Working from home: how can I tell whether the boss is spying on me?

For “reasons”, I’m curious about:

(a) How can I detect whether key logging software or some other activity monitoring is occurring on my work laptop?

(b) How can I detect whether the camera or mic are, or have been, remotely activated outside Teams calls or similar?

Just take your tinfoil helmet off then ask yourself the same questions 😉

Personal device or work? Windows or Mac? What does your contract, or more likely your IT Use Policy say about surveillance?

Because it would be illegal?

@Binners  ?<thumbs up emoji in case the real one doesn’t work>

(I’m about to quit work and I don’t think the boss is gonna be too happy, and I’m  wondering whether he might have any “leverage” to persuade me to stay.)

I have a work provided Windows 10 Pro laptop and I’m generally using Office 365 products.

I can also access my work email using the Outlook Android app on my personal phone, plus MS Teams and some of the Android Office 365 apps/One Drive also run on my own phone. I WILL be un-installing all that before I break the news….

Camera is dead easy to solve – just cover it physically…

‘Reasons’ tend to be a guilty conscience as you aren’t actually working…if that is the case, then do more work so you don’t feel so guilty.

Less serious answers, absolutely no idea how you would tell without giving away you are trying to find out, so just assume they are spying, but also assume they are too busy to check unless you give them reason to check i.e. you are much less productive than previously.

Persuade a carefully selected colleague that there is absolutely no monitoring and so just crack on and do what they like. Wait 3 months and see if they’re still around ?

Look behind you – is he there?

I’d ask why you’re curious, keyloggers tend to be a no-no, but some small companies have had this issue arise, there’s more ‘normal’ ways the boss can keep an eye on you, such as targets, accessing teamsite information, meeting durations on teams/skype/etc and so on, the camera/mic thing would be grounds for your boss to be sacked though, so doubt that would occur!

Interesting. Am I right in thinking that you are about to quit, but you are worried that something that you’ve done on your computer may give your boss the leverage he could use to force you to stay?

so you’ve not been skiving. What have you been doing?

so you’ve not been skiving. What have you been doing?

I spend a lot of time “researching”, err, on Singletrackworld (though I’m not stupid enough to do that on my work laptop) 😉

Basically, I work for a small, privately owned, IT company and report direct to the company owner and I’m getting more and more fed up with the direction (or, rather, the lack of….) the company is (isn’t) going in. And I’m getting more argumentative with him and being effectively side-lined as I’m not a “yes man”.

So “creative differences” sorta and I have zero motivation.

So I’m either gonna be made redundant (best outcome for me), fired or I quit. And I’m just wondering how I find if he has ammunition to use the “fire” option as I’ve not had any formal or informal warnings about my work (or lack of…)

Start wearing t-shirts with ‘messages’ on them like, “**** off Kevin*!” or “Kevin* likes pegging”.

*Or what ever you bosses name is.

All companies can tell what you are doing on their devices. Thinking they can’t/don’t is naive.

DWP used to take random screenshots of what staff are doing – only the data security folk could access it. I may have had to explain why STW was open in the background on in a gross misconduct hearing a few years back courtesy of HMRCs internal security team.

How long have you worked there? Were there any monitoring systems that you were made aware of? Be clear that being made redundant and being fired are very different things and, depending on length of service, could have very different outcomes.

TBF, and I could be very wrong, your language does come across as confrontational and perhaps that is contributing to the situation…

I’m about to quit work and I don’t think the boss is gonna be too happy, and I’m  wondering whether he might have any “leverage” to persuade me to stay.)

Go full Fight Club

And, as it’s coming across, you couldn’t GAF, I’d suggest the business owner should be putting you on a performance review and, if fewer than two years service, wave goodbye with little benefit to you.

How long have you worked there? Were there any monitoring systems that you were made aware of?

18 years and no, I’ve not been made aware of any specific monitoring

Be clear that being made redundant and being fired are very different things and, depending on length of service, could have very different outcomes.

Exactly. Hence why I’m asking!

your language does come across as confrontational and perhaps that is contributing to the situation…

I don’t deny this and, frankly, if I could engineer being made redundant then I’d be happy. But equally, if they fire me, I couldn’t really give a toss either…and I may preempt them by just walking (I hold the cards here. I’m the longest serving employee after him and his wife/CFO and theres a lot of business knowledge I’ll be walking away with…)

I’m still curious though 😉

And, as it’s coming across, you couldn’t GAF

Correct and you wouldn’t believe how wonderfully liberating it feels!

Right now it sounds like you should walk away and let the small business do what they do and not worry about having to pay off a long-serving employee at huge cost. They probably could find a replacement at less cost and with less headaches.

Yes, I’m a business owner and yes, I’ve been there.

Be a grown up and act like one FFS.

Have a tommy tank over pics of the boss’s missus at random times of the day in front of the laptop.

Is this all while WFH, or on site? If the latter then they should easily be able to monitor any and all sites/IP addresses you’ve been accessing.

If you’ve been skiving, why would he want to leverage you to stay…and how would he achieve that other than threatening a bad reference?

Do you have benefits or something that could be withheld when you leave?

Allow me to elaborate on my earlier brief reply.

It is perfectly legal for an employer to monitor an employee’s email / web browsing habits.  However, they have to notify staff that they are doing this, they cannot do so by stealth.  So if, as a random example plucked completely randomly at random, you’d been stupid enough to use the work laptop to download porn then they would be unable to act on that without opening themselves up (so to speak) to legal repercussions.

In any case, an employer cannot just wake up one day and go “I think I’ll fire Brian this afternoon.”  This isn’t the US, you have rights and there is process to be followed.  If they’re letting you go after 18 years I would be expecting a very golden handshake.

threatening a bad reference?

… which would also be unlawful.

Professional references these days are little more than “I confirm that Brian worked here for 18 years.”

DWP used to take random screenshots of what staff are doing – only the data security folk could access it.

That sounds both implausible and wildly inefficient.  I can see however why it would be beneficial to have staff believe that’s what they were doing.  See also: TV licence detector vans.

Thanks Cougar but (bit of a curveball), I’m not in the UK (or Europe for that matter).

😉

Outside or any moral/legal justification or otherwise, are they any Windows settings I can look at (or folders in the Program Files directory) which might indicate keyloggers and camera/mic overrides are in place?

For context but not really relevant to my technical question (STW discussions always go off at tangents at the earliest opportunity!):

(a) It is HIGHLY unlikely I can somehow wrangle even a moderately “large” pay-off but being fired would prevent me getting (modest) government benefits.

(B) I’ve been paid below market rates for many years. In fact, I haven’t had any sort of pay raise for at least 6 years (I’m not  motivated by cash) so firing me and replacing me WILL cost the company more money as they won’t be able to hire anyone with the equivalent of my current salary.

(C) I “skive” because of lack of resources. The boss simply will not concentrate on delivering a reasonable number of projects properly and always stacks up more (mostly half-assed) projects than we have resources for. Hence, i have some periods of time where there are no developers to work on “my” projects. He is incapable of sticking to any plan (he has lots of plans and they change every day. And different employees are told about different plans on different days)….

Anyway, up til recently, I’ve been sanguine about most of this shit but something needs to change….

You can be fired without cause where we are vlad, so leverage is useless.

Keep skiving and start looking elsewhere?

Keep skiving and start looking elsewhere?

Retirement beckons 😉

If it’s a company managed laptop/pc, and you’re dialling in via VPN, then they can pretty much monitor whatever they want, whether you know it or not, unless you physicaly turn the device off.

Legality aside, that’s the top and bottom of it.

Fortunately, I very rarely need to use the VPN. Most time (99%+) I’m NOT connected to the VPN…

He or she might be on here without you working out their nom de plume

And I get roasted when I dare to suggest that some WFH’ers might not be pulling their weight.

You sound like an asset that will be sorely missed, do yourself and your boss a favour and just leave

Not to disagree with the ‘sound like a bit of a PITA employee’ comments, and also noting the OP is not UK / EU, however as STW is one of the worlds premier reference sources, some info from my experience.

IANAL, but as a former manager in a large UK/US company we frequently had an employment lawyer come and talk to us about aspects of employment law in the practical setting.

Yes – they can spy on you but it has to be overt (you must be told they can/will; likely to be in your contract or policies). And it has to be for appropriate purposes, eg: checking up on slacking, not to see who you might eg: vote for.

Yes – they can fire you for inappropriate use of work resources. What this means is harder to define but a good company policy will probably have some guidance. If it’s illegal, for sure; if it’s in certain categories (eg:porn – not strictly illegal but) – but noting a good company would probably have such categories blocked; and if it’s getting in the way of you delivering work.

This third bit is tricky – if an employee can do all their job entails and have STW on as well, then does it matter? If they’re spending three hours a day on STW and failing to meet their job needs a different problem. You might argue in the first example then they should be going to the boss and seeing what else needs doing, but that’s a grey area, are you employed to do a job or do 7.5 hours? (Bear in mind if you’re a 9-5er and out the door as the bell goes)

The point she raised is that unless it’s gross misconduct – porn’s the usual thought but eg: running a business on work time, particularly a competing one / using the work server to do it (she had a real example of a designer doing this!) probably reaches that threshold. IDK even there – at the time we had these talks Vinted and Etsy weren’t really a thing, does checking how your Vinted is going count as running a business? And the second key thing is that people need to be treated fairly – I’m big on fair doesn’t always mean equal, but in this case it possibly does.

So – you’ve been pinged for overuse of STW in the daytime and not getting the work done. What can they do? Her advice would be to not make it about the websurfing, make it about non-performance in the role and use performance management to get that dealt with, as part of which comment on the time spent surfing could be appropriate. But you’d have to do it by the usual processes of verbal, written, final, etc. as per co policies.

Her point was that if you make it about the web use only – then the issue is that you can’t really justify different treatment and a reasonable counter would be that presumably everyone that has been doing some web surfing is getting the same meeting and verbal warning. So overall using the web usage as a means to get rid of someone you don’t like / is a PITA* is not easy to justify in that context

* I know you can’t just get rid of people you don’t like, but in the real world there’s ways – this isn’t a good one though.

There is plenty of software available that will grab screenshots which can be triggered by entering key words from a list and then email that to person/s responsible for this kind of monitoring. Used a lot in schools for safeguarding/IT classroom management. Google “NetSupport” for example. You’d likely see an icon for the client in the taskbar though and NetSupport is not designed to be covert.

As above, in the UK you cant legally directly monitor an employees PC without them being made aware

If they did, there’s be no legal way of using any information gained, however, the person illegally monitoring it would still use it for any consideration over decisions regarding your employment

That being said, most stuff is logged in someway in a modern working environment, web traffic is logged on firewalls, PC event logs, even office 365 itself monitors and logs file usage. None of these are particularly useful to see what you’ve been doing all day, but the firewall will likely give a decent indication of how many times a website has been accessed etc.

Can you see if any software is on the machine itself? well, that would depend on if you have admin rights on the machine, and are IT savvy enough to investigate. There wouldn’t be a hard set of rules on what you should be looking for, maybe a suspiciously named process? well there are literally 100’s of processes that can be running, and you’d need to be pretty familiar with them or you’d need to research each one. likewise an unfamiliar folder on the local drives, again you’d need to be familiar with the typical folder structure on a work PC.

I’m 1 of 3 admins at my work, i have top level access to everyone in the business, I still wouldn’t do anything on my work PC that I wouldn’t be happy standing in front of one of the directors and discussing

Does your company have an internal company document(s) which outline company guidelines, such as working hours, sick maternity pay, minimum redundancy and an IT policy? If it does they may be a blanket clause in there that informs you they reserve the right to have unlimited access to company IT equipment including monitoring.

Not as as invasive, but I have heard that companies can quite easily compile simple activity logs through Teams for specific employees. But that only really means anything if you are required to be constantly logged into Teams on a company PC during working hours.

Yes, I’m a business owner and yes, I’ve been there.

Be a grown up and act like one FFS.

He’s leaving…… What more do you suggest he should do as a grown up ?

Thanks Cougar but (bit of a curveball), I’m not in the UK (or Europe for that matter).

Ah.

Outside or any moral/legal justification or otherwise, are they any Windows settings I can look at (or folders in the Program Files directory) which might indicate keyloggers and camera/mic overrides are in place?

I would expect that if such software were installed then either it would be obvious (eg, an icon in the system tray as someone else said) or, by design, very difficult to find.

That said, if I wanted to know what web sites you were visiting I’d simply route your traffic through a proxy server or firewall. If you “very rarely” connect to the VPN then I would suggest that you’re probably worrying unduly about your company’s approach to security.

Start wearing t-shirts with ‘messages’ on them like, “**** off Kevin*!” or “Kevin* likes pegging”.

*Or what ever you bosses name is.

By the way Ads, i forgot to congratulate you on your 5 years with us.

He or she might be on here without you working out their nom de plume

Yep, we had a junior dev do a lot of moaning on a forum that someone was on 🙂

That sounds both implausible and wildly inefficient.

Of course it was inefficient, it was DWP.

I had to have a conversation with a member if staff about some naughty talk she’d had via email, though probably picked up by a filter rather than random screen capture.