@@thomascrabtreeon the company’s wifi that is. Tether to your phone. And the number of my colleagues who willingly connect to the company’s wifi on their personal phones instead of just paying a hit more for an unlimited data plan 🤦♂️
I worked for a company in IT. They told people they could use their computers for personal stuff on breaks. All the while using monitoring software that recorded everything. Keylogging and screenshots. Like passwords to everything. Phone calls being recorded. Check. So if you want it private. Use your own phone/laptop.
In 1991 only a handful of academics even knew what email was. It wasn't used for business purposes until late 90's / early 00's. You should watch the movie "you've got mail" which was released in 1998 to get a glimpse into my how email was perceived and be more realistic with your lies in future. I bet you don't even know what Trumpet ****** is or what it was used for, prove me wrong.
@@VoteForBukele prior to windows 95 simply connecting to the internet was a challenge in itself, let alone configuring and running one of the very few email clients. Webmail came much later! People have a tendency to think the way things are today are just a faster version of how things were back then, which simply isn't true.. but an even bigger tendency is for ppl to exaggerate when they lie. If they had said 2001 then that's totally plausible and believable, even 94 whilst a bit of a stretch is possible. But being given *advice* about the content you should or shouldn't put in an email in 91, nope, i call BS. No way that happened. For the record it's not that it's bad advice, it's just the obvious and completely unnecessary lie about it being in 91. Why lie about something like that, it's such a weird thing for someone to do and i'm gunna call it out as there are far too many liars these days...
@@sirtra oh I’ve been on the internet longer than you, kid. I’m absolutely sure the other kid is lying. I just wanted to add a little context. It’s full of liars and insufferable know it alls 😉
IT guy here, I have to explain to new people, we can theoretically see eveerrryytthing, but we don't look, but you mess up or get associated with something that goes bad, what you said could get eyeballs on it. Don't use your work anything for personal anything, and vice versa.
IT guy here as well. Any spying is illegal in EU. No one can read your emails even after you've left. Unless there're court orders involved, of course. Yes, the functionality is there in MS365 admin panels even on European tenants, but one mustn't use them. That is what I tell my users.
Any respectable company will put these features behind legal blocks and approval policies. People dont just have compliance admin access. This is locked down to only being allowed when needed for legal holds, evidence discovery, etc.
@@TrysomieflexntjesThis is assuming that a manager isn't petty and doesn't like you. There's people out there that are wanting to hold employees back even when their work is great due to social reasons or pettiness
From a security standpoint it's not micromanaging but if there is a business case where certain information is needed or requested, it can be gathered within the Microsoft suite of tools. Normally a security team is only looking at this information for an investigation, an alert gets triggered, or it shows up in a policy / compliance issue.
Very unlikely is the team that is bad, most likely is the boss who is the micromanager. Also, this is not different than security cameras. Are we using them for security or checking if people are working or not.
No this is because Microsoft has reduced the amount of storage and how it is calculated for education licenses. In the past years two major changes were made: for large orgs, it is at least 100 times smaller now. This information is public: use your favorite search !
If a company is going as far to just check whatever you do and dig into the data. Just flag the company on websites for being complete sociopaths/red flag to work for.....
Then you might as well red flag almost every large company in business. Thanks to hackers, ransomware, and AI, companies have major risks now. My company doesn't even let us save data files to our local hard drive or use the USB either. We edit on the network only.
I think its important to trust eachother and if you are a manager you won't have to worry about what your employees get up to if they feel engaged. It's about leading rather than managing.
Nah, trust doesn't scale and the stakes are too high for big companies (or even mid sized companies). I hate spying as much as everyone else and there should be laws that limit the scope but as a company who's paying for all these resources you want to have visibility on them. I've always assumed they can read my messages but seems like that's still limited. I didn't see anything particularly controversial here, the visibility admins get into the state of my machine caught me off guard but that's about it. If you have edge security software running on your machine all the things in this list pale in comparison.
I am in IT, we do not go this deep unless there is a specific reason to do so. By the way, every employer has that much control but no time to check everything every employee is doing
@@VicMansaMusa makes a lot of sense. I’m one of those people that’s highly productive but don’t micromanage me. I’m probably not where I said I’d be lol
My company "deactivated" that stuff (GDPR/european union privacy act exists, you know). While at the same time installing something that when you google it, tells you outright that it monitors everything you do on a computer. This is hell
Yes, usually on company computers all network traffic is monitored, either though use of certificates etc. This monitoring is mostly automated process, and that message is there mostly to scare you not to visit websites that are not sanctioned or work related. All network activity is logged but only suspicious and flagged activity might get you into some trouble. Single visit on sanctioned website is ok.
This confirms that watching this at work should be done using 2nd computer. On different network. I am setup with KVM and 2 internet connections. Thank fully.
This is basically why you'd use USB switches for your hardware that can be monitored: Just kill that device. I have done that, and I am not going back. Camera & Mic are only on when I am in a meeting/call, for example.
Don't connect to the company wifi system with your personal phone and use a VPN. If you do, consider every, text, tweet, email and search going directly to HR.
SNS texting is another ball game though. If you are paranoid you should be using end-to-end encrypted messaging like Signal anyway. I guess in theory your office could have a cell extender in it to increase reception in the office that might leak texts.
I imagine the reason much of this exists is for what @ctCJ is saying in the comments. it's for things like legal discovery if something goes sideways. I'm curious how many employers actually use these reports for things outside of that reason. That said, maybe I'm naive as I don't have time to look at this as a boss. -Brian
@@PragmaticWorks I think it is used more often then you think, most likely on a ad-hoc basis, when needed or suspicious or whatever. Or even just in bulk massive surveillance, who knows.?
If you are using the company equipment for personal use, you are putting all of your coworkers at risk. Hackers and AI are at work to do ransomware and steal the company secrets. Go buy yourself a smartphone or tablet to do your personal stuff on 5G at work instead of putting the company network at risk.
Us admins, have enough crap to do on a daily basis and could care less about some joe schmoe is doing on Wednesday. The only reasons this would ever come up is because the owner of the company is suspect of someones performance, which they have the right to be, or for litigation reasons like FOIA requests, or legal cases (lawyers)
@@UGotTheFunk "because the owner of the company is suspect of someones performance, which they have the right to be" Is that a right? What about the right for privacy?
I brought a 14 inch HP Chromebook that i take along to work so that if i need to do anything personal i use that. Even if its just checking closing time of a business i will still use the Chromebook. It gives them absolutely nothing that they can use against me.
Yeah I definitely don’t use it for work purposes and I only use internet from my personal phones hotspot. (Yes I even have 2 phones, one for everything work related and my personal number) I personally would not work for a company that made me BYOD, if you need something to achieve your work being completed they can supply it. Can’t trust any business these days, I have been shafted so many times that I am super paranoid about it all. I even have a full work journal that I log most things in just in case.
After Watching this video I’m so glad I don’t have an office job anymore. What an absolute dystopian nightmare that looks like. If I did have an office job, I’d basically be bringing in my own laptop for ANYTHING beyond just the bare minimum company tasks and software installed on the work computer. Just the few official apps with very terse business related messages on the official computer, and I’d use my own (with encrypted tunnelling) for all web browsing, media playback, and all other messages.
That is what you should do. I work in an office environment and we have extreme rules on where we keep data and what we are allowed to do. I am okay with it because it isn't the fault of the company. It is hackers and AI that have caused the harm. This has cost companies millions of dollars trying to deal with the security requirements and protect against AI stealing company intellectual data. Company losses mean lower salary and layoff's for us employees.... Lets protect the data.
corporate networks use 802.1x port authentication to verify devices - you cant' just plug in random devices to open ethernet ports and get on the network. Same goes for wifi. Everything is tracked, on ALL connections
I've always assumed I have zero privacy in my workstation. There's so many safeguards running that I have roughly 50% of my RAM available at any given time. I can see log reports automatically generated from some activities, like PowerShell sessions. Even simple consultations sometimes generate a transaction ID. Software I download sometimes end up in the official company repository a few weeks later, so I assume they've analyzed it for security reasons but ended up liking it. So I'd say, don't do anything you'll have a hard time explaining later. Of course, This isn't the type of data managers/supervisors should have access to. It's for security reasons and to support an investigation in case something weird happens, not for micromanaging.
My office does it by default. You can’t do anything install anything access anything email anything look anything up without having to first run it by IT because they have everything locked down so incredibly fucking tight. I got tagged to make a photo archive 690 photos of a project we are working on ….. I couldn’t even download them from the camera to the workstation because connecting devices is disabled. They had to be emailed one at a time.
My opintion is the output is good who gives a flip if they worked for 8 hours that day or someone gigachadded only 8 minutes. If there performance is bad well that is all the info you really need too... I guess in that case you can at least maybe try and "diagnose" the cause for the poor performance but I suspect talking to the person for five minutes about the performance alone is going to yield a better outcome regardless.
As a former IT-admin i can tell you looking through a "private" work correspondence of a former worker is highly illegal as per european law. This also includes Teams and other form of communication, our protocol was to always have someone from a corporate legal team as part of procedure and written consent of ex-employee or legal reperesentative, court order etc. so for mail communications, someone requesting access had to specify in much detail what correspondence he was looking and he was allowed to have access only to that correspondence, everything else was off limits. If we would skirt the rules that would be over for us, as Data protection officers inside&outside company take these things very seriously. We had inTune on corporate phones, theoretically allowed tracking, but due to privacy laws we were not allowed to track phones even if they were lost, much to the frustation of the users. Best we could do is play a sound or send a message, but that's it.
Employer employee relationships should be based on mutual trust, if not just start looking for a new job/employees, it never ends well, be it constant surveillance/monitoring, report "sync" meeting, mandatory RTO,... are just trashy behaviors companies uses out of fear to put themselves in a superior position they lost
This applies very limited to EU workers as we actually have laws that protect our privacy. Really, the M365 dashboard works differently here. GL there in the USA!
As a 365 VP AI can tell you that I could not care less about snooping on users. However, once AI is able to monitor content without humans combing through messages, you may find that getting flagged for anti-management discussion, toxic communication styles, or lack of activity may increase.
If your employer is gathering statistics and micromanaging you like a toddler who needs his nap time set, getting fired might not be the worst thing that can happen to you. Companies should be tracking your output.
I worked for an organization that had multiple locations across the USA in the 1990s. We heard about two people who lived in separate locations. They sent each other smutty emails and thought their conversations were private. Instead, they were an example of what NOT to do on a company network!
I had an O365 license with my school that was active several years after graduating. When it finally got canceled I just downloaded LibreOffice, works great for what I need.
Here’s something to consider. Does being in meetings 8hrs a day make you more valuable to an organisation? Does typing 8hrs a day make you more valuable? If you monitor all employees e-mails, are you using that to monitor if people are getting bullied or if they’re talking about last night’s game? If you’re not monitoring bullying, why not? If someone is talking about last night’s game, is that a problem? If so, why?
Most important, what are people monitoring doing instead of actually working ? They need to go after doers as through out the human history, It has always been a scam
@@BossFlight - My point here is that it is difficult to measure productivity in a system that doesn’t output widgets or words per minute. Not typing something can be because someone is thinking. Not all thinking is done on Teams calls or in meetings. Being in meetings for many hours a day leaves little time to think or actually do stuff.
Possibly because the people monitoring are doing all the bullying. A lot of Gov Depts don't want people working at home as Managers can't strut about undermining others or trying to assert their unwelcome style on everyone. Deprive them of an Audience and they hate it.
@@Matt-yg8ub - It wasn’t trolling, it was a rhetorical counterpoise to the corporate “monitor everything” thing. It’s not really possible to assess the effectiveness of an employee by the proportion of time online.
A few things to remember this is company property and software people are working with. As a general rule of thumb it should only have company data on it, us folks in IT don’t want to have to dig up 100GB of family photos or your personal information if you get terminated are leaving the company. IT admins generally have god access and can theoretically see whatever they want on a corporate device so long as it’s online. That said we have neither the time nor care to monitor staff , but if you’re in trouble with your boss they may request access to this information. If it’s something important to track or report on it’s an automated process that spits out an alert or report. Broadly speaking IT is in staffs corner when it comes to privacy and frequently push back when executives try and roll out aggressive monitoring software.
Fyi when they make you do onboarding or try to nicely make it seem like no big deal to just downloaf their app or login to their workday...or visit their websitw fkr something...READ THE FREAKING TERMS YOU AGREE TO.
@@atari7001Yeah, the whole laissez faire, “It’s A pRiVaTe CoMpAnY, tHeY cAn Do WhAtEvEr ThEy WaNt” attitude has really shown its limits in the post-“Mexican beer,” brave new world we inhabit. However, companies are just following the example of the government here in US. The Patriot Act passed nearly 23 years ago, and since the 4th Amendment is apparently an analog concept, privacy has essentially been made obsolete in our always online, digital world.
LOL check again... it is not monitoring at all. these tools are available for business continuity purpose and for legal reasons and are definitely there in England. Active monitoring is not allowed in many countries.
When working remotely, I expect there would be some level of tracking / surveillance from the employer - especially websites visited. Major rule is never use the work laptop or device as you would a personal one. I'm sure they can override the microphone deactivation. But I deactivate it anyway, and use that little plastic shield to cover the camera lens.
GUIDs aren't not a method of weak anonymity, they're just the Microsoft version of a unique identifier for a user account. UUIDs in Linux are similar. It's a unique, queryable value. If user Djones worked for the company 5 years ago, left, and a new Djones gets hired, you could potentially re-use the user account name, but have unique GUIDs
I use a mouse jiggler, but I also set my status to Away. I use it because if my pc locks and the monitors shut down, when it wakes up I have issues with my monitor setup and they flicker constantly 🤦♂️
Hot tip: sample piece together emails that would get your boss fired and post them globally in outlook just before being escorted out then repost them to twitter after for good measure. Later when your boss shows up to your house and attempst assault with a deadly weapon you'll be prepared to deal with it's attempt with it's own repercussions.
Technically, an administrator can make themselves a delegate of yours (a person who can act on you behalf). Then they can see all private appointments easily.
@@PragmaticWorks That's why you when you schedule a block of time on your calendar for personal reasons, simply name the event "Private", with no other details. Then track whatever you need in your personal life calendar somewhere else. What matters is people know that you're busy.
Presence is problematic, although it's better now, sometimes you can be online and working and presence doesn't show you as available, especially if you are working from a phone or tablet. You can get a lot done on phones these days
When i have to reboot my computer i shut off teams. (Quit, log out, whatever) I've had to turn it on for a handful of meetings but otherwise it's not running. The company started using it maybe 5 years ago. I'm fortunate that 90% of my work is done on a separate non networked computer. Let's see if i can continue this for about 5 more years. 😊
It makes perfect sense why Microsoft still is profiting, even though their software is declining in quality each year. The level of surveillance access an employer has is akin to literal wage slaves. No rights in the office? You can't pay me enough to be subject to that 40 hours a week.
I always put in six point text, white text on white background, in my email signature. Some controversial terms just haphazardly spread around, solely because I knew this type of stuff was going on.
I like to keep my bosses too tech-illiterate to do this kind of stuff. I work as a freelancer now, but if anyone ever made me sign a consent form to spy on me, they’d lose me faster than they could blink. If this is what they need to do to keep business operations at an efficient pace, they were never gonna pay enough.
LOL they can "track" your location, if you do anything that touches corporate ressources or devices. By tracking I mean they can know your IP and thus approximate physical location. This functionality is available in ANY website or software that connects to a server and is the basic info a security team expects to find in logs.
Such surveillance should be an insider threat detective measure, not a performance evaluation tool. A good company sets SMART (Specific, Measurable, Achievable, Realistic, Time-bound) targets for their employees and evaluate their performance base on these. I wouldn't mind if my employee achieves agreed targets in 60 productive work hours instead of 160. Such employee would be more valuable than the other working 200 hours and achieving 70% of targets. 🤷♂️
I just work and assume everyone's always watching, I go out of my way to stay very neutral on teams etc as even without someone tracking it you may as well assume anything you say to anyone on teams is going to be leaked in one way or another.
make new emails and phone numbers and use virtual machines to do anything on one of my dozens of surface tablets for work. If work tries to make me do anything on a pc i tell them they must provide me with a device (legal right) or I do it on the clock at work in their physical location.
Let's say I work from home using a company laptop. Obviously I only do work on the company laptop. But on my own laptop and phone, I may have music and/or TV shows running in the background. Could my employer use my work laptop to "colonize" my router and/or my other devices so that they can see everything I do even on my own devices?
I think the most they could do is use your company machine to scan your home network. If you put your work computer on the guest WiFi and enable AP Isolation on your guest WiFi this should mitigate that risk without having to spend money on extra networking gear to use something like VLANs 😅.
I don't think most companies would be interested in doing that. Most companies are trying to protect against hackers and AI stealing their company technical secrets rather than worrying about you listening to music. My employer sends out fake phishing emails to company email addresses. If you click on a link on one of them you failed and get more security training. They don't want you browsing social media and clicking on random links.
It is not possible to recover deleted chats in Teams for users. Deleted chat or channel messages cannot be restored directly. If you have a compliance retention policy or legal hold in place for Teams messages, an administrator can recover these from the Compliance center via eDiscovery search.
One of our super important Teams channels got deleted by accident the other day and around 3 days later it was restored with all the messages still there. Not sure how they did it but it's clearly possible, maybe with eDiscovery.
If you're tracking mouse clicks and keyboard presses, you're tracking effort rather than results. You need better metrics to determine whether an employee is being productive.
You should assume they see everything you do on their IT assets. They're not literally spying on you actively. Nobody has the man power for that. It's all monitored and recorded. They only care about IP assets and liability. i.e. in appropriate emails/DMs. IP theft, unauthorized access. In appropriate accessing of forbidden websites. etc.
Anything owned by your company belongs to them. So if you’re using anything provided by the company, be aware that they can track and monitor it. It’s that simple
Office 365 keeps everything including stuff that was deleted. all it does is unlink it from your mailbox. its why don't use it mostly because of all the office 365 hacks. Your proprietary information is 1 bug away from being open source
I can't speak to the legal side of things but from a technical side, if you VPN, they can see any network traffic passing though the VPN tunnel (even not work related). If it's a personal laptop, that should not work the minute you sign off of the VPN.
They should only be able to track activities within their network assuming that they have the equipment and software-defined solutions to do this. I worked as an IT network PM for a bit. They should also be able to track your activities on corporate-owned assets, including any PaaS that has this ability (like Microsoft Entra ID). IF you are not on the corporate network (whether remote or on site), then the traffic is not visible to them assuming that you are on your own private and secured network. If you use your own device and operate under your own private network and on non-corporate owned IT assets, then no one else should be able to see this. Let’s say for example, if you are using the corporate MS Teams via your work credentials, they can see your activities on that service. If you use your corporate phone, they’ll likely have some kind of a UEM solution (like workspace one) and can track your activities on your work profile. Now, let’s say that you are trafficking data on the corporate network, depending on what you are moving, that data packet is often encrypted and hashed (assuming the company is using a sophisticated traffic management solution like a SD-WAN solution). Whatever that traffic is, it would take some time to decipher the information into something tangible. This requires a specialized skill set. If it’s videos or media files, for example, then they can see this. If it goes through encryption protocols from the sender service, then it should be encrypted. The SD-WAN solution, for example, would add an additional layer of security to prevent malicious activities. Some sophisticated network solutions can even tell its administrators WHERE you are working from if within the network, like, what room of the building, which floor, etc. It doesn’t work really well with VPN technology because VPN essentially makes it look like everyone is working from the corporate network by redirecting their traffic in a VLAN or a set of VLANs (depends how segmented they want) specific for remote workers. VPNs mask your real IP address. We can also see which sites you’ve visited or browsed, but we can’t see what buttons you’ve clicked on. I suggest that if you choose to watch RU-vid or Netflix from a corporate network, just don’t. Get onto a private network, like your personal cellphone data network and sign onto a VPN for additional security. Just assume that whatever you do on a network that you have NO control over, then do not expect privacy. I remember having to explain to the privacy officer at work that our view of user activities are often limited and certain features could be turned off. For example, a user signing onto their online banking service to pay a bill. We can SEE you went to a banking site, but we cannot see your activities on that site. At that point, the user is entering into a separate network infrastructure that is no longer under the purview of the company.
If the company doesn't provide the basic tools needed to do your job, it's time to find a new job. Laptops are dirt cheap these days, there's no excuse. I'd never EVER install any company anything on ANY personal device - full stop, no exceptions.
Anything on your company network can be seen if it's not encrypted. Do not do anything you shouldn't on a company computer or network. Some IT departments will spy on it's employees just because they are bored.
Now that's an interesting thought. GDPR is for customer privacy but I wouldn't think it would apply if you're employed by a company. That said, I'm an American and don't know all the minutia of GDPR beyond what we have to do to support it with our customers.
@@PragmaticWorks the GDPR law would apply as long as the employee process data of employees that are residents of the EER. (Even if they work in de US) Arrests like Niemietz, Halford, Copland (all European arrest) state that there is “ an employee may expect privacy within the workplace”. That said I am a European and I understand that US law will be different. My main concern would be that M365 features probably are exactly the same in the US as in Europe… that makes things interesting ;-)
@@kevinmitchnik702GDPR doesn't stop companies tracking what you do on their company computers, as long as they tell you, which pretty much all companies do with some clause in the Acceptable Use policy. GDPR also doesn't over ride other laws and regulations where collecting and keeping data is mandatory and this is explicitly spelt out in the GDPR regulations.
@@kevinmitchnik702I don't know about those arrests but the privacy the courts talk about normally relates to private communications at work or using work computers. I.e. an email to a family member rather than a supplier or client where it's expected that they could be monitored.
Gdpr is even stricter for employees in a certain way. Because you are in a submissive position as employee you are considered a vulnerable group similar to children with additional consideration regarding your data protection.
I wonder in how far EU laws protect us against these spy tactics. There has not been a high level case yet (as far as I know) that might kick things back in the EU. In any case a company that needs to use these tactics will eventually fail (or underperform) as trust between employee and employer is lost and thereby the motivation gets lost. The best people might also leave the company as they feel uncomfortable.
I'm not sure these could be considered spy tactics... So think about this. You're paying for Office 365, and the computer that the user is working on. your employees are using Office 365 either remotely or in the office and they're not doing what they're supposed to do. And you notice this because productivity is down what should normally take Say an hour to produce is now taking 2 days.... So before you jump to conclusions and confront the user on their production.... You get some visibility on and how that worker is performing over another worker... For a product that you are paying for you're able to get that information, build a case against that user and then formally terminate that user. It's 2024. You've got to have receipts when you go to terminate somebody based on performance. And if you think these tactics are bad, you should really not look at products like teramind. From my experience working in the IT field, I can tell you in my experience $99.9% of the time the employer usually has goods reasonable suspicion that the user is not doing what they are supposed to and being able to get visibility only proves their suspicion.
Just don't use company's tools for personal use. The company is allowed to do what they want with their tools. If you aren't trying to play the system then you shouldn't be worried.
Humans have always had horrible conduct, not talking about employees... this is only enabling these bad behaviors, for me I´ve always said, when a crappy manager has the hots for you they´ll take you off for ANY reason, they are now given more tools but it´s the same, bad people will always crap on others.
This is somewhat misleading. He keeps saying boss, when what he really means M365 Global Admin. Your boss, unless he is the global admin, does not* have access to the majority of these tools.
