muttleynfelix
Junior Associate
Joined: Dec 20, 2010 15:32:52 GMT -5
Posts: 9,406
|
Post by muttleynfelix on Sept 5, 2013 9:11:07 GMT -5
so what happens when someone does some inappropriate surfing of the internet? if everyone in the office logs on with the same password, how do you know who's visiting the porn site? how do you know who's wasting time? how do you know who did something malicious? I have a government computer and log into a government system. We are not allowed to give anyone our passwords for any of the multiple systems we log into. My employer doesn't monitor our computer usage or what we do on it. As long as your work is done you are left alone. If the work isn't getting done then I suppose that would be addressed but we are not micromanaged. We also don't deal with any highly sensitive materials. The only sensitive issue would be financials and that is under a different system that only our accountant, cpa, and director has access to. Honestly, I don't see it as that big of a deal. The only thing I take issue with is that someone could have access to my email which is why I don't allow any personal emails to be sent to my work address. I guess if someone is nosey or wishes to sabatoge me they could but I don't sit around worrying about it. I work at a company of 5 people. If I'm on someone else's computer, it is because they are out of the office. People are going to know who is looking at internet porn and who isn't just by the times it is looked at. Internet useage is not monitored except to make sure our work is done. If my work isn't getting done (and there was a stretch where it wasn't), I get a talking to. But really all that matters is that work is done and clients are happy. My work isn't secure. Everyone except my office manager NEEDS to have access to my work. For example, we get a contract to do a site plan for a new office. The surveyors go out and survey the property. They then come in and draw it up. The drawing goes to the architect. The architect draws in their vision and sends it back to me. I take the parking lot and building location and make sure that it meets all local zoning codes and regulations. I then determine the elevation of the building, make the parking lot drain, determine stormwater detention. I finish the plans and give the drawing back to the architect for coordination. My boss may end up tweeking something in the drawing because I'm out of the office. We get the plans approved and then my surveyors take the drawing and do construction staking off of the drawing. All of our work is on the server, but as far as sitting at someone else's computer, some people have different programs. AutoCAD is finicky. Sometimes it is acting up on my computer, but I need to keep working. Sometimes the settings are screwed up and I don't have time to finish them. To upload items to the LEED website I need a 32 bit machine with Internet Explorer 9.0. My computers at work are not compatible with that. My field land surveyor and my office manager's computers are. If I need to scan something, I need access to my Office Manager's computer. We all have passwords, but we all know what everyone's password is.
|
|
sheilaincali
Senior Member
Joined: Dec 19, 2010 17:55:24 GMT -5
Posts: 4,131
|
Post by sheilaincali on Sept 5, 2013 9:17:22 GMT -5
Oh, I must work in a strange office because we all have the same password. Most docs are also saved on the server so they can be accessed in case someone is out of the office and info is needed. This is one reason why I don't have any personal docs or personal emails on my work computer. I'm with you. We routinely log onto everyone else's computer. I am instructed to check my boss's email several times a day while he is on vacation. This is our office too. I have every single password on a piece of paper that the Bossman and I each have a copy of. At any given time I can log in to anyone's computer, check their voicemail, etc. They can't do the same to mine however. Our office is small and the salesmen are out of the office a good bit of the time plus they take the winter off. Bossman hasn't physically been in the office since 5pm last Friday. I get a lot of "can you look up that quote I did and fax it to so and so" or things along those lines or "check my email, so and so was going to send me plans for this project"
|
|
Rocky Mtn Saver
Junior Associate
Joined: Dec 23, 2010 9:40:57 GMT -5
Posts: 7,461
|
Post by Rocky Mtn Saver on Sept 5, 2013 9:18:37 GMT -5
If M is a floater, then the IT department may have run into this before. Boss could have called and said "We have M working here today and she doesn't have a password to sign in over here yet". (instead of "perhaps is hanging out on a message board on our dime and we want to investigate her" ) And it's possible that IT said "Ahhh....M! We've had this happen with her before. Let me reset the password on that station and she should be good to go" instead of something more nefarious. I'm just playing devil's advocate here, I guess. Perhaps hasn't been around the new big company long enough to know if this is SOP or not. (ETA: regardless of what's in the handbook or not) Would that look the same as someone being logged in AS THE OP? On our computers, being logged into a computer has no relation to being logged in as a person. Anyone can log into a computer but can't log in as someone else.
|
|
Deleted
Joined: Oct 7, 2024 4:33:34 GMT -5
Posts: 0
|
Post by Deleted on Sept 5, 2013 9:20:46 GMT -5
I'm no IT person (DH is) so I don't know what it looks like. Then again, perhaps doesn't know what it looked like either. All she knows is that her passwords were changed. Maybe IT documented in the logs that her station was changed to accommodate M for the day and everything will be reset by perhaps when she gets back in today (i.e.: 9/4/13 "M in ____ office today and needed access. P was off, so we reset P's passwords and she can reset them when she is back in on 9/5"). We don't know.
|
|
Rocky Mtn Saver
Junior Associate
Joined: Dec 23, 2010 9:40:57 GMT -5
Posts: 7,461
|
Post by Rocky Mtn Saver on Sept 5, 2013 9:26:01 GMT -5
I'm no IT person (DH is) so I don't know what it looks like. Then again, perhaps doesn't know what it looked like either. All she knows is that her passwords were changed. Maybe IT documented in the logs that her station was changed to accommodate M for the day and everything will be reset by perhaps when she gets back in today (i.e.: 9/4/13 "M in ____ office today and needed access. P was off, so we reset P's passwords and she can reset them when she is back in on 9/5"). We don't know. I'm pretty sure it doesn't work that way. No networked system I've ever worked on has computer stations that are solely tied to specific individuals. The computers are free-ranging and what is specific to each person is your user logon to the whole system (not any specific computer). You can log on to any computer but you can't log on as any person.
|
|
Deleted
Joined: Oct 7, 2024 4:33:34 GMT -5
Posts: 0
|
Post by Deleted on Sept 5, 2013 9:28:00 GMT -5
You would know better than I. (ETA: me and my darn imagination....some thing are impossible beerwench! *smacks self upside the head*)
|
|
formerroomate99
Junior Associate
Joined: Sept 12, 2011 13:33:12 GMT -5
Posts: 7,381
|
Post by formerroomate99 on Sept 5, 2013 10:53:50 GMT -5
I'd be very suprised if the IT department knew what was going on. After all, what can you really tell from a voice on the phone?
In either case, I'd try to find some way to get proof of what was going on so you can CYA.
|
|
souldoubt
Senior Member
Joined: Jan 4, 2011 11:57:14 GMT -5
Posts: 2,756
|
Post by souldoubt on Sept 5, 2013 11:24:21 GMT -5
What matters is who is showing up as the person logged in. I can go to any computer at my work and log in as myself and have access to the folders I need access to but it's going to show that I'm logged in. The issue isn't someone else using the computer at your desk it's them using your log in. The IT department can only say who was logged in not who was at work that day, who was away from their computer at lunch, etc. Small office or not it's just a bad situation because there's only downside as someone else logged in as you.
|
|
greeniis10
Well-Known Member
Joined: May 9, 2012 12:27:09 GMT -5
Posts: 1,834
|
Post by greeniis10 on Sept 5, 2013 11:49:30 GMT -5
OP, I don't think you NOT responding to the initial requests from another co-worker on your day off was being passive aggressive. First, it was your day off. You may be out of town or out of reach or just disconnect completely on your days off, as I do. Second, a co-worker should not have been the one to contact you regarding this. Your boss / employer should have. That way you would know that it was a legitimate request and then you could have voiced your concerns at that time and declined. But, not responding was fine, too.
I'll be anxious to hear how things to today. Knowing WHAT IT was told and why they complied would make a big difference on how I would proceed. Good luck!
|
|
Angel!
Senior Associate
Politics Admin
Joined: Dec 20, 2010 11:44:08 GMT -5
Posts: 10,722
|
Post by Angel! on Sept 5, 2013 12:48:10 GMT -5
My employer doesn't monitor our computer usage or what we do on it. As long as your work is done you are left alone. If the work isn't getting done then I suppose that would be addressed but we are not micromanaged. We also don't deal with any highly sensitive materials. The only sensitive issue would be financials and that is under a different system that only our accountant, cpa, and director has access to. Honestly, I don't see it as that big of a deal. The only thing I take issue with is that someone could have access to my email which is why I don't allow any personal emails to be sent to my work address. I guess if someone is nosey or wishes to sabatoge me they could but I don't sit around worrying about it. I work at a company of 5 people. If I'm on someone else's computer, it is because they are out of the office. People are going to know who is looking at internet porn and who isn't just by the times it is looked at. Internet useage is not monitored except to make sure our work is done. If my work isn't getting done (and there was a stretch where it wasn't), I get a talking to. But really all that matters is that work is done and clients are happy. My work isn't secure. Everyone except my office manager NEEDS to have access to my work. For example, we get a contract to do a site plan for a new office. The surveyors go out and survey the property. They then come in and draw it up. The drawing goes to the architect. The architect draws in their vision and sends it back to me. I take the parking lot and building location and make sure that it meets all local zoning codes and regulations. I then determine the elevation of the building, make the parking lot drain, determine stormwater detention. I finish the plans and give the drawing back to the architect for coordination. My boss may end up tweeking something in the drawing because I'm out of the office. We get the plans approved and then my surveyors take the drawing and do construction staking off of the drawing. All of our work is on the server, but as far as sitting at someone else's computer, some people have different programs. AutoCAD is finicky. Sometimes it is acting up on my computer, but I need to keep working. Sometimes the settings are screwed up and I don't have time to finish them. To upload items to the LEED website I need a 32 bit machine with Internet Explorer 9.0. My computers at work are not compatible with that. My field land surveyor and my office manager's computers are. If I need to scan something, I need access to my Office Manager's computer. We all have passwords, but we all know what everyone's password is. We are an office of 7, but all files are saved to the server which everyone can access. Then all computers have a the same generic logon that can be used. Like you several of our programs are only on one or two machines, so you might have to use someone else's computer to use a specific program. But, we can do it with the generic logon so you don't get access to that person's email or personal files. If you have a lot of trust, the passwords and access probably isn't a big deal. We have switched computers without logging out/logging in. But, I don't know other's passwords, so I couldn't log in without them aware that I was doing so. But, if some person I don't know is doing work under my name and corporate doesn't realize it, then that seems like a really bad thing. I would tell HR or IT about the situation. This seems like this could really bite you in the ass if M screwed up a bunch of stuff under your name.
|
|
Firefly
Established Member
Joined: Aug 12, 2011 5:11:52 GMT -5
Posts: 263
|
Post by Firefly on Sept 5, 2013 16:53:59 GMT -5
To cover your own a$$. I would send an email to both owners and the IT department about your concern that your password was reset on your day off. This accomplishes two things at once 1 it may actually get you an answer on whether that is an acceptable behavior and 2 it gives you and actual paper trail if sh!t hits the fan.
|
|
perhaps
Junior Member
Joined: Sept 8, 2011 14:47:21 GMT -5
Posts: 139
|
Post by perhaps on Sept 5, 2013 18:52:43 GMT -5
Okay I have some answers.
After the usual morning rush I had a mtg with thingse owners. Apparently they were told on Tuesday that M cleared the background check, was approved and her appointment would be complete Wednesday. So they had M come in Wednesday. She goes to log in and her accounts are still locked. They call big company and are told she will be complete and appointed sometime on Wednesday. They jumped the gun by having her come in before getting the final email with her appointment info and company clearance.
So M is just sitting there doing nothing. Then my co-worker volunteers to text me for my sign ons and passwords (really surprised and upset about this part). After I didn't reply they decided to call technology and have my system remotely accessed so M could work.
I was told M handled simple stuff all day and had to double check everything with a co-worker. They reason they gave tech was that they were new owners and the computer system was not completely updated. They needed me logged in to complete some programs.
They got M's email approval late afternoon but her log ins weren't up and running yet. I asked for a letter to be put on file that I was not working that day and all work under my number was done by M, they claim they have to get that approved by legal. They apologized and assured me it would never happen again.
Ok first off I accepted the apology and will continue on. But their response about tech is total b.s. tech is the one that transitioned all our systems to New ownership over the week end. We wouldn't have been allowed to work on Tuesday if it wasn't complete. Secondly, seriously upset about my co worker being the one that decided using my sign ons was a good idea.
|
|
perhaps
Junior Member
Joined: Sept 8, 2011 14:47:21 GMT -5
Posts: 139
|
Post by perhaps on Sept 5, 2013 19:00:49 GMT -5
sorry had to get off tablet it was acting wonky.
I am not expecting them to put a letter in my file stating they allowed M to play the role of me for the day. That would mean they pretty much admitted to violating the company tech/privacy policies.
I added my own note to my file and documented i was off that day.
Bottomline I think they panicked. They had M come in to early and were pretty much paying her to sit there watching everyone else work. They knew it was wrong and dedided to do it anyways.
Still not at all happy about it. I am glad they fessed up but it isn't sitting well with me. I will give it a bit more time (like more than 2 days) to see what kind of employers they really are.
Thanks for letting me vent.
|
|
perhaps
Junior Member
Joined: Sept 8, 2011 14:47:21 GMT -5
Posts: 139
|
Post by perhaps on Sept 5, 2013 19:14:43 GMT -5
And to answer beers inquiry......
It wasn't my workstation or computer that was violated. But my log ons. I can log into any computer in my company, I do not have to be at MY desk. Every employee has their own log ins and passwords. You are NEVER to share your passwords or log ins. IT can remotely get into my log-ins (bypassing my passwords). But this is never to happen unless management is suspecting employee of wrongdoing.
I am sure every company is different about passwords and computer systems. But security is NOT taken lightly where I work. Once a year we have to complete a privacy/technology/security internet course. Every single time you log into our system there is a big bold paragraph restating the companys stand on privacy and technology, by logging in you are agreeing that you understand this agreement. Any violation of this agrrement and they can fire you,no questions asked.
So someone logged on as me, working as me, is not really just a small casual thing where I work.
And yeah, I am gonna have to talk to my co-worker...WTF was she thinking?
|
|
chiver78
Administrator
Current Events Admin
Joined: Dec 20, 2010 13:04:45 GMT -5
Posts: 39,479
|
Post by chiver78 on Sept 5, 2013 19:25:02 GMT -5
ugh. yes, absolutely talk to your coworker. although, if the overall attitude toward security is as bad as you describe, I can't say I'm all that surprised this happened. as far as the company goes, do you have all of what's in your post # 73/74 in writing? even outside your personnel file. I would absolutely insist on that, and still CC someone at the "big company" to make sure you CYA. it might not make for a pleasant office experience locally, but it will absolutely CYA if the parent company decides to clean house for whatever reason. personally, I don't have a warm and fuzzy feeling about all this. I work in a heavily secured field though, and your OP raised flags to me that other posters never considered. good luck, please keep us posted!
|
|
Nazgul Girl
Junior Associate
Babysitting our new grandbaby 3 days a week !
Joined: Dec 25, 2010 23:25:02 GMT -5
Posts: 5,913
Today's Mood: excellent
|
Post by Nazgul Girl on Sept 5, 2013 20:03:39 GMT -5
If you want to keep your job ( at least while you're looking for a new one ), I'd just move on. If you make what the new owners feel is a "big fuss" over what was a momentary lapse in judgment, you will be labeled a troublemaker and be let go when they downsize.
Honestly, they eff'd up. But, in the long run, you can prove that you were off that day, and you have had a meeting with them, so they know how you feel. Just be Sally Sunshine for awhile, even though you did nothing wrong.
I saw my very excellent old manager let go because she fought against changes that the new management team was bringing on board.
Be very cautious and be friendly with new employee "M", and your coworker as well. We all get upset about stupid shit at work, but in my office, for example, taking it too far can get you let go.
Just my opinon.
|
|
8 Bit WWBG
Administrator
Your Money admin
Joined: Dec 19, 2010 8:57:29 GMT -5
Posts: 9,322
Today's Mood: Mega
|
Post by 8 Bit WWBG on Sept 7, 2013 12:54:47 GMT -5
...:::"So all the work done under my id for Sep. 4, 2013 and people are gonna think it is me. I really doubt we r going to remember a few yrs from now that M was me on that day. Sometimes errors aren't noticed right away, nice to know that my id is tied to someone else's work.":::...
If it were me, this is the first thing I would do. You are right that in 4 years, you won't remember unless you take precautions.
Can you save a copy of the text? Who and when it came from? That is worth something. Documenting your own file was helpful. Hopefully the discussion about having a letter stating you were off that day was had in writing?
I hope this is the last issue you face for a long time.
|
|
Ombud
Junior Associate
Joined: Jan 14, 2013 23:21:04 GMT -5
Posts: 7,600
|
Post by Ombud on Sept 7, 2013 18:43:46 GMT -5
I'm thinking of the Hipaa violations thread. Anyone else? Not me. To me this sounds like it's about money, bookkeeping, or sensitive client financial info. I'd recommend covering your ass and going over the side. When a coworker asks you to break rules on day 2 and ownership agrees, you have nothing to gain by staying. Crapoholic!! The reason you cannot do this in nursing is that if someone gives the wrong med your license can be in danger. If they look at the wrong file, note on the wrong patient, etc. In tax prep, your ID# is on it. If I worked on someone else's account, it would transfer to me until they transferred it back. If I noticed an account transferred to someone else, I had the opportunity to check it before I closed one of my accounts out -- and that would put it back under my #. Gotta have accountability In your situation .... Wow. Just wow.
|
|
motherto2
Well-Known Member
Joined: Dec 18, 2010 15:42:27 GMT -5
Posts: 1,719
|
Post by motherto2 on Sept 8, 2013 19:54:51 GMT -5
So sorry to hear you've been put in a situation like this. We also don't share logins and passwords. We have shared folders that anyone in the office can access, but if they needed some sort of history trail, they can find out who used it when, etc. IT is very serious in our office. Not that I've ever heard of it happening, but a disgruntled employee can wreak havoc on a computer system. I think keeping the records of you being off that day, with an explanation of what happened, etc. will definitely go a long way for your peace of mind.
Good luck
|
|
greeniis10
Well-Known Member
Joined: May 9, 2012 12:27:09 GMT -5
Posts: 1,834
|
Post by greeniis10 on Sept 9, 2013 11:46:31 GMT -5
Thanks for the update! Sounds like it was a non-thought-out, bad suggestion by your co-worker but STILL it's not that persons fault - the business owners should have said, "No, thanks for the suggestion, but that is against policy."
Why didn't they just send M home or give her other work to do? The security breach is what concerns me.
Good for you for documenting everything. That's all you can do at this point, I guess.
|
|