PCWorld Forums: 7 Things Your Company's IT Department Doesn't Want You to Know - PCWorld Forums

Post your comments for 7 Things Your Company's IT Department Doesn't Want You to Know here

Many of the methods suggested here may also be prohibited by company policiy and the law. Technical workarounds are not legal workarounds, and some cases, such as saving documents in outside accounts, may violate confidentiality agreements, privacy protection laws, or even securities law.

Policies put in place by the IT department are largely requested by the HR or Legal departments, not arbitrary rules imposed by IT technocrats on a whim.

Workers need to realize that companies are fully within their rights to monitor workers while on the premises or using company-supplied equipment. This may include and is not limited to key logging, archiving personal documents or photographs saved on your work PC, recording phone calls, taking periodic screenshots, or video surveillance.

I am shocked that PC World would publish such an irresponsible article without any explanation of the possible legal risks involved, or even a brief disclaimer to consult your company rules.

I agree with you there Takatori. What a useless article this is!

I am a network admin at my place of work and I have caught many people trying some of these very same tactics. The user aggreement specifically states that these kinds of methods can be grounds for termination.

Yeah, sure go ahead and get around the security measures in place chatting with your buddies or using unauthorized flash drives, etc. We IT/IS peeps put those there just to annoy you!

Give me a break PCWorld.

Aren't these alot of the same items recently published in the Wall Street Journal? Seems to me that this article is a lesson in cheating legitimate company security measures.
While I am no longer a net admin, if I were, this would be a slap in the face to me, a direct affront to my ability to do my job.

I'm in the IT business in a way. I can tell you that some of the things listed here are bad advise....really bad. I personally know someone that spent 6 months in jail, not too mention other ramifications, for using one of the methods suggested in this article.

I could end up in prison doing some of these things...literally! I agree with most here. There are reasons why certain things are blocked. Do you know what the biggest threat to a computer system is? The user.... There is a difference in needing to be able to do something and wanting to do something. If you need it, the IT department can work with you. If you just want it, then you're SOL. Go work at home....

This is irresponsible journalism! As posters previous have mentioned, there are REASONS for the blocks and quite probably legal ramifications for circumventing the rules. When I worked IT Support, many of the biggest headaches were caused by people who fancied themselves technically proficient and caused problems instead of working within the rules to get the access or changes they desired. I've known people to be disciplined and/or terminated for elevating workstation privileges, working around web fitering, circumventing file size limits, etc.

This does bear a distinct resemblance to the WS J article from July 30 of this year. That article was better in that it provided more explicit descriptions of the risks involved in these strategies, and ways to mitigate them. What both of these articles point out is that for better or for worse, users are living on the network in both their work and personal lives, and expect personalized, customizable, boundary-free access. This may not be a reasonable expectation from the employer's perspective but it is certainly how a lot of people behave. I think IT departments need to work on this from both ends -- user training/awareness and systems that achieve needed levels of security in a way that is transparent for users. Whether web access makes people more or less productive in the first place is a subject for managers & will vary widely by job.

"What both of these articles point out is that for better or for worse, users are living on the network in both their work and personal lives, and expect personalized, customizable, boundary-free access."


There is a big difference being on a network at home and being on a network at work. At home, you pay for your connection. At work, your employer pays. Your employer just allows you it's use. If you do something stupid at home and get a virus, you affect your computer. You do something stupid at work and get a virus, depending on the size of the network, you could affect 100's of computers. The files on your home computer are yours to do with however you please. The files at work belong to the company, and sending them could have security and legal ramifications.



You are paid to work. You are given rules and guildlines to follow in order to be able to work there. You want personal, customizable, boundary-free access....don't get a job. I'm not saying this to be rude. I work in a place where the USB and CD ROM's are disabled on ALL computers, all attachments on out-going/incoming emails are monitored, and 95% of any website you might want to look at are blocked. You know what though....I can still accomplish my job. I've been hearing about not opening attachments from strange emails, spyware, trojans, keyloggers, and this bad stuff for years.....just like everyone else in the world. We've all had 'training/awareness' and yet people still make the same mistakes. The employer is doing nothing more than guarding their assests. What would you do if it was your company?

Don't get me wrong, Joker, I agree with everything you're saying. I am simply observing how a lot of people approach the web environment.

FWIW though I think you might be overestimating the effectiveness of training & awareness about good network practices. I am in my 50s and work in a university setting. Our students arrive with many years of experience in the consumer computing environment with all of its pitfalls, so these are the habits they've developed... again. for better or worse.

Good point adrewb823.
I wasn't overestimating the effectiveness of training...I meant it sarcastically lol. You could train someone all day on something, but some habits are too hard to break.




I just don't think PCWorld should be posting ways for people to try and circumvent IT-related rules and policies. Phrases like this 'unapproved but legal and harmless software' are misleading. How is the editor to know if some software is harmless to a particular network? The editor says it himself...'To guard your organization's PCs, data, and bandwidth'....and yet he tells you ways to circumvent that guard. Smart....really smart. I wonder if he ran this article by his IT buddies down in the basement guarding PCWorld's network. Wonder what they think? They probably read this article and started ensuring that none of these workarounds will work on their network lol.

U3 is a major security risk. It has VERY low level access, possibly even below the OS, much less any security systems running.
Just what your company's IT department needs. A bunch of idiots plugging in their U3 drives running god-knows what.

Wow...PC World. Are you TRYING to get people fired? Or just get the next "Company X was hacked today and x number of people now are at risk for ID theft" headline to come out?
Your intro says it all
"IT staffers have good reasons for restricting your use of company systems. To guard your organization's PCs, data, and bandwidth, the pocket-protector crowd may frown on IM software on company PCs, ban unauthorized software use, and limit transfers of large files."
At one point I worked in IT and we had a problem with CD-ROM drives-people would put their (audio) CD's in and listen to them. Along came rootkits and "custom-made" (read: home-burned) CD's...So what did we (aka me the IT gopher) do? Disabled all CD drives on the floor. After a few complaints of "I can't listen to my CD's now!" I kindly asked the floor manager to post a sign "These computers are SourceCorp property, if you want to listen to music-buy a damn CD PLAYER! Anyone found tampering with the new machines...

...will be immediately terminated!"
Bottom line, companies exist to make a profit-NOT SERVE THEIR WORKERS! They put in place the policies that have the most restrictions but still allow only the work that needs to be done for SECURITY and PRODUCTIVITY reasons!
It would be oh so ironic to see PC World get sued because its "tips" helped compromise a company's large network and led to a massive virus/malware/crash/data loss problem...think then publish please!

I'm in agreement with all that everyone's said. I don't think it was wrong that PCW published this but I was chuckling at the title of the article - I didn't realize as an IT admin I was hiding these "7 Things" from my users. For each of the "7 Things", if the usage is legit, I would be glad to work with the user to do their work. If the usage is not legit, that's a different story.
While I wrote the company's Acceptable Usage Policy, it was mandated by HR and approved by the senior managers. The AUP is specific on what users can and can't do on company equipment. But, I normally turn a blind eye on users going to YouTube, MySpace, MLB, Facebook, etc. even though the AUP restrict these. It's not as if I'm trying to police all aspect of user's activities. But, if I notice some guy transferring 2GB of photos he took over the weekend and loaded on his laptop to send to his buddy via YouSendIt, I will report that activity to management and most likely, the user will be terminated.

The google theory does not work. Google does not support English to English translation.

The whole country complains about prices etc and they don't even realize that the cost of labor is a big part of all companies cost. Computer services get restricted mostly for the cost issue. I get so ticked about the rights of people to surf at work. What this article does is condone it and yet say it is a legal way to get around the ban. Legal when it is against the company policy, sure !

What a company should do is set up a few computers in the lunch area and charge the people to use them. THERE IS NO FREE LUNCH ANYWHERE, so pay your way and do your surfing and private business at home and SHUT UP and some large firm should launch a lawsuit against PCWorld, oh I forgot, it isn't illegal to be stupid yet

It seems all you folks are wound up a bit to tightly. This article is useful in that it does show some resoucefulness in getting around in a somewhat safe manner.Be they hidden or not. Internet access is a cost of doing business these days and companies have to learn to accept this in a small way.Be liberal but be demanding of certain rules to keep the network and systems safe and free from harm. Why is this difficult!! They need to get in the habit of allowing internet use in a safe and responsible manner instead of totally restricting it. Sure there are certain sites you just don't need to get to at work, Facebook, You-tube, porn, etc. you know the ones, block 'em. But you also have to teach users how to responsibly use these resources and they will.Have any of you so call admins ventured out on the instructional limb to your users to create less work for yourselves? Hamstringing PC's or Sitting in a darkened room in front of a monitor ready to rat on someone ain't the answer.

Most comments are from IT people who seem to want to save this and that. The fact is that many just enjoy the control. Quick thinkers need to be able to get out of the box a bit and IT wants them in the box. Prisoners cause less damage than free persons.

Sloop is right but then how come the ones who get caught breaking the rules are the biggest whiners ? Duuuhhhhh

It is telling that only IT folks wrote in to criticize the article. Centralized IT power was supposed to be broken by the PC revolution. We were all "information workers." Guess we know who won that battle?

For example, our organization cannot get IT not to cut off the email accounts of customers -- but we created accounts for them because IT insisted that for security we could not correspond with clients at their regular email, only from our servers. So having customers not on our servers is unsafe, and having customers on our server is a security risk. Not to worry, we won't compete for customers long if we keep this up. And who do we cut off? Customers who have been out of touch -- can't get more orders from people we can't contact, especially when we won't let them contact us!

Reminds me of my former boss who prohibited customers (and most of us)from using the elevator to our new offices because "they'll wear the buttons out." If only. . .