I suspect my employee of spending hours on chat and Facebook instead of my business, but am not sure how to prove it. Someone suggested computer spy software. Apparently it's used a lot for monitoring your child's internet interactions to reduce child abuse. I've been told you set it for key words and then it logs all the activity.

Has anyone heard of/used this software before? Is it reliable/safe/legal?

Hiya

This will work a treat http://www1.k9webprotection.com/

I've shown one of my clients it, which they consequently set up.

Personally, my opinion of general management style in this country is that we have a habit of trying to catch people out rather than approach them directly about a subject.

What I would do
If you are their boss, then ask them if they have been using facebook and then tell that you are installing this facility which monitors web access and let them know the consequences of breaking rules. Print out your company policies get them to read it and sign it to say that they understand it.

If you are not their boss, then tell the boss!

Alternatively for a more left-field approach, if they are keen on Facebook could you harness their interest by networking your company online.

I hope that is of some help

Thanks

Matt

On a additional note....

With regard to the legalities of things, I think you may need to ask someone up to speed on company law.

I would imagine that:

If you would wanted to fire someone you would need to make sure that their contract stipulated visiting/using social networking during office hours on work equipment was not permitted and would be considered gross misconduct.

If you haven't expressed that they are not allowed to use it, then that sort of gives them free reign.

Thanks

Matt

lol, just got an email from messagelabs, you can fill in their form an get a whitepaper on the very topic....

http://www.messagelabs.co.uk/white_papers/web_filtering?redirect=53O%2bTyvN2rR7Y3fQ4%2feUwnu %2byp8%2fn6J8h8kSTdJc%2fA48Yvp9SYNOnRT5SD4Zxq3umSy Ua2E3tCtAheT1lhQ671xIhp6Wh3PnZ8UipL2DB%2boBG0YPCuh ZToK5LSvIgl8%2f%2fdIjx5OS49go7btcXjha8gX%2bAuiZZFi T73h0smc%2fPx0%3d

Before you start this make sure you have explained the companies acceptable use policy. A good example is here http://www.axi.ca/tca/nov2004/policiesandpractices_2.shtml

Thanks for the input.

Actually, done, done, and done, :p

I did approach her directly, she signed a document acknowledging zero privacy on work computers, and we have a disclaimer stating the same thing on the log on screen. You can't get into the computer until you've read it. No Facebook or chats is expressly written into company policy, we have a clause that says "limited personal use of internet/email as long as it doesn't interfere ... etc"

It made no difference, which is how I ended up complaining about it to someone who told me about the spyware.

I don't want to fire her, but I do want some work done. :D

"I don't want to fire her, but I do want some work done."

get serious , if she aint doing the work fire her

Isn't there a way to block access to certain sites? Many companies do this - loads of my friends simply can't access certain sites from work. In other companies, someone senior will run a monthly log of websites accessed from each computer, and call employees in if they've been naughty.

Rather than monitoring why not just block access to the sites you are worried about?

well you can find different monitoring spy software on the internet, i have a small presentation on my blog about one of them. tusste.weebly. com/internet-bb.html

I suspect my employee of spending hours on chat and Facebook instead of my business, but am not sure how to prove it.


If you have any sort of reasonable grounds for this view (not mere speculation on your account), you can take action regardless of hard evidence. Particularly as you don't want to dismiss the employee, should be easy enough to deal with as it would be serious misconduct rather than gross misconduct. Send me a PM if you want some advice.


Karl Limpert

Isn't there a way to block access to certain sites? Many companies do this - loads of my friends simply can't access certain sites from work. In other companies, someone senior will run a monthly log of websites accessed from each computer, and call employees in if they've been naughty.

Yes there is, and log all internet access. But you need a proxy server to control access and then software to compile reports from the logs.

Have several clients with that setup, and funnily just been asked by another to do it.

Much more difficult for a small LAN without a server, as you need to install software on each PC.

you can also do this using your broadband router rules, check all options available on your router by visiting....

local ip like:
192.168.0.1
192.168.2.1
192.168.1.1

All Netgear routers have this option and I did this to stop my children visiting youtube and some other sites. 100% working without spending a penny.

Enjoy !

K9 is a great piece of software, for personal use, not business use. It is free only to homes, and you really should purchase the business version (http://www.bluecoat.com/solutions/business/webfiltering).....for a multitude of reasons really:

1) The business version will be more suited to your task, and simply set it to block the 'type' of sites you do not want them accessing.
2) The software is unlicensed if you use the free version
3) These guys give out software for home use, to help parents keep their kids away from some of the nastier stuff on the internet. It is only morally correct to purchase the version and pay these folks, that way they'll continue with the free home stuff.

When we build a PC now for home use, we tend to include a link to the K9 software on the desktop. It really does what it says on the tin.

Thank you all for your input.

Turns out she WAS using chat programs ... to get another job. She quit!

However, I am now well-informed for the next round of employment hassles when they start again in the new year... sigh.

Very best wishes to you all for an exceptional 2010!

It is a hard decision to make, it sounds like you did just want work done, which is not that unreasonable is it.

If you switch over to Unix you can have a lot of control over the desktops, that is one of the advantages of Unix and Linux systems the configuration can be locked down tight, no need for an external proxy you can do it all on the desktops. If you want to add a proxy then Squid is a good one, and it is free of charge to use.

In the company I worked previously, we had a forced outbound proxy. All traffic to common HTTP/HTTPS ports had to go through that (regardless of local client settings). There was no way to circumvent that from the office computers. (Except for those with advanced SysAdmin knowledge, who did have a way of setting up other gateways on servers outside the office -- but that's beyond the scope of this thread and 99.5% of non-IT staff)

All you need is a SysAdmin (Linux/BSD) with a bit of experience, and an old computer to use for that.
What you can get is a nice log file with all outgoing internet activity of the whole company and all office computers, which can be analysed with various graphical tools (offline or on that box).

If that's ok from a legal point of view, don't know. Wasn't my decision to implement that. I just followed orders that time :rolleyes:


Edit: I should add that it only logged which sites had been visited, not the data written into forms, nor any login credentials.
Edit2: To add to FireFleur's post: it was indeed using squid and some firewall/routing magic ;)

The legal side is interesting, and you have to be very clear and inform people clearly and ahead of time that you will be doing this, and there should be clear guidelines over what is and is not acceptable.

There is a right to privacy, so if you are not clear, and check understanding then you can be liable for invasion of privacy. The UK culture as such tends to be quite subtle, but in this instance you cannot really afford to be, you need to ensure people know where they stand in regards to communications in your workplace.

The flip side to this, is not to go too draconian, when companies do that they run the risk of alienating their workforce, so the intention and the reasoning behind putting in these systems is important, and it is important to communicate it all effectively to your staff. If you try and use it in an ambush scenario it can backfire rather spectacularly.

If she's on Facebook fire her.

If she is working as hard as she can, but is unproductive, fire her.

If she is smart enough to realise that it is almost impossible to sack anybody in the UK, without getting sued - no matter how useless they are, then don't fire her and vote Conservative! Actually, the last bit probably won't help either.