Let’s say an employer is in the internet security industry. He routinely
monitors employee mail at their office address. Since he knows all about
hacking, he can no doubt monitor their personal email as well. If he does so,
can he also monitor documents and anything else of interest on the personal
In this excerpt from
Answercast #29, I look at the kinds of things an employer can monitor:
basically, everything… if it’s on a work computer.
So, there’s a couple of assumptions that you’re making that I honestly don’t know if I’m going to make the same way. I really, strongly, take issue with, “He can no doubt monitor their personal email as well.”
The only thing that an employer can monitor is what happens on the computer that the employer provides.
In other words, the computer at work. In which case, he can monitor everything:
All incoming and outgoing email whether it be business or personal;
All documents on that machine;
- And all data transferred to and from that machine.
It’s a company machine!
Similarly, if all of the information exchange occurs on the company network, then the same thing applies. The company can, in fact, monitor all of the data that’s transmitted across the network.
Yes, you can encrypt it… but there’s ways around that, at times, in the corporate environment. Typically, people don’t use that, but at a minimum, they know to which sites you’re visiting, if nothing else.
The company’s computers
So the issue is more about not what you’re doing, but where you’re doing it from.
If you’re doing it on a computer at the company, everything’s open and up for grabs. If you’re using company resources (like the company network to do this work), once again everything’s open and up for grabs.
Even when you work from home, there is a possible risk, if the company is aggressive enough. And that is simply this, if you connect to your corporate network through your home machine, then the company has an opportunity to install monitoring software on your machine or just potentially see what’s going on in your home machine… even though, it’s your home machine.
This is a case where you really need to understand the risks of doing something like that.
Your own computer
Now, the clear case is: if you have a machine at home, you do not use it for company purposes, you do not connect it to a corporate network associated with that company, then there’s really no way for them to get their fingers into it.
Obviously, you want to do the usual good-behavior things, such as staying on top of malware, but as long as you keep your personal and business lives separate, then, theoretically, there should be no overlap. No opportunity for the business to stick its nose where it doesn’t belong.
Next from Answercast 29 – Why does my AOL software crash when I download a file?