How does the employer read your correspondence?

Whether it is possible to follow people, how it is done, and how much of a law it is, we will talk about all of this today


One in three companies reads employee emails, one in five monitors what sites they visit, and one in ten monitors messenger conversations, as employers often want to know what their employees are communicating about and often wonder how to check someone's snapchat to keep up with everything. Even not very wealthy organizations have tools that allow them to monitor everything that happens on employees' computers and mobile devices in real-time. It doesn't matter if they are official or personal gadgets. There is only one exception - cell phone conversations. But technologies that would allow their interception is already being tested. 

How are they tracked?

Software that monitors employees and controls their actions makes information immediately available to the employer - it is not stored in any encrypted form. Such software operates locally and is not connected to operators or providers.

First, so-called agent programs are installed on computers and read keystrokes, take screenshots, and record all Internet traffic. Hundreds of such programs are on the market, as they are relatively easy to write. Here are a few examples.

PC Pandora - hides in your system and monitors your entire computer and all Internet traffic. It takes screenshots, captures keyboard input, and actions on visited websites, monitors email and instant messengers, and collects much other information about the user's activity. The program has no folder in which it stores its data. Everything is loaded into the operating system, and each new installation on the same or a different computer is done with unique file names.

Micro Keylogger is a spyware program that is not visible in menus, taskbar, program control panel, process list, and other places on your computer where you can monitor running applications. It does not show any signs of the presence and does not affect the system's performance, and it secretly sends a report to your email or FTP server.

Second, there is DLP (Data Leak Prevention) - technologies for preventing confidential information leaks from the information system to the outside world (and technical devices for performing this task). DLP systems analyze data streams that cross the perimeter of a protected information system. If confidential information is detected in the flow, the active component of the system triggers, and message (packet, stream, session) transmission is blocked.

Such solutions control the flow that enters, exits, and circulates in the perimeter. Now we are talking about office space. Physically, it is a regular server (or a group of servers) that analyzes all office traffic. DLP systems use packet inspection technologies (DPI) to read message headers that say who the mail should go to and all transmitted data in general.

Such systems usually operate in two modes: monitoring and blocking. In the first case, the system monitors and sends suspicious things to the employee in charge of security, and he reads it and decides whether it is good or bad. The system is set up in the second case to block certain things. For example, all messages that contain medical terms - medical dictionaries are loaded into the system for this purpose. Or all announcements contain passport information, credit card information, and any terms you can imagine. You try to send a message with words that the security policy won't allow, and you don't have that message sent.

Finally, special programs prevent you from moving files to any medium, whether a thumb drive, a hard drive or anything else. Most of the time, such programs are part of a large security system and modern DLP solutions. Usually, protections are combined because no single one protects against all threats.

Can an employee detect surveillance? 

With sufficient skill, an employee can detect spyware agents or anti-transfer programs on media that are installed on a computer. They do not, of course, lie in the folders where the programs reside. But if the worker is competent, he can find them.

There's no way the employees can detect DLP because the systems are not installed on the computers; they are on the perimeter. If you want privacy, the only option is to use the phone in the office for personal correspondence and not to connect it to the company network.


Read more