Can my usage be detected at work?
January 30, 2010 7:45 AM   Subscribe

My employer uses Websense to limit what sites we can visit. I recently discovered that is not blocked. My question is: can they scan packets and figure out that I am using it to log in to my computer at home? Does use any kind of signature protocol/port that would raise red flags, or is it pretty much just a standard webpage?

I am planning to use the Firefox extension to access it, but it also can be run via any web browser in Java.
Secondly, would you consider using this site to be "dangerous" to their network? To my knowledge, our internet usage policy does not forbid using it, but, in theory, if my computer had a virus, could it spread to their network?
posted by idyllhands to Computers & Internet (14 answers total) 2 users marked this as a favorite
Would you be comfortable explaining what you were doing to your boss's boss? Remember that to non-tech people, it doesn't really matter whether what you did was technically not a violation, if it looks hinky or non-work related, you can expect to get called on it. Are you planning to use your home PC as a proxy to surf to web-sensed addresses? Clearly a violation of policy. Wait to surf till you get home.
posted by cosmicbandito at 7:56 AM on January 30, 2010 [2 favorites]

Best answer: If they really wanted to, they could discover that you're using LogMeIn. Beyond that they probably won't be able to intercept and interpret any of the data that you're actually sending back and forth between your work and home computer, meaning they can't see what you're browsing on your home PC through LogMeIn. There's also no risk of malicious software getting into your work system from your home system through LogMeIn as far as I can tell.

Keep in mind, though, that your IT department probably does not sit around watching everyone's traffic to try and see if you're doing anything "bad." Unless you start eating up a lot of bandwidth they'll probably never even notice, nor will they care.
posted by joshrholloway at 8:04 AM on January 30, 2010

Best answer: If your employer is using Websense, as my employer is, it's safe to assume that they can and do see everything that you do. It doesn't matter if we consider using this workaround to be 'dangerous' to their network, it matters if they do. Try using is and see what happens. Every time I would try a workaround, they would quickly get blocked. This leads me to believe that they see them all. For example, Gmail is blocked. I Googled around, found some ideas for workarounds. Go to work, try them out, they work. The next day they are blocked under the Websense category 'proxy avoidance.' My solution? I use my iPhone to do what I need to do at work. It's not really worth losing a job or facing a disciplinary action in a shitty economy.
posted by fixedgear at 8:09 AM on January 30, 2010

meaning they can't see what you're browsing on your home PC through LogMeIn

This is not particularly a good thing. It makes it easy for them to assume the worst about your reasons for avoiding the filters.
posted by smackfu at 8:11 AM on January 30, 2010 [1 favorite]

They may not be able to see the content you're getting via, but they're definitely going to notice the bandwidth usage -- streaming a desktop session over their network will be apparent in the network logs versus reading webpages. In that sense, it is dangerous to their network - you'll be taking up a chunk of their connection to the outside world for personal reasons. Although you're just viewing your offsite computer, I believe that Logmein (like a lot of of the VNC-like services) has a way to transfer files between machines, and that does constitute a security hole.

I'm sure they'll catch it pretty quick and add it to their Websense block list, but being blocked by Websense isn't the problem: they use Websense to prevent you from accessing non-work-related things. If you're not using it as part of your work, then you probably shouldn't be doing it anyway. Just because you can easily circumvent the firewall doesn't mean you're following company policy. Your boss is going to be the one evaluating your performance, not the Websense box.
posted by AzraelBrown at 8:31 AM on January 30, 2010 [2 favorites]

I'm an employer with a very unsophisticated system of monitoring.. but, i can see the screen of every computer in the building if I choose, and I track every, single, site visited.

I think the issue is, if you're visiting a blocked site via some proxy, they would probably be able to determine that, and they will have cause to fire you... is it worth it?
posted by HuronBob at 8:40 AM on January 30, 2010 [1 favorite]

Someone will eventually notice that you're using logmein. So what you're gambling is, will that person care enough to "pull the string" and look further as to what you're doing? If so, will they care enough to let their supervisor know? Will the supervisor consider it a risk or be pissed on principle that you're using a workaround to do something you know you aren't supposed to be doing? And finally, if they do find that to be a problem, will they just add it to the block list, or will they also consider disciplinary action against you?

That's a lot of ifs in the choose your own adventure path, and one of the endings is one I don't like, so I personally wouldn't make a habit of it. Maybe one isolated time for a very good reason I'd be willing to admit and apologize for, but that's it.

Other people have pointed out that yes, it's possible for them to get suspicious and just watch your session if they wanted to. And if logmein can transfer files from home to your employer's network, then they will consider that a security issue if it comes up.
posted by ctmf at 10:12 AM on January 30, 2010 [1 favorite]

Here's the questions you should ask. Does my IT department really get computer security and are they in touch with reality. Does my boss?

My corporate masters really don't - they would have you believe that plugging an unauthorized mouse into you PC will spread of viruses. They spend scads of money on snake oil security USB drives and the like. Recently I found that the user data base in one of our special validated systems was encrypted with something roughly equal to ROT13 - when I informed the powers that be of this, they did precisely nothing.

There is no doubt in my mind that if I got caught using the setup you describe at work, I would be suspected of downloading child porn and selling nuclear secrets to the highest bidder. (And I don't even have any nuclear secrets. At least not at work.)
posted by Kid Charlemagne at 10:43 AM on January 30, 2010

Best answer: I work as a sysadmin/head of IT and have for years in various companies. Generally speaking, I can sniff your traffic and figure out almost any damn thing I want to about it. The question is, what kind of IT department exists at your workplace? Some places we didn't really care what you did as long as you didn't:
- Download something that was going to screw up your workstation (and make more work for us)
- Download/view porn or visit any sites that might get HR's shit in a knot.
- Download (see a trend here?) pirated software, music, games or TV/movies.

In other places, however, IT's focus was a lot more razor sharp, and we were on the lookout for anything that was detracting from people's work. This was motivated usually by one of two things:
- the company was run by a bunch of relentless soul suckers who believed that employees time was a precious commodity to the point that one place was seriously considering installing a system to monitor bathroom use.
- The company is in a sensitive field or deals with a lot of sensitive data, and there are HUGE liability issues for the company if an employee does something stupid and exposes the network to risk unintentionally. In places like this, you're damn skippy I was looking at everything weird people were doing. The first time I would catch someone doing something bad I'd usually just have a quiet chat with them, and only kicked it upstairs if the behavior continued. Not all of my colleagues were as discreet on a first offense however, so if you work in a place that would fall under this category, doing what you want to is a little like Russian Roulette. Is your IT guy like me and will come over to find out WTF you think you're doing first and educate you on your folly, or is he going to push the panic button and your first clue is a session in the hot seat with your boss and a distinguished panel of paranoid execs? The problem there is that unless you have a good feel for the IT people, you won't know which way they'll jump if/when they find out what you're doing. And if you had a good feel for your IT people, you wouldn't be asking us, you'd either know it's a bad idea, or be running it by one of them as a "hey you don't really mind if I just access at lunch do you?"

So my advice to you is don't do it.
posted by barc0001 at 1:23 PM on January 30, 2010 [2 favorites]

It heavily depends on your workplace. Some workplaces have very strict rules regarding outside connections from the office. Financial institutions have auditing requirements around this to meet to prevent insider trading, and their logs will definately be analysed by the auditors and risk items created, presented to the board, bonuses of CEO's risked and, without being too dramatic, QUESTIONS WILL BE ASKED.

Other companies couldn't care less. I always think if they are making the effort to block most things then they care about this stuff, and finding ways around them is a great way to draw negative attention to yourself.
posted by Admira at 2:28 PM on January 30, 2010 [1 favorite]

barc0001 is right. Also, your traffic is being logged to a database, so it's not like they have to be watching you at the time—your logmein use will show up on reports.
posted by paulg at 2:40 PM on January 30, 2010 [1 favorite]

Keep in mind, though, that your IT department probably does not sit around watching everyone's traffic to try and see if you're doing anything "bad."

Bored IT guys don't look for "bad", they look for "entertaining".
posted by Area Control at 10:09 AM on January 31, 2010 [1 favorite]

Searching for work nowadays is not like it was whenever you've searched for work previously. There is such a large population of people seeking work that employers have a very definitive upper hand, and can have very meticulous standards for hiring. The employer-employee balance of power is deeply unbalanced at the moment in favor of the employer, since there is a high demand (jobseekers) for little supply (jobs).

Given that, if your employer is using Websense, I'd recommend not trying to circumvent their restrictions, simply for purposes of safeguarding your own economic safety. If you are fired for cause, you don't get unemployment assistance, making your fall an even harder one (and given that your employer helps fund your unemployment insurance, they will have an economic motive to challenge your unemployment insurance application). And when your current employer is called by a future potential employer, you may find the reason for your dismissal will follow you and work against you in future applications.

This isn't an answer to the question you asked, but the reason I'm saying this is not out of any sense of being preachy, but to warn you that the action you're asking for help in completing presents potential economic harm to you. I'm presenting this advice not out of any sense of goodness or badness, but just in terms of safeguarding your economic well-being. With all due respect, I'd not do what you're thinking of doing.
posted by MikeHarris at 12:21 PM on January 31, 2010 [1 favorite]

Almost all companies have click-throughs when you log on to a workstation that says while you may not be monitored, the company reserves the right to monitor you at any time and in any way. If you have something like this I would treat your workstation like it is monitored at all times. As others have said, logmein showing up in weblogs is rather suspicious. Why would an employee need to circumvent the web filtering that a company has in place? Even if they can't intercept your traffic it's going to raise questions. Where you work makes a big difference in how big a deal this is; if you worked for a financial services company for example they could view that as an employee potentially trying to get data out in a way that they can't control and that is a compliance issue for them. Even if it feels innocuous to you context is important to consider here.

I'd echo what others say; it probably isn't worth the risk.

If you have to get outside of the filters why not a smart phone or a laptop with a cellular card?
posted by zennoshinjou at 6:03 PM on January 31, 2010

« Older Well, even Warren Buffett had to start somewhere.....   |   Should I travel to Southeast Asia in the rainy... Newer »
This thread is closed to new comments.