Slashdot Mirror
1 In 3 Sysadmins Snoop On Colleagues
klubar writes "According to a a recent survey, one in three IT staff snoops on colleagues. U.S. information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 percent said they had accessed information that was not relevant to their role. Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?"
It's a damned poor state of affairs that so many people put in that situation of trust betray it.
I've been a systems admin for the better part of a decade, and the only time I've ever accessed the company's assets are when it was warranted.
The same goes for user files. I'm not going to snoop through other people's files. Really, I don't care what boring files you keep, just that they don't fill up the partition they're sitting on.
Do that, and suffer my wrath.
Check out my sysadmin blog!
I know a place where they have'nt changed the root/admin passwords in years. They have so many servers that it would be "a huge pain" (their words exactly) to change all the passwords. I wonder how much of a pain it would be for a former DBA or sysadmin to snoop around and start publicly posted how much everybody makes?
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
How exactly is reading another employee's email, or monitoring all of a user's web traffic (with out instruction to do so) going to help you in maintaining your domain?
Is being able to flip through the HR database and seeing everyone's pay rate going to make your network more secure?
And if your users learn of your snooping, is it going to be a boon to your company when either you are fired, or employees leave rather than be snooped on?
If you are snooping and you are looking at anything more than purely technical information, you are likely going over the bounds of ethical behavior if you don't have managerial backing.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
So in other words, a significant majority of sysadmins are honest. Given that they have "the keys to the kingdom" in the words of the article, that's pretty impressive.
Loose lips lose spit.
Not really. Often, a sample size of only 30-40 will be sufficient to draw conclusions of statistical significance. Even if we assume a moderately heterogenous population, a sample size of 300 ought to be fine, especially to draw the kind of conclusion that the article draws, namely that "many admins snoop" -- not all, or even necessarily a majority, but a large number. Thought of another way, when polling organizations like Gallup conduct a survey, their sample sizes are often right around 1,000, and they are modeling the entire population of the US, which is both larger and more heterogeneous than the population of admins in the US. You don't need super-large samples to get good data, and the utility of adding one more data point into a sample decays exponentially.
Rhapsody in Numbers
I don't snoop. Truth be told, I don't really care about anyone or what they're doing. Besides, most sysadmins are lazy. Good sysadmins do their best to automate as much as possible so they have to do as little as possible. Do you seriously think we want to create more work for ourselves?
I'm a system administrator.
Where the fuck do these people get the time to snoop?
Do cashiers and bank tellers pilfer from their tills? Rarely. Those that do lose their jobs. Most of the general population is generally honest and of good character.
If an employee is using abnormally high amounts of disk space, you have a reason to go look (granted, you should _talk_ to the user before looking, but you still have a reason). This is different from snooping.
Remember, open source is free as in speech, not free as in bear.
Well sometimes when you are performing a backup and you see that hey this user took 1 hour to backup. You kinda want to poke around and see what is there. There are a bunch of Movie Files oddly named. Now if you look at them and you see they are recoded video conferences then they are good. If their are something "No approprate for work" then it is an issue to either remove them or take action on the user. Knowing what is on your system is important. Most of the times when you look to see peoples salaries the Admin will go oh that is where the saleries are stored lets make sure that this is properly protected. As a side thought they may see how they are doing compared to others but just as long he doesn't use it there really isn't any damage there.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I host for a few friends of mine, and I don't really snoop unless their disk space crosses threshold. Then I ask if they'd reduce application XYZ's data footprint because it's encroaching on other users backup space.
In non-shared, it's more often snooping of port activity for security audits. Hey, you don't need that derelict FTP server running. Mind shutting it off so we can get VISA certification?
Yeah, I definitely have done it. No matter how you define it.
/home
I CAN say that I have never logged into systems I wasn't allowed in, but I have
cd
and looked around.
However, I have never USED the information. I never really found anything incriminating, except TONS of porn. Hey, if you have a proxy server at work, all the porn you view is cached on the proxy. Our proxy used to show the file owner, ha ha, you are busted. I never busted anyone however, just backed up the porn to CDs and deleted it. Anyone want some old CDs?
Also, I used to work nights. If you just turned me down for a raise (poor-mouthing how bad the company is doing), do not leave your 6 month $14K bonus paperwork lying around on top of your desk. I was just delivering reports, but damn, I lost all respect for you. That is why I do not work for you anymore.
- I live the greatest adventure anyone could possibly desire. - Tosk the Hunted
As far as I know, sysadmins are bound by privacy laws.
And if those are the same laws that apply everywhere I've worked at, then it doesn't matter if they access my files or read my email.
As long as the info is not made public, used maliciously, discussed between colleges, then it doesn't matter.
It's not what you know, it's how you use it.
How do I know that the monkeys in Personnel aren't firing up my salary details or absence reports for the hell of it? Techies too have to trust people who have access to information just like they have to trust us. If someone is found to be abusing the access and earning some gain, action will be taken I'm sure. But overall it has to work on trust, or we'd all be drowning in audit trails.
At a previous sysadmin job, I never snooped on colleagues.
However, as part of my duties, I was instructed to monitor some individuals and to scan for specific keywords in the logs.
No sig. Move along - nothing to see here.
Given that anyone with both the access and the inclination will have harvested any information they want long before they hand in their notice, having them escorted out is going to be ineffective. From that position, threatening dismissal will not be an effective deterrent, especially now that it's so hard to put allegations into a job reference, unless there's a criminal case that's been proved.
Probably the only industry where safeguards come close to working is in the financial sector - where the regulations about insider trading make it hard to exploit privileged information without getting caught. However, that's a legal solution, not a technical one.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
At many jobs, I have had access to my boss's, and his boss's (etc.) e-mail since I ran the e-mail server. I am not going to make any legal admissions here, but why wouldn't I read it? I would find out ahead of time about such things as layoffs and that type of thing. Being that I am a wage slave, I want to know about this sort of thing. This is like the "ethics" of slave snooping on their slave master. I am waiting for a Lenin/Pol Pot type to come along and wipe out these bosses, company boards, majority shareholders and the like, so the e-mail snooping is a no-brainer.
Agreed. The "makes you wonder" comment makes you wonder about the professional ethics of the submitter.
There are three basic reasons why sysadmins don't snoop, in increasing order of importance:
1. It'd get you fired.
2. There isn't time in the day.
3. Basic bloody professional standards.
My institution recently underwent a long (very long) pay restructure. At about the point where things were finally settling down, the DBAs were hauled in and "reminded" that exposing or snooping through the resulting data would be a Bad Thing. My instant reaction was, "that's a fucking insult;" didn't think much of the middle-managers involved in passing on that message for not standing up for their staff. However, I think the reflection upon the personnel staff who issued the memo in the first place is that they are greasy, underhanded slime balls.
So no change there then.
Articles like this one just perpetuate numerous cultural and organizational phenomena of taking risks then blaming someone else for losing the bet. Management's role in creating the situation is totally ignored by most of the comments to my initial reply.
Because, some people aren't supposed to be seeing certain things
Running with that assumption for a moment, most of the replies totally ignore the *fact* that Management is unwilling to pay OR EVEN CONSIDER using a system that would guard those "certain things."
-PGP encrypt attachments? No way.
-Password on a zipped archive? Probably not.
-A system-wide approach via PKI? Not on your life.
Management has *intentionally* set themselves up for failure and they blame the IT worker? This is the classic case of sh!t rolling downhill.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
I'm a sysadmin, and I don't snoop at all. Sure it's "honorable" and "ethical" not to, but I feel that the more real issue is that the more privileged knowledge you have, to more responsibility you have. I know my own passwords and the network passwords, that's it. If someone tries to tell me their password for convenience, I tell them "I don't want to know it, keep it to yourself." I have enough shoulder-crushing responsibilities as it is, I don't want to know more shit that would put me in a position of necessary action. Say that I'm not living up to my potential, and that my company would want someone more proactive, but I'm pretty damn proactive when it comes to my job responsibilities and the responsibilities of my department. This isn't to say that when I'm tracking down legitimate problems and they lead me to a user's personal data or habits that I don't go there; that's part of my job, but there is a thick line that I never cross. This all assumes that the admin would take responsibility for the information they gained by snooping, which I would feel compelled to do, and for that I don't have an explanation. On the other hand, I used to work with an admin who snooped, I knew about it and he knew I knew about it, but I really didn't have a problem with it. It led to some catches, too, but I still never took part in it. I think some people just have an aversion to invading other people's personal space, and some people don't. Apparently that ratio for sysadmins is 1/3.
I've been a sysadmin for ages (started on that track in the early 90s, so a good 15 years already), and can honestly say, I can't be arsed to snoop people. The only time the records are examined is when I'm officially requests to investigate at the behest of the directorate, with agreement of HR and if appropriate, the relevant unions.
Part of the reason being that I am too damn curious, except not in the "curtain twitcher" way of spying on people around you. I'm always probing the systems to see if they're happy or not, and seeing if I can tweak them to be more secure, or perform better.
I'm also happy with my illusions of them being pleasant, professional people with no hangups or problems (unless they enter the 'mates' category, in which case I either ask, or listen, or both). Saves a lot of friction, and lets me get on with what needs doing.
The biggest reason though, is that I think the world should be a better place than it is. I like my privacy, and think it's something valuable. Therefore, I show people the respect I think they should have, and politely decline to riffle through their private information. If I can't meet my responsibility for privacy, I have no business claiming the right.
There comes a point where it's asked "Who watches the watchers..".. And I'd have to say they're damn poor watchers if they can't watch themselves.
To be a sysadmin in a sizable environment, you need people on your side; you need them to trust you, and have a bit of faith in you.. Otherwise, the first big disaster that happens (and we all know they do, no matter how much you plan), you WILL be strung out to dry by everyone with an axe to grind, rather than having their support and help at the time you need it most.
Ok, here's the thing...
After you've flipped through dozens of inboxes and home directories as part of your job, you know how pointless it is to do it for fun. People are boring. They have boring mail. They have boring files.
See that "Preview" button?
Strictly from the P-O-V of a UNIX admin.
/. -- shutup :P) ::eyeroll::
1. 300 is too small a sample. Far too small.
2. No breakdown on size of shop per admin. My SA/server ratio is 1:100, which means very little time. (I MAKE time for
3. No breakdown on 'admin' roles. If this is a mom-pop-shop admin survey, then I guess it makes sense. Cisco riders can't touch a server in my shop. Neither can the Domain/AD Admins.
4. MSNBC? Now -theres- credibility.
5. These shops obviously don't log admin activity. Someone needs to watch the watchers.
6. I am not a snitch. I don't get paid to snitch.
7. auto_home FTW, baby!
8. 1 out of 3 survey topics are meaningless.
I've been a system administrator for about 10 years now and I've never really found snooping to be interesting. I even tend to look away when people type their passwords, open files with their personal finances or other information. I show them how to use encrypted FUSE file systems. In general, I don't care about someones personal files unless they're taking up too much space.
However, I should say, from time to time you stumble across "information that (is) not relevant to (your) role," unintentionally. That can't be helped, but it is possible to not abuse the situation.
I've sys admin'd for over a decade and can say that I've never intentionally spied on a colleague. However! I have stumbled onto quite a lot of unusual and interesting things. Some of these things I chose to ignore, some I reported, and some I think might have even been planted for me to find.
Also, I was never asked to spy on a colleague by an employer. Basically the rule was, as long as you're getting your job done and you're not breaking any laws or offending any coworkers, why should we stop you from doing as you please?
No sig for you. YOU GET NO SIG!
It's much more than schools. Read any
Agreed. My first thought after reading the article is where's the meat of the article? There's no indication of whether those 300 "senior IT professionals" were all in one company, what their actual jobs or skill levels are, or any other information. Basically, this boils down to them saying, "Hey, our product is really valuable, and we just did a survey to prove it. Honest!"
This space intentionally left blank.
The trick is to keep your automated scanning away from the prying eyes of all the other systadmins, who might just stumble across it while they're installing their own methods of getting one step ahead of the rest of the crowd.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
Actually the insider threat is more of a problem than external hackers. That has been proven time and again.
Funny how people keep forgetting that lesson.
Today a DBA came to me and asked why the partition filled up. I had to drill into oracle to find the answer (Oracle trace files. Let's just say I've worked with smarter DBA's). Was that snooping? Granted, that was in the realm of solving a problem.
As an email admin, I've routinely seen subject lines of emails that made me raise eyebrows. It was almost always in the context of looking for a missing email. Is that snooping?
Personally, I'd REALLY like to see the data. 1) What does '300 Senior IT Professionals' mean? 2) I'd REALLY like to see the survey questions asked.
I often tell people that, as a sysadmin, if you don't trust me, fire me now, and escort me out the building. I have more than enough power to do irrevocable damage to the company.
Zapman
The other one is easily tricked by slanted survey questions posed by a company with a vested interest in selling security products designed to prevent snooping.
"Have you ever, in the course of your work, sought out or been exposed to confidential information which you were not supposed to see? Examples would include personal files, documents or misdirected mail."
"I don't look at anyone else's files, but as the postmaster for our domain I personally receive every bounced email and those sometimes contain information which should have been kept confidential. I don't read any of it because that would be wrong, but it does wind up in my mailbox."
"Okay, we'll put you down for 'Snoops on his coworkers' then, and I'll have the rest of our sales team take your manager out for lunch to discuss this. Thanks!"
Humanity is pretty pathetic.
Give me Classic Slashdot or give me death!
The parent will never reply to you, because the kind of people who say ignorant garbage like that like to imagine that gays don't actually exist and that you're just having sex with your own gender to piss other people off, because they think you're exactly as self-righteous as them.
You know what, I have too much karma, I think I need to change my sig to +5, Truth.
+5, Truth
Professional SysAdmins don't snoop.......come on, the level of responsibility we take on for our clients or employers business requires absolute integrity, so much so that even if an employer requires me to snoop on an employee I wouldn't do it w/o a formal signed request with a limitation on what was being searched and for how long along with a justification for the search (e.g. employee suspected of passing on confidential data to competitor). Also, keep in mind that there are substantial complications that might arise when professionals find out information they don't want to know about clients or other employees.....If I find out someone is doing something unethical or illegal I maybe required to immediately report it possibly costing me a client, colleague, or job. A good sysadmin sort of has to act like a lawyer and his goal is to assist his client and only know what he needs to know.
I don't know how this study was put together, but it sounds like they weren't interviewing professionals or experienced admins.
I don't think this constitutes "snooping". It's your job generally to ensure that company resources aren't being wasted by personal files such as music collections, videos, photos etc. Most of the time you are just looking for particular filetypes in excessively large profiles.
As far as software installs go, it isn't important from a licensing and security standpoint to identify illegal or insecure software that an employee has installed. Just as it is to identify rogue network hardware.
I don't think finding out that salesman Bob likes Britney Spears is in anyway a moral conflict. Reading through employee mail or accessing documents you have no right to (human resources for example) - now that is snooping.
Sometimes my arms bend back.
("Score: 1, Troll"? Not really?)