Iyfjky

Question

Recently I have been noticing some weird activity on my workstation (which is password protected) such as Browser Data (History, Saved Passwords, Ignored Prompt Options, Plugin Data, Browser Session Data which is used to restore tabs on startup) being erased. I suspected that it was either my employer or another employee who outranks me mainly because the data removal as been progressively "evolving" starting at just lost tabs and history then to plugin data and then selective removal of add-ons and also the fact that I turn off the workstation so they have to get past my password (which isn't weak - it is 9 characters with one number and one symbol in it). I expect as much anyway because this is a work PC and my employer is entitled to check the data (though it makes work harder when I lose history of code snippets I use for work).

One day I noticed that after work hours there were entries in my browser history, particularly googling the net alias I use, finding an old forum I used to visit, googling an old project I worked on and googling a latin philosophical proposition I used as a tagline, "Cogito Ergo Sum". From there I decided to keep an eye on my history and note down what time exactly I left work. (Though it's weird they are looking up this stuff on my workstation rather their own).

One morning I checked my history, I saw the tell-tale sign that someone had been on as 20+ URLs were opened at the exact same time which would be Chrome opening up my recent tabs at startup, the time recorded was 4 minutes after I left work. Another 4 minutes later there was one more entry which scared me and that entry was for mail.google.com. If you don't know what that URL is it how you get into your gmail inbox and if you're not signed in it will redirect to the login page. What scared me was that I don't normally log out of my email because I trust the security of my workstation. Taking precaution when I got home that day I went to every website on which I was registered and reset all my passwords and when I did this I saw that I was still logged into my email so whoever accessed my email didn't go in to see if I was logged in and logged me out.

Now I understand that in IT or any job in which you use a PC with net access the PC and the Internet is a work resource. Anything on the PC the employer is within their rights to monitor and that includes email, personal or otherwise, and aside from the personal banking details and passwords I have nothing to hide in my email. However, I expected my employer (and any employer) to maintain a professional standard in not opening sensitive personal emails and if there is a reason to do so I should be notified in advance about which emails they intend to read (otherwise how am I to know that they aren't going into my email and stealing my bank details) or at the very least tell me that they are going to access my personal email.

It has been a couple of weeks since this has happened and I have not logged into any account at work but I have never been talked to about this. I am still concerned that this happened after office hours so I am wondering, are are employers allowed to access/search through one's personal email outside work hours?

NOTE: The likelihood that this was someone outside the workplace is very unlikely considering when I left on the day in question there was still some collegues still at work. This would mean in 4 minutes everyone had to leave, the intruder gain logical access without tripping the intrusion detection / intrusion prevention (IDS / IPS) system and access my workstation by turning it on and brute - forcing my password. The odds are stacked against such a scenario.

Definitely report this to your security/manager/person in charge. While employers are allowed to go through your computer, you don't know for certain who is behind this. Whoever it is may not have permission from your employer. — Feb 1 '16 at 13:25
Immediately change all your passwords, enable 2-factor authentication everywhere possible and delete all your browsing profiles from the work machine. It's possible that your employer is logging your keystrokes and someone is hacking your personal accounts. I'd report this to the police - just because the employer ows the computer and can monitor what you do, they cannot log into your personal account. In most Western countries this would be a (serious) crime. — Feb 1 '16 at 16:15
I trust the security of my workstation, well, there's your problem. Distrust everything ;) — Feb 1 '16 at 17:45
Don't use work computers for personal use, people! If you want to check your personal email while at work, i.e. on your break, do so on your mobile phone's data connection. Your employer can, and probably should, monitor what you do with your work computer. — user44634, Feb 1 '16 at 17:53
I agree with reporting it to your IT/manager/person in charge. This is your obligation to do so. And this protects you, in case that person accessing your work account starts impersonating you. Reporting it to the police, as @xxbbcc suggests, (unless IT decides to do so themselves) would seem like an impractical suggestion. Most police forces in the World do not have the manpower, nor the motivation, to investigate or even record every potential security breaches of personal email accounts (especially when you haven't suffered a monetary loss as far as you're aware). — Feb 1 '16 at 19:23

nvoigt 42.6k18105147 · Answer 1 · 2016-02-01 13:35:04Z

Are Employers Allowed to access/search through one's personal email outside work hours?

No

Employers are allowed to use their own equipment. Read everything stored on their computers, on their email servers or similar. If you stored private information there, you have no right to privacy. But, they are not allowed to make any use of it. If they find your credit card info, they are not allowed to go shopping with it. They are not allowed to access your web-based email, even if they do get your password. If you forget your phone on company premises, they are certainly allowed to see what it is, but they are not allowed to use it or even impersonate you.

Even though this is European law, I cannot imagine it is that much different anywhere else. It's your fault that they have the information. It's their fault if they use the information.

@JoeStrazzere "Accessing" webmail with a password saved on the work computer is a breach of privacy. If he saved the mails to disk on his work PC, that's his problem, but using his passwords to log in somewhere external is not ok. — Feb 1 '16 at 14:10
@JoeStrazzere Accessing someone's private email without the person's explicit approval is definitely a crime in the US. An employer cannot force an employee to disclose the password and any password obtained through monitoring cannot be used to log in to a private account. — Feb 1 '16 at 16:53
This answer does not reflect European law. Directive 95/46/EC prohibits employers from reading personal data, even when it is stored on their own devices, unless certain conditions are met. From the Article 29 Working Party summary: "[Workers] do have a legitimate expectation of a certain degree of privacy in the workplace [...] the simple fact that a monitoring activity or surveillance is considered convenient to serve the employer's interest would not solely justify any intrusion in worker's privacy." — Feb 1 '16 at 18:44
This is just as true in the US. Absent specific consent (which would have to come from both the account holder and the provider i.e. Gmail), it is a federal crime (violation of the Computer Fraud and Abuse Act) to access third-party computers without authorization). — Feb 2 '16 at 3:17
The OP tagged Australia, so if that is the relevant jurisdiction you will probably find the relevant laws more resemble those of a 3rd-world dictatorship than anything used in Europe or the US. We also have no bill of rights or similar. — Aug 27 '16 at 3:16

Rob Moir 4,43311633 · Answer 2 · 2016-02-03 11:33:02Z

I feel that this is most likely an unauthorised action by a colleague.

HR / IT don't need to sneak around logging on to your PC to view your web activity, don't need to log on as you to look at your work mailbox, and have no need / right to log on to your private mailbox.

In any case, I would discuss this issue with your line manager and I would also suspect that there might be a keylogger or screen-grab software on the workstation. I wouldn't trust it for any confidential work you do as part of your job (e.g. if you do work that not all employees are cleared to see) and I certainly wouldn't trust it for anything personal.

Thanks for catching what others missedÃ¢Â€Â”it's not just monitoring, it's actually logging in to his accounts. — Feb 4 '16 at 1:28
+1. Real IT security don't need to do this at all. They will look at the logs at the firewall, then match the IP to their DNS servers and don't need to touch your computers. This is either a moronic IT security or someone hacked your computers and are stealing information. — Oct 20 '16 at 8:19

score 3 · Answer 3 · 2016-02-03 16:26:10Z

Change your domain/PC password every day until this is resolved. If you are doing that and it is still in issue you know IT is involved.

I have managed groups that oversee security at a large multinational. There are some basics here that aren't touched on.

in most European countries even snooping at personal data without telling the employee would be illegal, could get the company heavily fined, and the individual doing the snooping (if employed in Europe) could get in trouble.

an employer can log onto your computer (for rest we will assume US)

an employer can log onto your computer as you - this is very grey territory though. An employer must have a valid technical or personal reason for doing this. For example the user has a potential application that only their user can see and employer wants to check it or delete it. Or employer thinks employee is doing something bad so wants to check local files. These are fine. Without documenting such things courts in the US would just assume that employer was snooping into private data. We actually had a lot of documentation filled out before any snooping. And yes my company had people sign something saying that work computers may be monitored, do not use for personal usage blah blah blah - we have found these waivers don't matter in most countries including the US. Basically law trumps waivers.

An employer can open up a browser session and can search for things on your computer. Again there would tend to need to be some reason for logging into your account. (it doesn't have to be valid in your eyes)

An employer can record (video) your screen anytime they want. I can deploy software that pops a picture of your screen every three seconds and read everything that you have read on your screen. Note that doing this is up for debate in a lot of countries right now as it might affect privacy standards.

An employer does not have the right to knowingly log into personal accounts. There are two distinct laws in the US that forbid this - identity theft/fraud and the second would computer fraud (hacking laws). Your employer has hacked into yahoo if they are knowingly using your login without your permission. This is HIGHLY illegal.

How would I handle it. First I would document it. Take pictures, write a log, take inventory. Have at least three concrete examples. Cover your ass before your bring it up because the first thing they will do is try to wipe your computer (if it is not a coworker).

Second I would call them out but I have a tactic for you. You go into your bosses office and say that we need to talk to HR and security. Why? Because Yahoo/Google/whoever has informed you that someone has been accessing your personal accounts from their work network when you are not there. Explain to them that they wanted your permission to investigate as it is a form of fraud and hacking.

Third - watch them bitches scramble. If they were that dumb to leave traces on your computer I can only imagine what they will say or do when you drop the news on them. If it is a coworker I would expect them to be walked out immediately.

Fourth - this depends on how much you want to work at the company and what you want to do in the future. This could be a good opportunity to get 6 months paid to get a new job if it was your manager or IT doing it. You could also handle this nicely and work with company on a sensible resolution - I would only accept this with a coworker. It is a touchy subject. Someone involved with this probably won't work at your company soon once it is brought up. There is a risk involved because those who got caught will make up anything to save their job...

Note: I answered this for US laws but did phone a coworker in Sydney. He basically said that laws were similar but privacy issues where dealt with harsher in Australia. You can use the same terminology and look up the laws in Australia that they have broken.

It could still be a keylogger. This might be a security issue. — Feb 9 '16 at 16:34
If one exists, a tested and functioning IT Security incident response plan will be very helpful. Perhaps consider adding into your answer. References to relevant principles of security CIA would also strengthen this great answer — Jan 7 '17 at 1:18

score 3 · Answer 4 · 2016-02-09 05:48:52Z

Wow, 4 minutes after you leave... that has to be more than just coincidence. My guess is, it's a coworker acting without company authorization.

I think one thing you could do is to setup a process that sends you a text message when your computer is turned on (I don't know if it would be possible to do that in your configuration), or when you are logged in. Then, when you leave work, hang around a few minutes and if you get your text message, head back to work and see who is sitting at your computer. (Perhaps if your computer has a webcam, you could have a process save a few snapshots when the computer is turned on/logged in).

The point is, while they (the company) may know the sites you have visited by ongoing monitoring, I can't think of a way that your browser history could be affected without someone actually sitting down at your computer, and at least turning it on and logging in (most likely logging in as you).

I think you need to (eventually) report this to your boss or your IT department, but it might be of some help if you know who, specifically is doing it.

If it turns out that this is being done by (initiated by or authorized by) the company, then the access to mail.google.com could be an "intentional", or "accidental" intrusion into your privacy. Simply visiting the URL, possibly from a link in browser history, would (possibly unintentionally) expose your Gmail "Inbox", but it doesn't mean anyone opened/read any of your emails (unless you have some indication of this like browser history, etc).

Edit: As was pointed out by Trickylastname, the software policy at your company may not allowed you to install additional software without approval. That's why I said "I don't know if it would be possible..." above. Perhaps I should have said "I don't know if it would be allowed...". I wasn't specifically thinking about installing any software to do it, although that might be necessary. It's also possible that it could be done with existing utilities or scripting. Perhaps something as simple as a shortcut in the startup folder that visits a specifically crafted URL.

A better idea is to simply "forget" something 5 minutes after leaving and coming back. However I think a more direct approach is better here. Asking to sit down with the boss and saying you notice your work computer is tampered with and you want to know why. If it's HR authorized, then really nothing you can do. I just find it odd they research it right on the same computer. Usually companies remotely monitor such things. — Feb 2 '16 at 17:42
@Dan - I had considered that, and it may be the "excuse" you use for returning. But I thought that if the accesses were not nearly every day, you might do the "forgot something and return" multiple times and never "catch" anyone. You would then lose the element of "surprise" because people would notice you have developed a habit of returning shortly after leaving. If there is no way to send a notification to yourself then this may be the only option, which still may work if the accesses are at least somewhat repeatable, like even that it happens sometimes, but always on Monday and Thursday. — Feb 2 '16 at 19:29
I'd be careful with installing extra software. Even if OP has administrator privileges, many companies have a "IT-approved only" software policy, which may include notifying OP's manager if OP's workstation does not comply. — Feb 4 '16 at 12:44
@Trickylastname - Yes, I agree. That's why I said "I don't know if it would be possible...". Perhaps I should have said "...if it would be allowed...". I wasn't specifically thinking about installing any software to do it, although that might be necessary. It's also possible that it could be done with existing utilities or scripting. Perhaps something as simple as a shortcut in the startup folder that visits a specifically crafted URL. — Feb 9 '16 at 5:40

Anthony 5,1431255 · Answer 5 · 2017-01-07 01:06:59Z

I work as IT Security professional. This is very shady behavior by your employer. At all the companies I worked at, all require that individual accounts be used to preserve non - repudiation, such that the user cannot later deny that he / she is non accountable for an action due to his / her login having being used.

If your company is of a decent size and well run, there should be a detailed IT incident response plan that should outline what the user is to do when a breach is suspected, as in this instance. Follow what is outlined in that document, which most likely involves reporting to IT Security, if that functions exists at your company. Your IT security team may not even be aware of this potentially malicious activity occurring.

Even if this your employer legitimately monitoring your activity, which I doubt, there should be procedures outlining which employees are authorized by company management to monitor employee network activity. So if even if done by an internal employee, if he or she is not authorized to monitor traffic, the IT Security function should know, as its unauthorized activity.

Simon B 2,5422716 · Answer 6 · 2016-02-02 23:00:33Z

It's a company owned computer.

You should assume that the IT department can remotely log into your computer at any time. You should also assume that everything you do on that computer is going through the company's firewall and will be logged - so they know what web sites you are visiting. They can see everything that's on those web sites if the web site isn't encrypted. Depending on how your computer is set up, they may even be able to read everything on web sites that are encrypted.

They shouldn't be trying to hack into email accounts and the like, but leaving it logged in while you are away from the computer is just making it easy for anyone getting nosy.

WorkerWithoutACause 9,18563257 · Answer 7 · 2016-02-03 12:45:49Z

Yes, they can in European countries.

The European Court of Human Rights (ECHR) said a firm that read a worker's Yahoo Messenger chats sent while he was at work was within its rights.

But

The impact on domestic courts differs. Under UK human rights laws, judges must take into account the ECHR's decisions but are not bound by them.

And lastly, the reason why the European Court of Human Rights (ECHR) allowed the employer to do this was:

Because it [the employer] believed it was accessing a work account, the judges said, the firm had not erred.

Source: BBC: Private messages at work can be read by European employers, 14-Jan-2016

Usual disclaimers: I am not a lawyer. I cannot do a satisfactory impersonation of a lawyer. This is not legal advice.

Two things worth noting. 1) If the employer does not use Gmail for emails, they couldn't claim that they believed they were accessing a work account. 2) There is a significant difference between "reading a worker's chats (or personal/private emails) that were sent while the worker was at work", usually discovered by monitoring network access activity, and accessing the workers personal/private email account inbox and reading emails that the worker DID NOT send while the worker was at work. — Feb 9 '16 at 6:02

2ps 831126 · Answer 8 · 2017-01-06 23:06:32Z

I am still concerned that this happened after office hours so I am wondering, are are employers allowed to access/search through one's personal email outside work hours?

Since you already have an opinion about EU law, I will answer for US. In the US, an employer that provides you either Internet access or a computer can monitor any and all activity on its network, any and all activity on that computer, and any and all data on that computer. Remote webcam software is fair game, GPS tracking is fair game and even keyloggers are fair game. Pretty much, if you did it on an employer's computer or using the employer's network, it can be used and monitored.

So pretty much, there is little to no expectation of privacy when using employer-provided equipment.

Yes, the employer can monitor activity on the network, computer, and data on the computer. However, what the OP is describing is someone accessing a 3rd party site with the OP's personal credentials. This is not legal, and honestly doesn't really sound like the behavior of a corporate IT dept. I would assume this is either an external hacker, or someone internal doing some that they are not authorized to be doing. — Feb 2 at 22:39

gnasher729 70.9k31131222 · Answer 9 · 2017-01-07 14:28:37Z

You don't know if it is your employer, or some nosy employee hacking into your computer. Since you don't know, go straight to IT in your company and report that someone is hacking into your computer. You should obviously assume that nobody is after your private information, but after company confidential information that could be sold to a competitor.

For example, if you are preparing a bid that your company will be submitting, a criminal co-worker could look for the amount of your bid and sell that to a competitor who will bid a little bit less and steal the contract from you.

nvoigt 42.6k18105147 · Answer 10 · 2016-02-01 13:35:04Z

Are Employers Allowed to access/search through one's personal email outside work hours?

No

Employers are allowed to use their own equipment. Read everything stored on their computers, on their email servers or similar. If you stored private information there, you have no right to privacy. But, they are not allowed to make any use of it. If they find your credit card info, they are not allowed to go shopping with it. They are not allowed to access your web-based email, even if they do get your password. If you forget your phone on company premises, they are certainly allowed to see what it is, but they are not allowed to use it or even impersonate you.

Even though this is European law, I cannot imagine it is that much different anywhere else. It's your fault that they have the information. It's their fault if they use the information.

@JoeStrazzere "Accessing" webmail with a password saved on the work computer is a breach of privacy. If he saved the mails to disk on his work PC, that's his problem, but using his passwords to log in somewhere external is not ok. — Feb 1 '16 at 14:10
@JoeStrazzere Accessing someone's private email without the person's explicit approval is definitely a crime in the US. An employer cannot force an employee to disclose the password and any password obtained through monitoring cannot be used to log in to a private account. — Feb 1 '16 at 16:53
This answer does not reflect European law. Directive 95/46/EC prohibits employers from reading personal data, even when it is stored on their own devices, unless certain conditions are met. From the Article 29 Working Party summary: "[Workers] do have a legitimate expectation of a certain degree of privacy in the workplace [...] the simple fact that a monitoring activity or surveillance is considered convenient to serve the employer's interest would not solely justify any intrusion in worker's privacy." — Feb 1 '16 at 18:44
This is just as true in the US. Absent specific consent (which would have to come from both the account holder and the provider i.e. Gmail), it is a federal crime (violation of the Computer Fraud and Abuse Act) to access third-party computers without authorization). — Feb 2 '16 at 3:17
The OP tagged Australia, so if that is the relevant jurisdiction you will probably find the relevant laws more resemble those of a 3rd-world dictatorship than anything used in Europe or the US. We also have no bill of rights or similar. — Aug 27 '16 at 3:16

Rob Moir 4,43311633 · Answer 11 · 2016-02-03 11:33:02Z

I feel that this is most likely an unauthorised action by a colleague.

HR / IT don't need to sneak around logging on to your PC to view your web activity, don't need to log on as you to look at your work mailbox, and have no need / right to log on to your private mailbox.

In any case, I would discuss this issue with your line manager and I would also suspect that there might be a keylogger or screen-grab software on the workstation. I wouldn't trust it for any confidential work you do as part of your job (e.g. if you do work that not all employees are cleared to see) and I certainly wouldn't trust it for anything personal.

Thanks for catching what others missedÃ¢Â€Â”it's not just monitoring, it's actually logging in to his accounts. — Feb 4 '16 at 1:28
+1. Real IT security don't need to do this at all. They will look at the logs at the firewall, then match the IP to their DNS servers and don't need to touch your computers. This is either a moronic IT security or someone hacked your computers and are stealing information. — Oct 20 '16 at 8:19

score 3 · Answer 12 · 2016-02-03 16:26:10Z

Change your domain/PC password every day until this is resolved. If you are doing that and it is still in issue you know IT is involved.

I have managed groups that oversee security at a large multinational. There are some basics here that aren't touched on.

in most European countries even snooping at personal data without telling the employee would be illegal, could get the company heavily fined, and the individual doing the snooping (if employed in Europe) could get in trouble.

an employer can log onto your computer (for rest we will assume US)

an employer can log onto your computer as you - this is very grey territory though. An employer must have a valid technical or personal reason for doing this. For example the user has a potential application that only their user can see and employer wants to check it or delete it. Or employer thinks employee is doing something bad so wants to check local files. These are fine. Without documenting such things courts in the US would just assume that employer was snooping into private data. We actually had a lot of documentation filled out before any snooping. And yes my company had people sign something saying that work computers may be monitored, do not use for personal usage blah blah blah - we have found these waivers don't matter in most countries including the US. Basically law trumps waivers.

An employer can open up a browser session and can search for things on your computer. Again there would tend to need to be some reason for logging into your account. (it doesn't have to be valid in your eyes)

An employer can record (video) your screen anytime they want. I can deploy software that pops a picture of your screen every three seconds and read everything that you have read on your screen. Note that doing this is up for debate in a lot of countries right now as it might affect privacy standards.

An employer does not have the right to knowingly log into personal accounts. There are two distinct laws in the US that forbid this - identity theft/fraud and the second would computer fraud (hacking laws). Your employer has hacked into yahoo if they are knowingly using your login without your permission. This is HIGHLY illegal.

How would I handle it. First I would document it. Take pictures, write a log, take inventory. Have at least three concrete examples. Cover your ass before your bring it up because the first thing they will do is try to wipe your computer (if it is not a coworker).

Second I would call them out but I have a tactic for you. You go into your bosses office and say that we need to talk to HR and security. Why? Because Yahoo/Google/whoever has informed you that someone has been accessing your personal accounts from their work network when you are not there. Explain to them that they wanted your permission to investigate as it is a form of fraud and hacking.

Third - watch them bitches scramble. If they were that dumb to leave traces on your computer I can only imagine what they will say or do when you drop the news on them. If it is a coworker I would expect them to be walked out immediately.

Fourth - this depends on how much you want to work at the company and what you want to do in the future. This could be a good opportunity to get 6 months paid to get a new job if it was your manager or IT doing it. You could also handle this nicely and work with company on a sensible resolution - I would only accept this with a coworker. It is a touchy subject. Someone involved with this probably won't work at your company soon once it is brought up. There is a risk involved because those who got caught will make up anything to save their job...

Note: I answered this for US laws but did phone a coworker in Sydney. He basically said that laws were similar but privacy issues where dealt with harsher in Australia. You can use the same terminology and look up the laws in Australia that they have broken.

It could still be a keylogger. This might be a security issue. — Feb 9 '16 at 16:34
If one exists, a tested and functioning IT Security incident response plan will be very helpful. Perhaps consider adding into your answer. References to relevant principles of security CIA would also strengthen this great answer — Jan 7 '17 at 1:18

score 3 · Answer 13 · 2016-02-09 05:48:52Z

Wow, 4 minutes after you leave... that has to be more than just coincidence. My guess is, it's a coworker acting without company authorization.

I think one thing you could do is to setup a process that sends you a text message when your computer is turned on (I don't know if it would be possible to do that in your configuration), or when you are logged in. Then, when you leave work, hang around a few minutes and if you get your text message, head back to work and see who is sitting at your computer. (Perhaps if your computer has a webcam, you could have a process save a few snapshots when the computer is turned on/logged in).

The point is, while they (the company) may know the sites you have visited by ongoing monitoring, I can't think of a way that your browser history could be affected without someone actually sitting down at your computer, and at least turning it on and logging in (most likely logging in as you).

I think you need to (eventually) report this to your boss or your IT department, but it might be of some help if you know who, specifically is doing it.

If it turns out that this is being done by (initiated by or authorized by) the company, then the access to mail.google.com could be an "intentional", or "accidental" intrusion into your privacy. Simply visiting the URL, possibly from a link in browser history, would (possibly unintentionally) expose your Gmail "Inbox", but it doesn't mean anyone opened/read any of your emails (unless you have some indication of this like browser history, etc).

Edit: As was pointed out by Trickylastname, the software policy at your company may not allowed you to install additional software without approval. That's why I said "I don't know if it would be possible..." above. Perhaps I should have said "I don't know if it would be allowed...". I wasn't specifically thinking about installing any software to do it, although that might be necessary. It's also possible that it could be done with existing utilities or scripting. Perhaps something as simple as a shortcut in the startup folder that visits a specifically crafted URL.

A better idea is to simply "forget" something 5 minutes after leaving and coming back. However I think a more direct approach is better here. Asking to sit down with the boss and saying you notice your work computer is tampered with and you want to know why. If it's HR authorized, then really nothing you can do. I just find it odd they research it right on the same computer. Usually companies remotely monitor such things. — Feb 2 '16 at 17:42
@Dan - I had considered that, and it may be the "excuse" you use for returning. But I thought that if the accesses were not nearly every day, you might do the "forgot something and return" multiple times and never "catch" anyone. You would then lose the element of "surprise" because people would notice you have developed a habit of returning shortly after leaving. If there is no way to send a notification to yourself then this may be the only option, which still may work if the accesses are at least somewhat repeatable, like even that it happens sometimes, but always on Monday and Thursday. — Feb 2 '16 at 19:29
I'd be careful with installing extra software. Even if OP has administrator privileges, many companies have a "IT-approved only" software policy, which may include notifying OP's manager if OP's workstation does not comply. — Feb 4 '16 at 12:44
@Trickylastname - Yes, I agree. That's why I said "I don't know if it would be possible...". Perhaps I should have said "...if it would be allowed...". I wasn't specifically thinking about installing any software to do it, although that might be necessary. It's also possible that it could be done with existing utilities or scripting. Perhaps something as simple as a shortcut in the startup folder that visits a specifically crafted URL. — Feb 9 '16 at 5:40

Anthony 5,1431255 · Answer 14 · 2017-01-07 01:06:59Z

I work as IT Security professional. This is very shady behavior by your employer. At all the companies I worked at, all require that individual accounts be used to preserve non - repudiation, such that the user cannot later deny that he / she is non accountable for an action due to his / her login having being used.

If your company is of a decent size and well run, there should be a detailed IT incident response plan that should outline what the user is to do when a breach is suspected, as in this instance. Follow what is outlined in that document, which most likely involves reporting to IT Security, if that functions exists at your company. Your IT security team may not even be aware of this potentially malicious activity occurring.

Even if this your employer legitimately monitoring your activity, which I doubt, there should be procedures outlining which employees are authorized by company management to monitor employee network activity. So if even if done by an internal employee, if he or she is not authorized to monitor traffic, the IT Security function should know, as its unauthorized activity.

Simon B 2,5422716 · Answer 15 · 2016-02-02 23:00:33Z

It's a company owned computer.

You should assume that the IT department can remotely log into your computer at any time. You should also assume that everything you do on that computer is going through the company's firewall and will be logged - so they know what web sites you are visiting. They can see everything that's on those web sites if the web site isn't encrypted. Depending on how your computer is set up, they may even be able to read everything on web sites that are encrypted.

They shouldn't be trying to hack into email accounts and the like, but leaving it logged in while you are away from the computer is just making it easy for anyone getting nosy.

WorkerWithoutACause 9,18563257 · Answer 16 · 2016-02-03 12:45:49Z

Yes, they can in European countries.

The European Court of Human Rights (ECHR) said a firm that read a worker's Yahoo Messenger chats sent while he was at work was within its rights.

But

The impact on domestic courts differs. Under UK human rights laws, judges must take into account the ECHR's decisions but are not bound by them.

And lastly, the reason why the European Court of Human Rights (ECHR) allowed the employer to do this was:

Because it [the employer] believed it was accessing a work account, the judges said, the firm had not erred.

Source: BBC: Private messages at work can be read by European employers, 14-Jan-2016

Usual disclaimers: I am not a lawyer. I cannot do a satisfactory impersonation of a lawyer. This is not legal advice.

Two things worth noting. 1) If the employer does not use Gmail for emails, they couldn't claim that they believed they were accessing a work account. 2) There is a significant difference between "reading a worker's chats (or personal/private emails) that were sent while the worker was at work", usually discovered by monitoring network access activity, and accessing the workers personal/private email account inbox and reading emails that the worker DID NOT send while the worker was at work. — Feb 9 '16 at 6:02

2ps 831126 · Answer 17 · 2017-01-06 23:06:32Z

I am still concerned that this happened after office hours so I am wondering, are are employers allowed to access/search through one's personal email outside work hours?

Since you already have an opinion about EU law, I will answer for US. In the US, an employer that provides you either Internet access or a computer can monitor any and all activity on its network, any and all activity on that computer, and any and all data on that computer. Remote webcam software is fair game, GPS tracking is fair game and even keyloggers are fair game. Pretty much, if you did it on an employer's computer or using the employer's network, it can be used and monitored.

So pretty much, there is little to no expectation of privacy when using employer-provided equipment.

Yes, the employer can monitor activity on the network, computer, and data on the computer. However, what the OP is describing is someone accessing a 3rd party site with the OP's personal credentials. This is not legal, and honestly doesn't really sound like the behavior of a corporate IT dept. I would assume this is either an external hacker, or someone internal doing some that they are not authorized to be doing. — Feb 2 at 22:39

gnasher729 70.9k31131222 · Answer 18 · 2017-01-07 14:28:37Z

You don't know if it is your employer, or some nosy employee hacking into your computer. Since you don't know, go straight to IT in your company and report that someone is hacking into your computer. You should obviously assume that nobody is after your private information, but after company confidential information that could be sold to a competitor.

For example, if you are preparing a bid that your company will be submitting, a criminal co-worker could look for the amount of your bid and sell that to a competitor who will bid a little bit less and steal the contract from you.

Search This Blog

Iyfjky

Are employers allowed to access/search through one's personal email outside work hours?

9 Answers
9

No

protected by Communityâ™¦ Jan 6 '17 at 6:57

9 Answers
9

9 Answers
9

No

No

No

No

protected by Communityâ™¦ Jan 6 '17 at 6:57

Comments

Post a Comment

Popular posts from this blog

What does second last employer means? [closed]

List of Gilmore Girls characters

Confectionery

Category

Random preview

Are employers allowed to access/search through one's personal email outside work hours?

9 Answers 9

No

protected by Communityâ™¦ Jan 6 '17 at 6:57

9 Answers 9

9 Answers 9

No

No

No

No

protected by Communityâ™¦ Jan 6 '17 at 6:57

Comments

Post a Comment

Popular posts from this blog

What does second last employer means? [closed]

List of Gilmore Girls characters

Confectionery

9 Answers
9

9 Answers
9

9 Answers
9