How would you deal with this...

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hello, would appreciate your thoughts on this.

about a year ago i discovered my boss was organising "night-time entertainment" using company servers (for what reason he chose the servers i do not know) for his trips to other branches using the admin account as it has full access to the internet. I decided to disallow full access to the internet for the admin account, hoping this would make him realise i was aware (only two of us in IT)

When questioned about why admin account no longer had full access i explained it had been used to access inappropriate sites. He called back later and apologised.

As only use two have access, i alerted a friend from the company, just to cover my own back should anything ever get pointed at me.

I thought that would be the end of.

This continued, however i chose not to act any further.

Now for the next part: We have all our emails from every user forwarded to a journaling mailbox. This is for off-site archiving. It has come to my attention he has been using the besadmin account (has access to all mailboxes) to access this journaling account, and read through any emails he so desires. All emails enter the deleted items folder as unread, when investigating something a while back i noticed some appeared read. Didn't look into it further until recently when he has made comments seemingly out of the blue, but which were referred to in my emails.

I have been able to establish, he has a mail profile (in addition to his own) on his PC for the journal acct, and when it requests authentication (as he is logged onto PC with an account without the required permissions) he used the besadmin credentials. As soon as he is finished he empties the folder (something we have a recipient policy to do automatically once a day).

On top of this, he is not competent. Basically he has worked here since the company opened an office with just a handful of employees, and was on his own until i joined over a year ago. Without going into too much detail, he doesn’t know basic IT, for example he recently asked me what our primary smtp server was. He could never join another company and get a similar position, as this would be seen through.
How would you guys deal with this situation? I’m came here fresh from uni, and don't know how best to deal with this while protecting my job and/or future jobs if it came to a situation where i told someone as how could i carry on working with him (its hard enough as it is). I could leave, but then theres the explaining to future employer.

Any advice folks?

Thanks

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

i'm inclined to just say join in with him.. snoop on emails, open up game servers, ventrilo, run torrents off the server etc etc

then when you finally get bored of it, do something which will get these factors looked at.
delete a few emails, then when people ask you to recover them, you say 'well it was deleted by somebody with access but it certainly wasn't me... the time in which it occurred was blah' then he might speak up

stuff like that or even make him look silly, if the server isnt a dhcp, make it a dhcp with a totally diff subnet
then ask him to fix his broken network, when he can't fix it and yuo get recognised, who knows!

just make sure you remember what you do :P

haha [/fantasy]


for the record -> my post wasn't an actual direction of what to do.. do not do it! I was merely adding some light humour
this can be seen by my fantasy close function

 

Err, I wouldn't "join in" - no point in incriminating yourself as well.

The emails are the property of the Company if transmitted using their systems.

Is there anyone in "management" that you know well enough to have a quiet word with ?

In the past I have experienced this sort of thing at a client's site and made the Company Secretary aware of it informally. The MD was then informed and the Company sent out a clear directive to all staff (including IT) and then did some checking up (via me). THEN it's not a problem to "catch" the person as you have been corectly instructed to do so.

All IT staff have a responsibility to ensure they are familiar with data protection requirements and security matters - he could be reading sensitive company info and passing it to a rival company for all you know (extreme example).

Get it sorted ASAP as quietly as you can.

 

That's what I would do.

I've experienced this stuff aswell, you're not alone toiling .

 

Thanks for the replies,

There are a couple of people i could speak with, all however who work closely with him, and who i am worried how they react.

Say they did take that option of sending out an email to all staff, i'm sure he would become very intrigued as to why this email was sent out, and presumably would start lookng at me, making a difficult working relationship even more difficult. Then theres the question of proof, how do i prove it, without just physically looking at him do it? what if they don't believe me? then it is completely obvious i am "snitching" and we would then not be able to work together. Who they going to get rid of, me or him? How do i expectto get anothr job if my previous employent ends abruptly and i have no reference?

Currently sitting here awaitign his afternoon snoop.

 

I wouldn't go collecting any evidence.

If you don't know anyone well enough in a senior management role within the company then go to the most senior that you have at least a nodding acquaintance with.

You don't have to drop the guy in it; just point out to the person that access to the journal is possible and that you think someone could do it. Let them lead and , if pressed, then you can explain what you have seen.

At the end of the day you work for the Company and have it's interests at heart.

 

why dont you have a 'hypothetical' conversation with HR regarding the matter. Ask for their advice on what you should do, if you discovered someone performing activities like these, even if you didnt have solid evidence tying them to the act.

 

His afternoon snoop? Explain please.

In all honesty, how you're working relationship changes isnt a factor in this, if hes breaking the rules, then tell someone also I advise you to refer to you're companies policy on this.

Either way, you CANNOT lose you're job if you have done nothing wrong.

Take the plunge mate, everyone here can see from what you've said that you havent done anything, it's him.

Let us know how you get on.

 

Problem with that is i imagine they would just say speak to **** and sort it, or he will ask who can access, and when i say me or ****** i expect they will just say well your IT etc etc....

Thanks for the replies guys, appreciate any thoughts on this!

in the past two days i have been paying attention to it he has been on 7 times. (unless i missed any)

 

logging into the account. he's just been on.

 

Daniel - sorry to say fella, but you are wrong. From the sounds of it, this is a small company - probably with bugger all clue about IT. I guess this chancer was lucky enough to get the job originally and has continued to baffle the non-technical peeps with science over the years when things have gone wrong. He's probably hired in outside consultants to do anything that required even the slightest use of a braincell and, when things got too hot, he probably moaned to someone that he 'had to do all the IT on his own' and got Toiling in as a result. Now Toiling does all the work, he doesn't pay for nearly as much consultancy as he used to and can point to this as 'proof' that he's running the IT department on a tighter budget than ever.

If this sounds familiar to anyone on here, it will be because they, too have worked in environments just like this. In truth, more than half the small businesses I have worked/consulted for are run in the same way. Unfortunately, just hiding behind the Shield Of Righteousness is NOT protection against losing your job. Pound to a penny this slime will have 'friends in high places' who would cover for his arse in the tightest of spots especially since he probably has dirt on all of them from reading their emails over the years.

My advice is to be very, very careful with this. The HR department may well not be very professional either (why should they be - it sounds like no-one else there is!). It might be worth you taking some independent legal advice about your contract and what protection you are entitled to. Personally - and I know this is probably not what you want to hear, especially in this economic climate - I would think about getting the f*** outta dodge. If I was in your situation I'd leave - no question about it.

 

Ok, bit of lateral thinking here then :

Why not go to HR or management and ask if there are any company policies on use of IT. If asked to give example say things like users loading own programs on, checking of files brought frrom home for viruses and accessing other peoples email such as those of management. When they ask you why you can say that it's a wise thing for all companies to have if they haven't. If they do have procedures then you can ask if they apply to IT staff as well as they are obviously involved in "securing" systems. You could also ask about staff using computres for their own use e.g. checking personal emails online etc.

Onc eyou know how the company stands on the issue then you'll have an inkling of how to act i.e. reprot the guy and you're just doing your job or just keeping your head down.

 

Wasn't anything bad he said, he just brought up something out of the blue, which i had been discussing (work related) with a collegue via email. that set alarm bells ringing.

Appreciate all the advice so far guys.

Zeb, i swear, have you worked here at some point? you pinpointed everything to the letter (other than he didn't actually request help, it was thurst upon him by management, and from what i have heard, he wasn't best pleased at having anyone else. (this is how i felt before it was confirmed to me by other staff).

At the minute i'm going to leave it over the weekend, no one senior in at the minute, plus want to think it all through. Very worried what kind of effect this could have on my future career.

If you guys have anymore thoughts/have a chance to speak to anyone in your company about this i'd be extremely grateful of all opinions.

again, THANK YOU

 

Ah, forgot the fact that its a small company, but nether the less, surely they comply with verbal warnings, written warnings, etc.

 

We need to bring in Magnum PI. Nah serisouly be careful and follow the advice given here, but I repeat carefully.