Corp IT/InfoSec folks: who is looking at what employees actually do on their laptops?
I saw the other thread about how many hours a day people work and it got me thinking. I know Corp IT installs these agents on our laptops, and things like web proxy logs are collected, though this info is mostly used for security purposes that I've seen. Do companies actually monitor what employees are doing? Are metrics kept with regards to browser activity and such, to figure out who is slacking off too much? I could be wrong but I'm pretty sure SAP only tracks this stuff for security reasons as they are big on privacy, and in the EU I think they'd get in big trouble if they're found to be monitoring employee activity. But I thought to ask here in case others can shed light into what their company does. The Better.com CEO guy claimed that a bunch of the people that were laid off were not doing work, and I'm curious if these are the type of stats that they used to determine that. Maybe he just made it up, though. Lately I've been interviewing, and seeing the other thread made me a bit nervous as I definitely get distracted watching YT videos at least once a day lol
Better Mortgage
Most have YouTube running all day while working listening to songs or something - wouldn’t really be a metric!
Oh that’s me
Through MDM, EDR, backup platforms, etc. IT can see just about anything they want on your company machine. That being said, IT is far too busy to be nosey, and they absolutely do not give a fuck anyway. Source: Have run IT/Security/Infra at $1B+ companies for 8+ years.
I used to write tools to monitor emails being sent out for confidentiality reasons at a diff company, just for a few months. Security folks can see a lot but we don’t particularly care unless you’re exfiltrating sensitive info or abusing our systems or something. There are specific rules in place to comply with GDPR.
In my company is basically for incident response, we don't even block websites
IT is too busy to review this stuff unless you are under investigation IMO
yeah agreed. In a previous role I've seen these types of logs and we've even seen people accessing porn sites, but still didn't do anything about it. Too much going on to care.