[SomeCrazyStuff]

Looks like we have a full crew on here at the moment.. i see 2 admins, several global moderators, several in geeku.. Hello all xD

Ok I gots a question for whoever has an opinion. I work as a computer tech in a trucking company. I have been having problems with a certain individual who seems to be obsessed with porn. Unfortunately he is a VP and the company is too family based to do anything about it so I can't get the permission to lock down his laptop(or take it away for that matter...). We have, in 3 times past, cleaned up his laptop from porn related malware infections. First time we cleaned it up and didn't notice the porn, 2nd time was the same infections and we cleaned it up and found the porn but the dept. head said to keep hush-hush about it, 3rrd time the dept head had a word with the guy and im sure told him if it happens again we would go public about it...

I am again cleaning his laptop this morning. This time he downloaded a rogue AV program. But he also managed to run MBAM and clean up after himself. He also went through the different places we have found his porn before and cleaned that up. He is not a computer person but is smart enough to hide what he is doing(prolly from experience). Unfortunately, I haven't been able to find anything porn related on his laptop. He went back and deleted logs in MBAM and SAS.. which makes it look like he is hiding something.

Anyone have an idea of how i might be able to catch him without him or the rest of the computer department knowing. Or any ideas of how i might be able to stop him without putting restrictions on the computer. BTW... he has firefox and google chrome's incognito mode to hide behind while on the internet... he was also smart enough to delete browsing history...

Thx in Adv for any and all replies!!

[Advertisements]

Hello,
While you may not agree with what he is doing he is higher up the chain of command than you are so it is not your place to "catch" him or even say anything about what he does.
It is your job to keep things running and provide the best security for the machines that you are responsible for.
You have brought the issue to the attention of your supervisors so now just clean up the malware and forget about it.
I do not agree with what he is doing, and he is risking the businesses data but you should not put your job on the line over this.

[hfcg]

Hello,
While you may not agree with what he is doing he is higher up the chain of command than you are so it is not your place to "catch" him or even say anything about what he does.
It is your job to keep things running and provide the best security for the machines that you are responsible for.
You have brought the issue to the attention of your supervisors so now just clean up the malware and forget about it.
I do not agree with what he is doing, and he is risking the businesses data but you should not put your job on the line over this.

[BHowett]

I agree with hfcg, like it or not he is a Vice President of a small family based business… you will never win that fight, just stick to your job and fix his PC when needed. Now I don’t see nothing wrong with letting him know the amount of risk he is putting the company data at, once a bank account gets stolen he won’t do it again

[**Brian**]

I agree with hfcg, like it or not he is a Vice President of a small family based business… you will never win that fight, just stick to your job and fix his PC when needed. Now I don’t see nothing wrong with letting him know the amount of risk he is putting the company data at, once a bank account gets stolen he won’t do it again

I agree with both of the gentlemen. It is not your job to get after the VP of the company, however, if you are the tech for the company, I believe that it would be appropriate to warn everyone about the dangers of malware and porn.

If the VP puts the company's data at risk, then it is his problem, especially if he is one of the owners of the company. Doing this could risk the data, as well as the bank accounts of the company if there was bad malware on the machine, as Mr. Howett has stated, once this happens, he may change his tune.

I always warn people about things like P2P Programs because of the fact that they can be used to download what seems to be legit. Then, you may find that there are other nasties you run into. If your boss is doing something "wrong", he may get in trouble for it, but as has been stated, your job is to maintain his machine.

I don't agree with what he is doing either, but I would simply continue to do what it is you do, and not risk your job - eventually, what goes around, comes around, so your boss may be sticking his hand in the FIRE, and has not gotten burned, and has been doing this for a while, but he will get BURNED someday when he least expects it - especially if he crashes, and the data is unrecoverable.

Good Luck!!

Brian

[SomeCrazyStuff]

thx for all the replies..!

I think we have a situation adverted though... Boss man gave me the green light on installing NetNanny 6.0. Now, unless he is smart.. we will all get email alerts. Unfortunately all the email alerts go through outlook which also won't go out until he plugs into the network. but even so.. the first time that he gets another malware problem(or anyproblem for that matter) we can run a report from NetNanny and see what he has been up to...

I do appreciate the comments though... You are all right. It is not my place to "catch" him doing something he is not supposed to be. i said that wrong. i meant more of how can I keep him from bringing something into the domain. With avg or similar there is no email notification that the computer has been compromised.. At least with trend micro as soon as he plugs up to the network we get a notification email that his computer has malware on it...

But all is good now. Thx one last time for the advice!

[Troy]

You're the IT Tech... so implement the use of OpenDNS to contribute toward the "security". Feel free to adjust custom settings accordingly

[SomeCrazyStuff]

as much as i would love to do that we kinda host our own dns and I would get shot if i changed it up. well maybe not shot.. but definitely hung.....

excellent idea though..! I did that to my brother at home and he freaked cuz he couldn't get to myspace and facebook. hehe

[hfcg]

When working on a clients machine I some times find P2P programs like limewire or sharebear.
It is not my place to make changes to my clients computer.
I do explain to them the dangers of using a P2P program and that downloading copywrite material is a crime.
But I do not have the right to make changes.

[SomeCrazyStuff]

as much as i would love to do that we kinda host our own dns and I would get shot if i changed it up. well maybe not shot.. but definitely hung.....

excellent idea though..! I did that to my brother at home and he freaked cuz he couldn't get to myspace and facebook. hehe

oops sorry for the double post

Edited by SomeCrazyStuff, 09 June 2009 - 10:27 AM.

[SomeCrazyStuff]

Really? I mean even though it is company equipment? Well luckily enough my boss man doesn't see it that way.. Too him if it is company equipment we can do whatever we want to it (to a certain extent anyways). If we notice a computer has limewire on it it is taken off immediately. we even go as far as deleting anything we know was obtained through limewire. Bit torrent and utorrent too; we don't allow it and if we see it it goes then and there.

Of course our company is kinda screwy because we don't have any kind or contract or anything that we should have and be getting people to sign before they get a company laptop or on any company computer saying that this specific equipment belongs to the company and will not be used for entertainment or la dee da. I have asked before what it would take to get something like that written up and their answer was a legal department. Pretty much you can say the higher ups don't like to change anything if it isn't broken, even if it is only cracked and has potential to shatter it is left alone until it starts to rattle apart. And noone has the guts to tell a higher up no.. If we can't make the executive side follow suit then what can we do to everyone else? nothing.....

[Troy]

Start writing one up - that's my suggestion. I don't know much about the background workings of P2P, but maybe you could block some ports or something?

[dsenette]

as much as i would love to do that we kinda host our own dns and I would get shot if i changed it up. well maybe not shot.. but definitely hung.....

excellent idea though..! I did that to my brother at home and he freaked cuz he couldn't get to myspace and facebook. hehe

i host my own internal DNS as well....and i use open DNS (and a barracuda webfilter....and some other things that no one knows about besides me)...all you have to do is remove all forwarders for unknown domains from your DNS server (for the * domain) and replace them with the OpenDNS server ip addresses....then make sure that the IP(s) that your internet traffic come from are listed in openDNS as filtered domains.....alternately if you ONLY want to filter HIS access with openDNS you can install the OpenDNS updater on his computer and set his "network" to be filtered...then OpenDNS will apply your rules to his laptop no matter where it connects from

Edit: also....since it's company equipment...it doesn't matter who the person using it is (VP or otherwise) you have the right to apply all company policy to the device at any time in any way you see fit...if company policy states that no porn is allowed...then you have the right to do whatever is needed to enforce that....of course this assumes you actually have an acceptable use policy....if you don't...you need to get one

[Elliot]

I have asked before what it would take to get something like that written up and their answer was a legal department.

They could also eventually end up with sexual harassment charges should this become more prevalent. At some point, somebody may be extremely offended by what they see on the computer (or what they are removing) and file a claim. Then it would definitely be out in the open. I've seen it happen before, it can happen anywhere. NetNanny is a start, but as the IT department, you should really impress upon your employers that the restrictions should be put into place in order to protect them down the road.

El

[diabillic]

An acceptable use policy would probably be your best bet as dsenette said. And he has to follow it if hes using company property, regardless of who he is.

Heres a link to a document with some templates if you choose to do so: http://www.first.org...es/guides/#bp24

[SomeCrazyStuff]

Edit: also....since it's company equipment...it doesn't matter who the person using it is (VP or otherwise) you have the right to apply all company policy to the device at any time in any way you see fit...if company policy states that no porn is allowed...then you have the right to do whatever is needed to enforce that....of course this assumes you actually have an acceptable use policy....if you don't...you need to get one

Thanks you very much! That is exactly my mind set... if it belongs to the company then it is my job to make sure that it is secure and everything on it is done right. Allowing people to go where ever they want is not only a security breach but also is against my role in the company. VP or not he shouldn't be going to porn sites on company equipment. We aren't asking him to stop porn altogether; just asking him not to go to it on company laptop regardless of where he is.

They could also eventually end up with sexual harassment charges should this become more prevalent. At some point, somebody may be extremely offended by what they see on the computer (or what they are removing) and file a claim. Then it would definitely be out in the open. I've seen it happen before, it can happen anywhere. NetNanny is a start, but as the IT department, you should really impress upon your employers that the restrictions should be put into place in order to protect them down the road.

Unfortunately the only people that are cleaning up his messes are myself mostly and on occasion my boss, who is still under the dept head. I have had a past in porn myself and seeing it doesn't offend me at all.. i don't care for it anymore, but it isn't something that i find offensive. Boss man just says there isn't anything he can do to stop it with the given situation and people involved.

I am going to see what i can get done about getting a policy written up(or borrowed from another company) that we can deploy and adopt. Hopefully if I can get one written up that is suitable and legally binding then the executive side will agree to it. I am afraid that without such a document I won't be able to step any further....