Employee Monitoring

CWmike writes "Michael Workman, an associate professor at the Florida Institute of Technology's Nathan M. Bisk College of Business, estimates that monitoring responsibilities take up at least 20% of the average IT manager's time. Yet most IT professionals never expected they'd be asked to police their colleagues and co-workers in quite this way. How do they feel about this growing responsibility? Workman says he sees a split among tech workers. Those who specialize in security issues feel that it's a valid part of IT's job. But those who have more of a generalist's role, such as network administrators, often don't like it. Computerworld contributor Tam Harbert found a wide variety of viewpoints from IT managers, ranging from discomfort at having to 'babysit' employees to righteous beliefs about 'protecting the integrity of the system.'"

I call BS on your BS

[COMON$]

As a sysadmin I find your point valid but your reasoning BS. Security admins like myself do not spend our time looking at all the sites that employees go to...good lord do you really think we have that much time in our day? We monitor, log, and it gets put away for HR purposes. Occasionally we will look and see where people are going and what the bandwidth is being allocated to, but I don't know a single admin who does what you are bitching about. Now what IS done, is in high security environments, like financial institutions, will scan through the e-mail logs to see if any sensitive information leaked out.

I love people like yourself who build up these straw-men, but have no CLUE why things are done the way they are, you just like to bitch about someone else being in control. There is a reason we don't let people like you make decisions that matter, because you are incapable of seeing the big picture. You make great Techs, bad admins.

That being said, there are admins out there who are glorified babysitters. No one has the time to watch all web traffic and make a human judgment on it. iPrism has good lists where people actually categorize the sites so I don't have to do it. I am a BIG proponent of educating my HR departments on what is acceptable and what is ethical. Employees should be able to surf and browse as long as it does not endanger the company. If an employee is found to be having trouble keeping up with their workload, we as an IT department, will provide logs of their activities for Evaluation. This is a CYA scenario, otherwise the employee in question just states how they are overworked and HR can do nothing.

There are also lots of bad admins out there who put bad policies in place. They webfilter but never block outgoing ports. Or they disable CD-ROMs but not USB drives.

Your old boss is a prime example of this, but win 3.11 was very early in the game and people had not learned from the mistakes back then. We are getting better now, but wont get really good until the upper management from that era cycles out.

To sum up, monitoring everything you can is essential in many businesses. CYA, Audit trails, and metrics are all good reasons. big brother antics make up for maybe 1% of it. The rest is just being throughough so when someone claims you sold or stole data you can prove otherwise, I personally can clear someone quickly if they get accused of stealing. I can also prove neglect. But it is up to a manager to start the process. Most likely if I am pulling up your activities, you already got caught doing something pretty nasty.