Ask LH: How Can I Tell If I’m Being Monitored At Work And What Can I Do About It?

17
Ask LH: How Can I Tell If I’m Being Monitored At Work And What Can I Do About It?


Dear Lifehacker, I’m concerned that I’m being monitored at work, but I’m not sure how to tell. I don’t think my employers have installed anything on my computer, but does that matter? Also, if I am being monitored, is there anything I can do about it? I’m not really doing anything wrong, but I don’t like anyone looking over my shoulder. Sincerely, Productively Paranoid

Photos by Diego Cervo (Shutterstock), CyberEak (Shutterstock) and gibsons.

Dear PP,


A Note of Caution: Blocking Your Employer’s Monitoring Will Look Suspicious

Before you start blocking your company from keeping track of your activity, you should be aware that doing so may not be much of a solution. If they are monitoring what you and everyone else does all day it’s going to look suspicious when your computer is suddenly providing no data at all. If you block all tracking they may actually come to you and tell you they know what you’re doing and to stop doing it. For that reason, you may want to reserve these strategies for the occasional time when you’re doing something you’d rather your employer didn’t know about. That’s not to imply that you should do anything bad or illegal, but if, for example, you’re not allowed to send personal email at all during the day and you need to send one, you can hide that activity so you don’t get caught. Employ these strategies if your company imposes some unreasonable rules or you’re just don’t want anyone looking at private information on your screen. Don’t use it to get away with bad things.

Root Out Tracking Software On Your Machine


HTTPS

If your company wants to monitor your physical screen, they’re going to have to do it with some sort of remote desktop software. Online Tech Tips suggests that the first thing you want to do is check for any third-party remote desktop software like RealVNC, TightVNC, UltraVNC, LogMeIn, GoToMyPC and so on. You’ll find them in the Windows Start Menu or System Tray, or OS X’s Applications folder or System Preferences (as a Preference Pane). You can also conduct a system-wide search. You don’t really need to check for built-in options because you’d know if someone was connected to your screen on either platform. With Windows it would actually tell you. On OS X, you’ll (usually) see an icon in the menubar. That’s easy enough to miss, however, so if you go into the System Preferences app and choose Sharing, you can see if Screen Sharing or Remote Management is enabled. If it is, outside parties have the ability to connect to your screen. To stop that, you can just turn it off.

Block Network Monitoring


Read our guide on encrypting your web browsing with Hamachi and Privoxy

Overall, if you’re being tracked, there isn’t much you can do without raising an eyebrow, so it’s best to just keep your work and home life entirely separate if you’re concerned about your privacy. That said, if you need to hide a little activity from your employer, you can use these strategies to do so. There’s also something to be said for just buying your IT person a beer and asking for his or her help. These problems are often most easily solved by making friends, not utilising the technology at your disposal.

Cheers
Lifehacker

Comments

  • Encryped email and Gmail chats are always kept private right, unless they install a keylogger or screen viewer? That data is completely safe as it travels through the network…right?

      • Not necessarily. If the company has set up their workstations and server correctly so that the workstations trust all certs issued by the company server they can man in the middle it.
        Essentially you think you’re creating a secure connection to google, when in fact you have a secure connection to your company server. The company server then makes a secure connection to google, (so it’s still encrypted on the www). This allows the company server to see the contents of “Secure” connections in clear text, while it’s secure while traversing the network.

        This can of course be detected by checking certificate details for https and by comparing the server fingerprints for ssh.

    • No, no and NOOOO!!! HTTPS sessions and their content CAN be viewed, if the proxy (the server at your work which handles your web browsing traffic) has the capability/software, basically it manages/handles the key on your browser’s behalf, and sees EVERYTHING on the proxy, and then ‘retunnels’ out of the network. Lots of products do this. Only fragile point-to-point proprietary protocols (like Skype) can go un-inspected, because ‘stepping in’ breaks the session, so your work is likely to block this, because it can’t inspect it. Most gateway compliance software allows for the company to block specific app types (like anonymising proxy services, chat, streaming, webmail, etc). This also allows for blocking Tor. Seriously, just work at work. Yeah this sux, but I’m sure, being resourceful individuals, you can find other ways to get your browse on in and on your own time and dime. Unless of course you are a network or sys admin, then, GO CRAZY!!

    • haha, nope.
      I know we have implemented HTTPS interception for DLP purposes…
      Excluding banking HTTPS, we effectively “man in the middle” all HTTPS sessions at the firewall and DLP them…

  • This articles shows how to wrap all your traffic inside an HTTPS connection to a single harmless looking site.:

    http://dag.wieers.com/howto/ssh-http-tunneling/

    This allows you to safeguard all your traffic from being spied on, not just that going to HTTPS sites. It would also mask the actual sites being visited so would bypass any access restrictions that are in place. Of course this would contravene a lot of IT security policies so you might not want to use it for that. Still it’s useful for keeping prying eyes away from what you’re doing on otherwise non-HTTPS sites should you feel the need to.

  • If your work desktop runs on any kind of terminal server, it’s normally possible for somebody to shadow your session (just watch exactly what’s on your screen) without you being notified.

    A few bits of general advice.
    -if you’re at a big company, nobody will be watching what you do. You just have to contend with the automated systems (web filtering, email archiving). The logs could be requisitioned if you’re being audited, but managers wont be able to read your gmail as you write it.

    -Low-tech risks are the biggest problem. I’ve seen a manager at a small company who demanded every users password. When they weren’t at work, he’d log into their accounts and recover all the deleted emails to read before deleting them again.

    -Never do anything personal over company email. Even if you wipe out all evidence, a lot of companies have email archiving solutions in place for legal reasons. You don’t want your saucy emails to that girl in sales coming out in a lawsuit 3 years later.

    -Work phones aren’t much more safe. MDM servers can log all kinds of activities (including SMS for some phones), and they can pipe all data connections back through the work network.

    And of course for actual security: personal device+vpn/ssh tunneling.

  • How can you tell you are being monitored at work?

    Simple, if you are using a work supplied device, you are being monitored.

    If you want privacy, bring in a smart phone.

  • My company tells us that they monitor us. They call it shadowing. They login and watch our screen. I don’t know if it’s just certain programs, or the entire desktop. I work from home. We use Citrix Connection Center. We handle inbound and outbound calls.

    Does anyone know how I can get a discreet popup, or some kind of alert I can get to know when they login.

Log in to comment on this story!