how to keep IT from spying on me

Discussion in 'Mac Basics and Help' started by soundsystem00, Mar 10, 2017.

  1. soundsystem00 macrumors newbie

    soundsystem00

    Joined:
    Dec 15, 2016
    #1
    I use the WIFI at work. Well, everyone says to be careful what you look at because IT can watch you. I understand that, and that isn't a problem. I definitely don't want him going through my files and stuff, though. I bring my personal computer to work since they haven't bought me one. I set a up a firewall in my settings. Is there anything else I should do? Thanks.
     
  2. limnancy macrumors newbie

    limnancy

    Joined:
    Jul 27, 2016
    #2
    Maybe you could lock the folders or files with some software.
     
  3. AsherN macrumors 6502

    Joined:
    May 11, 2016
    Location:
    Canada
    #3
    You connect to my network, you have no expectation of privacy. Trying to dodge IT like that can get you fired.
     
  4. thekev macrumors 604

    thekev

    Joined:
    Aug 5, 2010
    #4
    Well IT could monitor traffic, but if they have employees working on laptops that were not purchased by the company, it will come down to local laws and enforceable clauses in their employment contracts. What even constitutes trying to dodge IT? I mean considering the points I just mentioned, what would really count as doing so?
     
  5. AlliFlowers Contributor

    AlliFlowers

    Joined:
    Jan 1, 2011
    Location:
    L.A. (Lower Alabama)
    #5
    Confused. This is in the iOS 10 forum, but it sounds like you're talking about a Mac or maybe a PC.
     
  6. mjschabow macrumors 65816

    Joined:
    Dec 25, 2013
    #6
    IT rarely has the time to randomly watch people. They're too busy resolving help desk tickets.
     
  7. iphonehype macrumors 6502

    Joined:
    Sep 14, 2012
    #7
    VPN for traffic. Really and truly they can see everything and anything. We can see internet banking logins facebook chats the works...heck I knew CEO resigned before announced to the board because of an email that was caught up with our filters
     
  8. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #8
    Wouldn't information like logins be sent over HTTPS?
     
  9. iphonehype macrumors 6502

    Joined:
    Sep 14, 2012
    #9
    Yup but with things like Veriato installed on the network it captures keys enters and it can read whats on the screen. Any PC that access an internet question automatically has Veriato installed. Once the devices disconnects it gets removed, if its a company owned device it stays on the machine so if a staff members goes offsite with a laptop, when it comes back it updates info to our server
     
  10. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #10
    How does software get installed on someone's personal computer simply by them connecting to a WiFi network?
     
  11. iphonehype macrumors 6502

    Joined:
    Sep 14, 2012
    #11
    It's not software its an applet, join by wifi accept user policy install applet then firewall starts the wireless session. No acceptance or install of applet no access to wifi.
     
  12. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #12
    Ah, so it's not simply joining WiFi but accepting some configuration/policy that can do something.
     
  13. iphonehype macrumors 6502

    Joined:
    Sep 14, 2012
    #13
    Yup however we have Cisco coming in next week and gonna show us a way to spoof connections......so the applet thing is removed and once the session starts it can support encryption connections for keywords. E.G. If someone is reading emails over a personal device via SSL and it has a keyword we dont like it will flag. Apparently it been possible for years god knows...
     
  14. soundsystem00 thread starter macrumors newbie

    soundsystem00

    Joined:
    Dec 15, 2016
    #14
    Dang! I have nothing to hide other than a small amount of legal porn on my browser history and in my file folders. Still though, I feel weird that they could access that at my job. Also I don't like them seeing my facebook passwords, bank password, and countless personal info. What if I open a new user account on my computer and just use that at work?
     
  15. thekev macrumors 604

    thekev

    Joined:
    Aug 5, 2010
    #15
    You know that passwords are encrypted right? Even in the case of stored passwords, they are not stored in plain text. As for browser history, don't access porn while you're on their wifi. If you're worried about any auto fill or auto suggestion from your browser, set up a second user. Stick to that one while at work. This can be applied to your computer's login system and in some cases your web browser.
     
  16. soundsystem00 thread starter macrumors newbie

    soundsystem00

    Joined:
    Dec 15, 2016
    #16
    I would never do that at work. I have google chrome setup for work stuff, but i realized that it saves all my browser history from my google account.
     
  17. thekev macrumors 604

    thekev

    Joined:
    Aug 5, 2010
    #17
    IT will not install spyware on your personal machine without offering a work computer unless they wish to welcome lawsuits. With that in mind, my advice still stands. Make another user account for your computer. If you're only concerned about your browser, which is reasonable, then...

    1. open chrome
    2. Click on the dropdown menu marked People.
    3. Click add person. You may need to assign them an email address, which should be your work email.
    4. Switch to that "person".

    This solves your browser problem by keeping your work browser history separate from your personal browser history.
     
  18. lcseds macrumors 6502a

    Joined:
    Jun 20, 2006
    Location:
    NC, USA
    #18
    IT security will not try and access your personal system (illegal). What they will do is monitor your IP connection addresses. They likely will have a number of IP addresses that are blocked or will flag them when accessed. So, stay off sites you know you shouldn't be on while using the work network.
     
  19. iphonehype macrumors 6502

    Joined:
    Sep 14, 2012
    #19
    Just create a new profile for work if your worried. If someone had Pom in there laptop and flagged if they accessed it...would be a huge issue. If your company has a bring your own device policy to work I don't think security / disrepute is an issue for them .
    --- Post Merged, Mar 11, 2017 ---
    It's not illegal for a company to access personal information if they have grounds e.g. Believe you have files on there that can damage the company but this will only flag up if the user accesses the file
     
  20. m4v3r1ck, Mar 11, 2017
    Last edited: Mar 11, 2017

    m4v3r1ck macrumors 68020

    m4v3r1ck

    Joined:
    Nov 2, 2011
    Location:
    The Netherlands
    #20
    When I was managing a department I found pornography - produced by a coworker - on our company network.

    He/she got fired by me in a split second! Not that I condemn pornography in any way or fashion, but my rules of the game are in fact very simple; pornography doesn't belong in-company. Period!

    What coworkers do in their free time at home or where-ever and/or what ever, is none of my business. But letting private - non work related - stuff crowl thru my company network, that may be accessed by others in their line of duty, is out of the question. Simply a no-go. I had to protect the groups interest here.

    EDIT: my coworkers could always make use of a company computer. That was my obligation for our joint rules of this game!

    The same thing stands for excessive use of social media during working hours.

    So OP mark my words: "Check your Six!"

    Cheers
     
  21. hallux macrumors 68020

    hallux

    Joined:
    Apr 25, 2012
    #21
    Apparently you've only worked for a small company? Large companies have VAST IT teams and they most certainly CAN track activities on the network. Especially with automation. The company I'm familiar with even knows when files are copied to USB, and what files those were. Sure, nobody is watching "live", but there are consoles that can be accessed if there is a question about activity and I'm sure key-word triggers for certain activities to alert someone. By the way, the folks that deal with that stuff usually wouldn't be the ones "resolving help desk tickets".
     
  22. mjschabow macrumors 65816

    Joined:
    Dec 25, 2013
    #22
    I work for LARGE companies.
     
  23. phrehdd macrumors 68040

    phrehdd

    Joined:
    Oct 25, 2008
    #23
    Lots of interesting talk here and reminds me of my days dealing as a Business Systems Analyst for a company's IT/IS security department.

    To the OP - Consider creating a virtual machine (Windows) for connection at work. Let your workplace do whatever it wants with the virtual (you can set it up to not talk to your host system on your laptop in most cases). You could also consider a dual boot system and for your personal system encrypt it. That should help protect your private stuff. As for network use at work, depending you who handles your network and security it would not be unusual for some types of network activity to raise flags as there are all sorts of devices, network appliances and software to help those handling security or audits get some usable information about a network user's activities.

    As for some other folks here - a decent company does NOT let non-company computers on their networks unless some special agreements are made and followed through upon. Often, outsiders might simply gain access to internet only (such as venders). IF non-company systems are to be on the network, often they are give a list of required software that must be on the system, agreement to add as needed (typical will be anti-virus, possible applets to show port activity etc.). Also, agreements may be made that users with their own computers NOT use certain software that exists on the computer. In short, the "visit" on the network is heavily controlled by user policy agreement and by explicit usage rules.

    Candidly, if I were in charge of any network security in a large company, no employee would ever be allowed to hook up a non-company computer to the network. If there was a forced situation, then potentially VLANS are in order and very limited access that is monitored heavily.
     
  24. m4v3r1ck macrumors 68020

    m4v3r1ck

    Joined:
    Nov 2, 2011
    Location:
    The Netherlands
    #24
    Great addition to this thread! Thanks for sharing your insights.

    Cheers
     
  25. satcomer macrumors 603

    satcomer

    Joined:
    Feb 19, 2008
    Location:
    The Finger Lakes Region
    #25
    A great security team on large network always should set a Server group rule that users could not use USB open ports!
     

Share This Page