How to stop your boss spying on you at work
Tricks to keep some aspects of your online life private
By Robert Strohmeyer | PC World | Published: 15:30, 23 March 2011
Privacy may be dead, but that doesn't mean you have to enjoy having your every electronic move tracked by your nosy manager. If you use a company-supplied PC on a corporate network, and you carry around a company smartphone, you're almost certainly being watched. But with a bit of forethought and some of your own gear, you can enjoy a little digital liberty in the workplace.
At this point, there's little debate about whether companies have a right to monitor employees' activities on corporate PCs and networks. If they supply it, they have a responsibility to monitor it. So unless your company is either deeply clueless or naively altruistic, your web surfing, your instant messages, your running applications and even your keyboard keystrokes are probably being recorded. And if your boss was generous enough to issue you a smartphone, chances are good that your SMS messages, and possibly even your daily travels, are being tracked as well.
In corporate security speak, the software that monitors what's happening on your PC falls under the general heading of endpoint security. The term refers to everything that goes on between you and your machine, from how you use your computer to the way the software on it works to the physical location of the system. Your IT department needs to know what's up with your PC (and you) to make sure the computer doesn't fall prey to malware, putting company data at risk and potentially harming the business.
Related Articles on Techworld
Any company with a reasonable IT budget will almost certainly have installed a comprehensive security package from a company such as McAfee, Symantec or Trend Micro. These suites handle everything from antivirus protection and system update management to corporate policy enforcement, and that last task generally includes keeping logs on which apps you launch, which websites you visit and so on. To make matters worse for a privacy-minded employee, a typical endpoint security suite is tightly integrated not only into the PC's operating system (with permissions restricted to keep you from meddling with it) but also into the data centre, where a server (or possibly a remote host) checks on the PC frequently to make sure everything is okay.
Unless your IT department is using some rinky dink freeware to monitor you and chronically neglects to check it, disabling the monitoring features on your endpoint security installation isn't really an option. Even if you were to succeed, the server-side administration tools would throw a red flag once your system stopped reporting in.
The best way to get around PC monitoring software is to sidestep it entirely by using a PC that only you control. In other words, bring your own laptop. If your boss asks why you're not using the one Big Brother issued you, say that the keyboard makes your wrists hurt. The mere suggestion of a potential OSHA case may be enough to send your boss ambling down the hall in search of someone else to dump their passive-aggression on. (Just try to steer the conversation away from any suggestion that you hand the machine over to the IT department for any reason.)
Once the boss is out of your hair, install a few sneaky utilities to help you goof off on your PC without getting caught.
If bringing a whole separate PC to work seems over the top to you, take the simpler route: Internet-connected tablets like the iPad or the Motorola Xoom are ideal for stealthy surfing, and they're unlikely to raise the boss's eyebrows. In fact, they might even create the impression that you're ultra-productive, showing the whole office that you take your work seriously enough to bring your own hardware. (Note: Playing Angry Birds on your tablet in front of coworkers all day will likely undermine that impression.)
Or just use your smartphone, provided it isn't a company-issued handset, that is.
Your work PC is only the first link in a chain of surveillance that extends from your keyboard to basically every other piece of equipment on the corporate network. In some offices, even the copy machine keeps tabs on you. At the very least, all of your network use is likely being logged somewhere. To avoid having your browsing tracked, you need to get off that network.
Thanks to the proliferation of 3G and 4G data services, it has never been easier to enjoy a little semiprivate (nothing is totally private) web surfing from the office. This development will likely prove to be terrible news for employers, but it's great for lazy workers who like to goof around on the job.
You have several good choices for bringing a mobile broadband connection to your PC. You can buy a computer with mobile broadband built in. You can use a USB dongle. You can use a wireless tethering device such as the Novatel Wireless MiFi or the Sierra Wireless Overdrive. Or you can just tether to your personal smartphone. Depending on which option you choose and how much data you plan to eat up, these services will charge a variable monthly fee.
If you decide to go the smartphone-tethering route, be sure to keep your phone charging on your desk the whole time. An hour of data tethering will easily blow through your phone's battery.
Should the expense of your own mobile data service seem unreasonable for the privilege of escaping your boss's watchful eye, at least take one simple precaution when using your own machine on the company Wi-Fi network: Give your computer an anonymous name.
If you accept the default account settings when you set up your PC, your computer will likely announce you by name whenever you connect to the network, presenting itself as, say, "Dan Thompson's PC" or similar. This name is usually visible not only to your company's IT department but also to everyone else on the network, your coworkers, your boss, the woman in accounting, everyone.
Change the name of your PC to something innocuous and nondescript. Heck, change it to a random string like 9873r54C. Then nobody will know what it is, and it'll just blend in with the long list of devices on the network. And more important, if anyone ever does try looking into what it is, what it has been doing on the network, or where it came from, it won't point so obviously to you.
Even if you're out of the office, or if you work remotely, your web activity can still be tracked whenever you connect to the company's virtual private network. The solution here is simple: Disconnect from the VPN whenever you're not using it, and stick to work tasks while you are connected. This is good practice anyway, since you have no solid reason to stay connected to the VPN when you don't need it.
If your company issued you a smartphone, don't assume that anything you do with it is private. Tracking everything from calls and text messages to apps installed is a trivial task for your IT department, and with mobile security gathering increasing attention of late, chances are good that your device's network activity is at least showing up in a log somewhere.
Even if you're not a total slacker, it can be a good practice to carry your own smartphone for personal use. Besides, doing so will give you the advantage of having an untracked device and network connection as mentioned earlier.
In the grand scheme, of course, there's no such thing as online privacy. And although I know it's none of my business what you do with your time at work, it actually is, both literally and legally speaking, your boss's business. So don't blame the company for wanting to track your computer use. With that said, however, I don't blame you for wanting to loosen the leash a little from time to time. Just use your best judgment, and don't get yourself into trouble.