Okay.
I just had dinner & chat with my parents. My mom has an issue at work with an employee - she is supposed to apply some discipline to this employee (a suspension) because of certain 'material' found on this person's PC. This person had asked the IT dept. to look into a problem with numerous pop-ups and when they examined the HD contents they found 'materials' on the disk that are , obviously, against policy. I do not know the nature of the material or whether IT dept. have additional traffic based evidence. According to my mom, this employee is outstanding in other respects, and is due to be promoted.
(so I assume it's some kind of porn - my Mom, bless her wont tell)...
I have the following questions & I hope there's someone out there with real xperience with this field...
1. Should this person be confronted on the evidence found on the disk alone, warned, and suspended..?
2. Should this person NOT be warned, but be 'watched'; Change thier ip address and examin traffic to determine what they are doing on the net, and thereby that the material was indeed theirs?
3. Should they be warned AND watched?
4. Assuming this person isn'tt doing anything strictly illegal, and is an outstanding employee in other respects, should NOTHING be done?
I counseled my Mom that any proper IT department would have the capability to look at a given workstation (ip or mac address) and intercept all of the traffic to determine, absolutely what they are doing, looking at, etc.; and thereby build irrefutable evidence. Is this right? How would it be done - ie. would a network proxy have this capability..?
Also, I understand that someones computer could be hacked and zombied, and that a 3rd party could be using that particular computer to do bad things. Could this scenario be detected?? Do hacker's typically do this type of thing?
Last questions: Some of you are network admins.
What types of things do you do to enforce corporate policies regarding internet usage?
What kind of software can be used to track individual users..?
What would you do if this person were your friend?
What if they were your boss?
For any of you with LOTS of experience: What does a typical medium/large corporation put in place for these purposes in this day and age..?
Any input appreciated..!
Thx.
Danimalz