[crispyambulance]

> assume that your employer has access to _everything_

I hear this a lot and it seems like sound advice, but always leaves me with questions.

Sure, my employer can see what URL's I am hitting, what applications are installed, their usage, and if they want they could even decrypt https traffic, take screenshots without my knowledge, key-log, turn on microphone and camera too.

I mean, I won't hesitate to open my personal gmail, read news, make comments on social media sometimes (like this), perform online "errands". At the back of mind, however, I wonder if someone is seeing what I am doing.

It makes me wonder, what is typical? Under what kinds circumstances would the most draconian measures (like screenshots) be taken? How much latitude are IT folks given? Are there ways to detect when really ugly things like keyloggers/cameras/mics being controlled by whatever "enterprise IT" software suite?

It seems IT folks don't talk about this much. The dominant advice is always don't use work computer for _anything_ but work. The reality is that almost everyone in every profession takes that advice with a grain of salt.

[gumby]

I don't think you need worry that your employer is watching everything you do. But they can and there are some common cases:

1 - some program is scanning ingoing/outgoing data looking for compliance violations (typically finance, some classified work; should be for medical privacy/PII but I don't see much of that happening). Also scans for liability issues such as porn at work etc. Easier to screen that stuff out up front rather than later, frankly.

2 - you have a highly restrictive job (e..g call center) and are being spot monitored from time to time; statistics are likely kept continuously. Distopian but yes, happens.

3 - Sysadmin ends up looking at some of your mail while debugging a problem or doing some investigation not necessarily related to you e.g. some employee is terminated for fraud: let's look at their correspondence, some of which -- innocently -- is from you. Or there was a disk crash and some data is being reconstructed, which includes your call logs or email or whatever.

The third case is the most common and is why there is often a blanket "we can read and get all your data" statement in the employee handbook. There are others, and you can guess them.

[unicornfinder]

I think the truth is it really depends on your employer. I worked for one place that actively monitored and even recorded people's screens fairly frequently, and others where they honestly don't care in the slightest.

[crispyambulance]

I see, but what did they do with that information? Did they just randomly browse employee's screens? What triggered that level of monitoring? Are there ways to detect when a screenshot is captured?

It seems like a lot of effort to monitor screens, it makes me think there has to be a compelling reason, and not just browsing around looking for "problems".

[meowface]

I was in the position of having to review people's browsing history, and occasionally their emails, at a large company. We were in charge of all internal investigations: phishing, malware, suspicion of IP theft or misconduct, and even micromanagers who wanted to see if their employees were slacking off or working at the times they claimed.

We never looked at anyone's activity without a clear reason, but that reason wasn't always very justifiable by my personal standards. However, I'd say most of it was necessary (like when tracing root cause of an alert or infection). My naive guess is this is probably pretty close to how it is in most big US companies.

For the times that were unnecessary (assessing "productivity"), our team, including our managers, always tried to provide as much evidence and guidance as possible that would work in the employee's favor, because we all knew it was complete bullshit and a big overreach. It's also very difficult to tell exactly what someone was or wasn't doing at specific times just by their browsing history. (We didn't have screen recording spyware or anything like that.) I'd say 98% of investigations were necessary and 2% were bullshit like those.

Reading emails or IMs was extremely rare and reserved for people replying to scammers/phishers, or accusations of serious misconduct or crimes.

[astronautjones]

> It seems like a lot of effort to monitor screens, it makes me think there has to be a compelling reason, and not just browsing around looking for "problems".

depends. it can often be chalked up to management having too much time on their hands, or busy work delegated to use up part of the day.

I worked for an ecommerce site that keylogged everyone's computer and was tasked with going through the recorded input for someone that quit on bad terms to find out "if she'd done anything". it was a colossal waste of time, and we only learned that she was into furry websites

[barkingcat]

In this regards, I think IT isn't the driving force. The driving force is the lawyers/legal department and the HR department.

You should redirect this question to each HR department: how much does HR want to protect a company from its (possibly) rogue employees?