1 In 3 Sysadmins Snoop On Colleagues

klubar writes "According to a a recent survey, one in three IT staff snoops on colleagues. U.S. information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 percent said they had accessed information that was not relevant to their role. Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?"

No Ethics

It's a damned poor state of affairs that so many people put in that situation of trust betray it.

I've been a systems admin for the better part of a decade, and the only time I've ever accessed the company's assets are when it was warranted.

The same goes for user files. I'm not going to snoop through other people's files. Really, I don't care what boring files you keep, just that they don't fill up the partition they're sitting on.

Do that, and suffer my wrath.

Re:No Ethics

the only time I've ever accessed the company's assets are when it was warranted.

I've looked through your log files, and I think you're lying.

Re:No Ethics

Humans are curious by nature.

If you forbid someone something and grant them acces to it 9 out of 10 people *will* take a look. Combine that with the powertrip most people get when put in a control position it get's to good to bet let alone.

For those reasons alone I never trust any sysadmin anywhere, period.

At work or anywhere else I simply asume some admin will read my email on a bored day and I simply asume he will browse through my files the other day.

Re:No Ethics

Maybe I got snooping out of my system early enough, before I was an admin. I just don't even care what my users email about. I'm too busy actually fixing things to care, unless something breaks.

Maybe I got snooping out of my system early enough, before I was an admin. I just don't even care what my users email about. I'm too busy browsing /. to care, unless something breaks.

Fixed that for you ;) Not that I'm any better, mind you.... :P

Re:No Ethics

I have to agree with that. Sure, I could look at my user's files, but why would I want to? There's no doubt that I'd see things that no amount of eyebleach would fix. So long as nobody's filling up the server or causing me to get phone calls from network security, I'd rather not know what they're doing.

Re:No Ethics

It's not even the eyebleach that's required. It's that peeking through peoples' files will undoubtedly reveal something you shouldn't, aren't supposed to, or (in the case of purely personal information) don't want to know or have no need to know. And once you know it, you have a responsibility to safeguard it - moral, most importantly, but legal as well depending on its nature. Who wants to safeguard other peoples' personal information for no damn reason at all?

Re:No Ethics

Ditto, I honestly could care less what files people keep. Have some mp3s? Fine. A few questionable video files? I still really don't care. Just don't be downloading malware or anything like that. Basically I figure I wouldn't want anyone accessing my files, so why would I want to access their files? Then again, I also despise knowing passwords because of liability because I genuinely don't ever like touching other people's accounts.

Scary

I know a place where they have'nt changed the root/admin passwords in years. They have so many servers that it would be "a huge pain" (their words exactly) to change all the passwords. I wonder how much of a pain it would be for a former DBA or sysadmin to snoop around and start publicly posted how much everybody makes?

Re:Scary

Which really brings up another question to me.

Suppose you have a high level IT staff member quit.

You go through the normal password rotation, and call it a day, but they still had access to the private keys of every server. Do you generate all new keys for every server? How do you reconcile that with the authorized_keys and known_hosts files across the network? That's a large infrastructure change.

Are there SSH key servers that allow this?

Re:Scary

They don't have access to the private keys of every server. Their public key is in their home directory on every server.

You just delete their account, or their authorized_keys file.

And?

Maybe I'm missing the point but I don't see where there is an issue.

In nearly all IT environments, either you trust your IT staff, or you have some killer PKI. Reality suggests management in the typical company wouldn't pay for or be bothered to use, so we're back to IT having super-snooping powers.

Re:And?

How do I know that the monkeys in Personnel aren't firing up my salary details or absence reports for the hell of it? Techies too have to trust people who have access to information just like they have to trust us. If someone is found to be abusing the access and earning some gain, action will be taken I'm sure. But overall it has to work on trust, or we'd all be drowning in audit trails.

Which is worse?

Given the nature of a sysadmin's job, I think I'd be more worried about the other 2 out of 3 that don't snoop around. A curious sysadmin will find more problems and more possible solutions than one who doesn't care.

Re:Which is worse?

How exactly is reading another employee's email, or monitoring all of a user's web traffic (with out instruction to do so) going to help you in maintaining your domain?

Is being able to flip through the HR database and seeing everyone's pay rate going to make your network more secure?

And if your users learn of your snooping, is it going to be a boon to your company when either you are fired, or employees leave rather than be snooped on?

If you are snooping and you are looking at anything more than purely technical information, you are likely going over the bounds of ethical behavior if you don't have managerial backing.

-Rick

Re:Which is worse?

I think you're confusing the word "curious" with the term my grandma used. "Nibshit".

It's great to be curious. Wondering how things work will definitely teach you.

Being a nibshit will only get you into things you shouldn't.

Of course, at one of my old jobs at an ISP, another admin (who was a nibshit) found a stash of kiddie porn in a users folder. I suppose it's a positive story, since the guy ended up going to jail.

Re:Which is worse?

Curiosity for certain aspects of network management is far different than "snooping" on employees.

As has been stated, Reading their email or watching them surf does nothing to increase the security of the network.

(on a windows network)

You wanna be curious? Fine. Go pull a listing of the 8000+ databases on the network share and check their properties to see if they are secured correctly so the HR data contained in some of them isn't available to be seen by the "everyone" group.

Go search for old, out dated data files that haven't been accessed in 5 years, or personal multimedia files sitting on your shared space because the users want to listen to music all day long but are too cheap to bring in a $6 radio.

These are some of the things a decent Admin would and should look for (among others) but that power does not justify snooping on people because you're too bored to crack open a tech manual of some sort or read a tech-site online

They have a life

'Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?'

They probably have a life. It's pretty pathetic to have to get one's jollies snooping on others rather than actually doing something.

Re:They have a life

'Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?'

They probably have a life.

Or alternately, maybe they post to Slashdot.

Sysadmins mostly honest

So in other words, a significant majority of sysadmins are honest. Given that they have "the keys to the kingdom" in the words of the article, that's pretty impressive.

Makes you wonder......?

According to that survey, 2 out of 3 sysadmins realize that spying in a CLI (career limiting move) if they get caught. That, and the whole ethics and honour thing, are why we are able to manage the confidential data without snooping.

Don't believe the hype

Come on people, for 'computer nerds' it's amazing how little logic you collectively display.

The company that sponsored the "poll" makes products for encrypting information and compliance with SOX..

Do you think they'd release a study that DIDN'T imply your information was in jeapordy?

This is simply marketing hype, don't fall for it -- it's positioned to get executives to suspect their IT staff (in my company's case, very respectable and honest IT staff) --

1 in 3 is a completely made up number for the benefit of the company trying to SELL PRODUCT

I don't snoop

I don't snoop. Truth be told, I don't really care about anyone or what they're doing. Besides, most sysadmins are lazy. Good sysadmins do their best to automate as much as possible so they have to do as little as possible. Do you seriously think we want to create more work for ourselves?

Never again

I made the mistake of looking at a co workers pay who I thought was equal in status to me. BIG MISTAKE. After finding out he was paid several hundred dollars more than me a paycheque for doing basically the same job, I never looked at him or the company the same way again. I left that company not too long after, partly because I felt ripped off. Its very hard to unsee things sometimes.

As for internet history or watching peoples screens while their back is turned, I would never do that *TO A PEER*. Its just a respect thing. I have definitely been told to monitor subordinates internet accesses as well as various people throughout the companies I have worked for. Ive gotten people fired for looking at facebook on work hours, but thats part of the job in some corporations. I wonder if the article is talking about peers (in the IT department) or extra-departmental persons whom you could legitimately be instructed to snoop on.

Define Snoop.

Yeah, I definitely have done it. No matter how you define it.

I CAN say that I have never logged into systems I wasn't allowed in, but I have
cd /home
and looked around.

However, I have never USED the information. I never really found anything incriminating, except TONS of porn. Hey, if you have a proxy server at work, all the porn you view is cached on the proxy. Our proxy used to show the file owner, ha ha, you are busted. I never busted anyone however, just backed up the porn to CDs and deleted it. Anyone want some old CDs?

Also, I used to work nights. If you just turned me down for a raise (poor-mouthing how bad the company is doing), do not leave your 6 month $14K bonus paperwork lying around on top of your desk. I was just delivering reports, but damn, I lost all respect for you. That is why I do not work for you anymore.

Surveys...

Of those 2 out of 3 left, 4 out of 5 were found to have lied on the survey. Of those that lied, it was found that 2 out of 3 only snoop on those they think they have a romantic connection with and considered it not snooping but pre-mutual love investigation. Of those that act and are rejected, 50% continue to snoop to plan murderous intentions that later end in the woman of said attraction kicking said admins ass. Makes you wonder where all these stats come from really though doesn't it..