I’m an infrastructure analyst and at my workplace I implement such rules for specific reasons: 1) we need to be able to have evidence should an employee act maliciously with a company device. We do also monitor all queries but it’s passive. We can drill into your browsing history in great detail but won’t unless we have to (speaking personally here as I follow the code).
2) people will do dumb shit. And will lie to get support. Now, having been on the other end of a support ticket, I get it. Unless you lie a little, you may not get support promptly. Therefore, it’s part of my job to check what’s the lie and what’s the actual issue, which includes being able to see the download history. I would not be surprised if malware is accidentally downloaded and then it autonomously removes itself from the download history as It has happened before.
Strictly speaking, this is done for both your safety as well as that of the company. And generally speaking, you should NEVER use your work laptop/phone/iPad for personal use because of all of the above.
I use my personal laptop at work, no issues. Employer can't see what I'm doing which is the way it should be.
If they don't trust me, don't hire me then.
I would never work anywhere where people like you can watch what I'm doing. Luckily I'm in IT so I choose where I work.
I despise companies who don't give employees privacy. The reasons you gave means nothing. You can always argue for anything to protect the company. Who protects the employees?
Safest for the company would be if you have employees in small cells being watched by guards around the clock. That would be really good for the company.
If you've connected your personal laptop to your work wifi, they 100% can see all your browsing history (specifically whats passed through their network).
Hell, I only run a simple homelab and I can see the exact traffic/browsing history of every device on my home network. I'm only tracking via dns traffic, but your https traffic can even be intercepted and decrypted pretty easily. So don't even trust that.
This doesn't require installing anything on your device to fully monitor you.
You’re not wrong. It really comes down to how ethical the IT/company is. And we are, purposely so. Also we have dns-over-https and No other identifier is parsed through. So we can see and block someone browsing porn on the guest Wi-Fi, but we’d never know who it was.
Look, I’m not saying things are perfect, but there are people like me who look out for both the user and the company. The goal is ensure that users privacy is respected and that the company is protected agains misuse, malicious intent or just plain bad-luck. This is the “code” I was referring to. As IT people we have to behave ethically for business we operate in. It’s not perfect but nobody is trying to be. This is all best effort from all parties.
Sure but I work from home. Don't use their wifi except when I'm in the office. I could connect to a VPN and they would also see a connection to a VPN, but I don't care enough to do that.
But when I'm at home, working on my computer, they don't see anything.
I hear you, and fully get where you’re coming from.
I work in the finance industry and we have auditors to answer to as well as a ridiculous number of compliance regulations we have to abide by. Not every business is the same. I’m personally on the no-trust policy when you have more than 50 users to manage but it also depend on company policy.
No one is saying you can’t use your personal device at work. We don’t monitor the guest Wi-Fi in any way specifically because that would be an invasion of privacy.
I was referring specifically to using a work device, managed by the business, for personal use.
The employee is protected by being briefed during first day induction of he does and don’t with regards to the equipment that is provided to them to do their job.
Their personal privacy is not infringed upon as there is a clear agreement about what is expected from them. By the way, I’m in the uk (not sure if relevant).
Eh, not really, at least in the US. You are paid to do your job. The company doesn't own you during work hours. You can refuse to do work that was not in your job description, or ask for additional compensation. The company may fire you for this, but you would have a very compelling wrongful termination lawsuit.