much as I hate to admit it, there really is no expectation of privacy when you are using resources that are owned by someone else.
I have enough to do with my time without snooping on what the users are doing with theirs. As long as it doesn't affect the systems, I don't care.
It's part of my job description to randomly audit company computers, including files, pictures, surfing history, and IM conversations. This is not done in secret; it's fully disclosed when a person is hired and assigned to a computer. Everybody knows it's my job, and everybody knows that I take my job seriously. Period. However, I'm very careful to not invade personal space if I can at all help it. For instance, we have married couples employed by the same company. Even though they're using corporate-issued IM accounts, I only look at frequency of use, not actual message content. It's just common sense. Isn't it?
look at my files if you want; none of them are personal enough for me to care about them.
I do however keep a "Oh admin you must be a blast at parties.txt" in my home folder, with a ASCII goatse inside just in case.
throw new NoSignatureException();
So the files are in the computer.
The other one is easily tricked by slanted survey questions posed by a company with a vested interest in selling security products designed to prevent snooping.
"Have you ever, in the course of your work, sought out or been exposed to confidential information which you were not supposed to see? Examples would include personal files, documents or misdirected mail."
"I don't look at anyone else's files, but as the postmaster for our domain I personally receive every bounced email and those sometimes contain information which should have been kept confidential. I don't read any of it because that would be wrong, but it does wind up in my mailbox."
"Okay, we'll put you down for 'Snoops on his coworkers' then, and I'll have the rest of our sales team take your manager out for lunch to discuss this. Thanks!"
Things do come up sometimes though. Fixing email accounts can require some poking through things (depending on the issue). In cases where disk-space or bandwidth was being consumed at an unusual rate, I've had to investigate over-large homedirs and discuss the issues of downloading movies/mp3's at work (well, in the case my previous employer - a school district - at school).
Really, I can't be bothered to go looking for stuff unless there's an issue that warrants it, but it's not uncommon for such issues to crop up.
I've run across this myself. I used to laugh at my co-workers who were paranoid about us sysadmins scooping their emails and discovering dirty jokes etc (although some shared the jokes with me, and they were actually rather good ones at that). It's really not worth the bother to go digging for this stuff.
/home full and user "jdoe" using 50% of the space), or security-related issues.
On the other hand, systems require maintenance, which may require poking at logs, check out home directories (why is
I have been involved in incidents where we deliberately poked through emails as well, due to some complains about harassing emails etc. I have worked on machines with email issues and saw some headers that seemed rather interesting. Home directories full of porn, proxy entries of mp3 downloads, etc. You run into it all.
My take: unless it's causing a problem, or it's going to land the company in trouble, then it's not worth my time to look into until I'm directed to do so by management. However, cases do crop up, so it's always best to assume that - even if the sysadmins don't really want to read your email - you can be snooped on, and to behave in a manner befitting that.
I've heard of plenty of cases where restoring a damaged hard-drive has resulted in finding *very* interesting files, resulting in rather curt dismissals or sometimes even police intervention. Who would want to chance it?
What's on your corp. servers is nothing compared to whats on your coworkers home machines. Try fixing a few of those for a while and you'll quickly develop an intense desire for eye bleach.
In 20 years of working on corp. machines I never encountered what practically jumps out at you when you work on home machines. Now I just tell people my employer won't allow me to work on coworkers home machines.
"The ferrets, they're every where I tell you!"
Actually, if I'd been taking the survey, I wouldn't have had to lie, and I did snoop. Back in my industry days, I did security, and my job required a certain limited degree of snooping. Nothing extreme — I certainly couldn't be bothered to read my colleagues' email manually, but I did write a bunch of scripts that used publicly readable files and mail folders as dictionaries for the password crackers. Everything was within the scope of my job, but I'm glad I had scripts I could point at to say I wasn't actually reading people's stuff myself!
--Somebody infect me with a
Doctors see patients naked. Film at 11.
This look to me an attempt to create the demand for further screening/control of sysadmins because they're usually tech-savy people with a dangerously liberal bias.
I wish those flashy-things from Men in Black were real. Damn the cancer risk. There's some stuff I just don't want to have in my head.
And, for the love of FSM, don't use your work email for personal stuff. And, by personal, I mean don't conduct your extramarital affairs using company email. There are so many free, anonymous mail systems out there that it's inexcusable. "I have a message stuck in my outbox." Sure enough, there's an email to a senior VP. Subject: "I wuv you schnookums" And there's the auto-preview: "I miss you so much. I want to..."
Which would be all well and good if the VP was in her family photo sitting right next to the monitor. But, no. And she's not in his family photo, either. Nice. So now I know you're both douchebags cheating on your spouses, spending your free time sneaking around instead of spending it with your kids. Would it have been too much trouble to get a frickin' hotmail account?!?
I was a sysadmin for 4 years in 2 different companies. I definitely belong to the other 2 of the 3 sysadmins, in that I have never snooped my colleagues.
In fact, the idea seems totally alien to me. I could not imagine ever doing such a thing, for love or money.
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
And here I am snooping on the sysadmins. Amazing what you can find in .ssh/known_hosts and history.
I'm really astonished about this high percentage. I would not even dream of spying on data. If I access personal data then only by explicit request of the owner for very good reason.
I'm the only sysadmin in my company, so I could easily cover whatever I want but yet I don't even feel tempted.
So no one, then, has seen the TShirt that says "I read your e-mail."
I think this is the very definition of hiding in plain sight. Come on people!
If you're responsible for the integrity of the system, why not make sure your colleagues aren't misusing or harming the system.
They're using their grammar skills there.
The trick to keeping yourself from snooping is to make your life at least an interesting as your coworkers'. Then you won't be tempted. This has worked for me for quite a while.
Ideally it may be a "damned poor state of affairs" but for thousands of years people and governments have been snooping on other people to either gain an advantage or just for some tasty gossip. It's not some sudden failure in collective human kind, it's just what the majority would do in this situation if they got the power.
Technology may have made it easier to do this and given us a sense of outrage over "lowly sysadmins" having access to this sensitive data, but then I see the exact same thing being done by the government in their position of trust. Except they can pass retroactive immunity for it.
I tcpdump
I've been a system administrator for years, have never snooped out anyone's stuff. I value my integrity far more than I value the contents of your files.
Warning: This signature may offend some viewers.
Professional SysAdmins don't snoop.......come on, the level of responsibility we take on for our clients or employers business requires absolute integrity, so much so that even if an employer requires me to snoop on an employee I wouldn't do it w/o a formal signed request with a limitation on what was being searched and for how long along with a justification for the search (e.g. employee suspected of passing on confidential data to competitor). Also, keep in mind that there are substantial complications that might arise when professionals find out information they don't want to know about clients or other employees.....If I find out someone is doing something unethical or illegal I maybe required to immediately report it possibly costing me a client, colleague, or job. A good sysadmin sort of has to act like a lawyer and his goal is to assist his client and only know what he needs to know.
I don't know how this study was put together, but it sounds like they weren't interviewing professionals or experienced admins.
I don't think this constitutes "snooping". It's your job generally to ensure that company resources aren't being wasted by personal files such as music collections, videos, photos etc. Most of the time you are just looking for particular filetypes in excessively large profiles.
As far as software installs go, it isn't important from a licensing and security standpoint to identify illegal or insecure software that an employee has installed. Just as it is to identify rogue network hardware.
I don't think finding out that salesman Bob likes Britney Spears is in anyway a moral conflict. Reading through employee mail or accessing documents you have no right to (human resources for example) - now that is snooping.
Sometimes my arms bend back.
Yeah, make sure you get that in writing. I had a former employer ask me to look through the spam in his mailbox and see if there was a way to do something about it (this would be the first machine I ran SpamAssassin on, to give you a timeframe) and then later accused me of going through his mailbox in violation of company policy. He was an ass, but I wasn't smart enough to realize I needed to get that request in writing. I didn't lose that particular battle, but it was an annoyance.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
If they're snooping, they're not professionals.
If they're members of the ACM, they may have acted in contradiction with the Association's Code of Ethics. If such actions rise to the level of "gross misconduct", their membership could be terminated.
When I'm interviewing people for a sysadmin position one of my primary concerns is honesty and integrity. The problem is that everyone asked to their face will claim to have high integrity. I try to approach the issue indirectly with neutral questions as, "Where do you draw the line on observing user activity?" Several times I've had them answer very vaguely or ask me questions about the question - apparently in an attempt to ferret out what kind of answer I am looking for. This type of error-prone and subtle indication seems the only way to find out. ;)
The human API is very poorly documented. Is there a better way?
In the 10 plus years I'vwe been in this business I've never snooped through stuff that didn't belong to our company. I firmly believe in a code of ethics for sys admins. No one hold me accountable for it, but I still follow it. Why? For some reason all my arguements about personal privacy wouldn't mean shit if I read someone's email. Hell it would make me the hypocrite that I so dearly hate. So no, I don't snoop because I don't want to be the pot pointing my finger at the kettle. With that said. You violate policy and force me into some type of forensic investigation I will go into anything you've ever touched. I've done it before and I will do it again every time. I preach privacy, so I practice it too. I imagine after what I've been seeing as of late I'm one of the few left with some measure of personal responsiblity. Then again I've been told I live in a fantasy world because I actually think I can change it.
I have run a small computer sales and repair company and I am often asked to find lost files on users machines, check their security, etc etc. Most of the time that actually involves snooping around their files and most of the time the user/customer is there to watch what is being shown. But even so, that's a requested snoop rather than hidden snooping. Infact I have instant remote access to over 50 always on customer machines which I often remotely administer and most of those machines can end up filled with complete rubbish, not to mention CC information. I have always followed the policy of checking for CC information, spyware, adware and viruses. Of course this can mean I have to look at random files. But even then I check with the user/customer first. I also recently started a web hosting company and the policy I have there is that I won't check your files unless 1 - I get a complaint or 2 - a file is using excessive bandwitdh. All in all some IT guys 'HAVE' to check out various files and alot of those guys pull information from those files or even make their own copy of the information. To me that is not on at all. If you ever access someone elses files it has to be for a legit reason and any information found must NOT be copied or revealed to anyone else. Infact here in the UK we have a Data Protection Act making it illegal to pass out someone elses information without their permission and that law is enforcable in court. It all begs the question, 1 - Do you look at a file without permission and get taken to court. OR, 2 - You get permission and still get taken to court. OR, 3 - You just get on with it with their permission and get them to sign a document detailing your intentions. OR, 4 - You just tell them you can't help. For me it's nearly always Option 3
2 out of 3 Sysadmin's prefer Trident sugarless gum.
I know this is flame-baitish, but I have to wonder how what percentage of the snoopers are the righteous type on morality crusades. I have a coworker who is mormon who in several years has for some reason "accidentally ran into" porn on several computers. On at least one occasion an employee was fired.
Even though I've worked there longer and worked on just as many computers, for some reason I've never "run into" porn on anyone's computer.
So an employee left, and went to work for a rival. The boss (paranoid fucker that he was) asked me to read his email. After pointing out that we don't keep logs of people's emails, he asked me to write a filter to put it in a file. Fine. I did that, then immediately had a quiet word with the guy to tell him he was being watched. I was also once asked to fix a laptop, and discovered a whole load of links to fetish prostitutes in north london (wtf he was using a work laptop for that for I don't know). I deleted them and never mentioned it. He probably got the hint when he realised that they'd gone. People's own private information is their own private information. I'm not interested in it. Yes, I have morals.
I wrote my first program at the age of six, and I still can't work out how this website works.
Hello all, My name is Mark Fullbrook and I am the Director of Cyber-Ark for the UK. I'm the person that is quoted on what was originally meant to be a small localised press release but has turned (somewhat) into a global debate.
For those that are wondering about the conditions surrounding the survey, it took place at this years Infosecurity Europe Event in London. The survey was a face to face question and answer session with people who had confirmed that they were of administrator level or above. The survey, which was anonymous, consisted of a number of questions around administrative privileges and the transfer of highly sensitive information both within and between enterprises.
We, as a company, were not suprised by the results. In my role, I have the pleasure of dealing with a huge number of the worlds largest companies. I am always suprised at the desire to control adminstrative and privileged access, but I am often told that it is very difficult thing to do when you consider there are in many cases, more Privileged Identities than users!
For those who have mentioned that this is a survey by a company that "sells" a solution to the problem highlighted, then I plead guilty, but I hope that this does not bring the results into disrepute. If we had wanted to make an impact we could of used a LOT higher figure than 1 in 3! The results are a factual representation of what we found from this cross section of attendees of Europes largest IT Security event.
I welcome the thoughts of all of those Admins that have highlighted the need for honesty and integrity, you are of course, the majority. However, you will all admit that sometimes you have to protect from the minority and any solution (ours or someone elses) that can control and audit access for privileged users without impacting how they go about their job surely must be a good thing.
Please feel free to contact me via this response.
Many thanks
Mark Fullbrook
I know because I've been involved in the process first-hand. The auditors say it's part of SOX. Whether it is or isn't, that wasn't my job to question it. I just know we'd haul in boatloads of tapes to restore numerous multi-gigabyte mail files. I don't miss those days at all. Thankfully I'm now at a smaller company where we don't (yet) have all that corporate red tape B.S. going on 24/7. :) We actually get stuff done here.
People need to have reasonable faith that their privacy is respected & their information is safe & secure for them to do their job. Some bosses might not get that, but I do.
While 1 out of 3 does seem a bit high, the simple solution to this is to do your personal websurfing and emailing when at home. This is doubly applicable to where I work, because being a government institution, a huge chunk of our data (specifically, email) is subject to FOIA requests and as such not only the system admin can read your messages, but if they get a hankering to any random guy on the street can too.
For this reason specifically, we actually setup "flags" that would set aside messages if they contained image attachments or certain keywords, and we had a person delegated to sort through all the flagged messages to make sure that nothing was passing through that would result in negative publicity if it turned up in our email. I was assigned this task for a while, and when it first went into effect we caught several instances of pornographic joke messages and such going through the system.
Since I was (at the time) tasked with the IT orientation session for all incoming employees, the best advice I gave to them was that we can and do monitor email communications, as well as what web sites they visit, and as a good practice, don't write anything in email or browse any website that you wouldn't want to show up in the local newspaper, because in our situation it very well could end up there.
"People who think they know everything are very annoying to those of us who do."-Mark Twain
Should we say,
"They shouldn't have had access to the private keys of every server. And neither should you."
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
14K is not such a big bonus.
At least, not according to some people.
I would definitely not turn my nose up at it, not with my current job.
Hmm. Not sure I have anything to say here, after all.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
I'm a sysadmin and I can honestly say I have never snooped on colleagues. (Snooping at home is an entirely different thing though. :-) )
Of course, this was a 2000-user federal government department, so simply searching for *porn*.jpg and the like used to return so many hits that it maxed out the search function on the Win98 workstation that had been set aside for the purpose. It had to be set aside because new material made it onto the user partitions faster than the workstation could delete it, even working 12+ hours per day.
We really should have scripted it, I guess - but there was too much else going on at the time. Oh well.