I have run a small computer sales and repair company and I am often asked to find lost files on users machines, check their security, etc etc.
Most of the time that actually involves snooping around their files and most of the time the user/customer is there to watch what is being shown.
But even so, that's a requested snoop rather than hidden snooping.
Infact I have instant remote access to over 50 always on customer machines which I often remotely administer and most of those machines can end up filled with complete rubbish, not to mention CC information.
I have always followed the policy of checking for CC information, spyware, adware and viruses. Of course this can mean I have to look at random files. But even then I check with the user/customer first.
I also recently started a web hosting company and the policy I have there is that I won't check your files unless 1 - I get a complaint or 2 - a file is using excessive bandwitdh.
All in all some IT guys 'HAVE' to check out various files and alot of those guys pull information from those files or even make their own copy of the information. To me that is not on at all.
If you ever access someone elses files it has to be for a legit reason and any information found must NOT be copied or revealed to anyone else.
Infact here in the UK we have a Data Protection Act making it illegal to pass out someone elses information without their permission and that law is enforcable in court.
It all begs the question, 1 - Do you look at a file without permission and get taken to court. OR, 2 - You get permission and still get taken to court. OR, 3 - You just get on with it with their permission and get them to sign a document detailing your intentions. OR, 4 - You just tell them you can't help.
For me it's nearly always Option 3
Slashdot Mirror
I have run a small computer sales and repair company and I am often asked to find lost files on users machines, check their security, etc etc. Most of the time that actually involves snooping around their files and most of the time the user/customer is there to watch what is being shown. But even so, that's a requested snoop rather than hidden snooping. Infact I have instant remote access to over 50 always on customer machines which I often remotely administer and most of those machines can end up filled with complete rubbish, not to mention CC information. I have always followed the policy of checking for CC information, spyware, adware and viruses. Of course this can mean I have to look at random files. But even then I check with the user/customer first. I also recently started a web hosting company and the policy I have there is that I won't check your files unless 1 - I get a complaint or 2 - a file is using excessive bandwitdh. All in all some IT guys 'HAVE' to check out various files and alot of those guys pull information from those files or even make their own copy of the information. To me that is not on at all. If you ever access someone elses files it has to be for a legit reason and any information found must NOT be copied or revealed to anyone else. Infact here in the UK we have a Data Protection Act making it illegal to pass out someone elses information without their permission and that law is enforcable in court. It all begs the question, 1 - Do you look at a file without permission and get taken to court. OR, 2 - You get permission and still get taken to court. OR, 3 - You just get on with it with their permission and get them to sign a document detailing your intentions. OR, 4 - You just tell them you can't help. For me it's nearly always Option 3