Forgot your password?
typodupeerror
Security

1 In 3 Sysadmins Snoop On Colleagues 392

Posted by timothy
from the and-they-steal-chips-and-soda dept.
klubar writes "According to a a recent survey, one in three IT staff snoops on colleagues. U.S. information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 percent said they had accessed information that was not relevant to their role. Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?"
This discussion has been archived. No new comments can be posted.

1 In 3 Sysadmins Snoop On Colleagues

Comments Filter:
  • No Ethics (Score:5, Insightful)

    by Bandman (86149) <bandmanNO@SPAMgmail.com> on Thursday June 19, 2008 @01:16PM (#23860229) Homepage
    It's a damned poor state of affairs that so many people put in that situation of trust betray it.

    I've been a systems admin for the better part of a decade, and the only time I've ever accessed the company's assets are when it was warranted.

    The same goes for user files. I'm not going to snoop through other people's files. Really, I don't care what boring files you keep, just that they don't fill up the partition they're sitting on.

    Do that, and suffer my wrath.
    • by The Ultimate Fartkno (756456) on Thursday June 19, 2008 @01:19PM (#23860305)

      the only time I've ever accessed the company's assets are when it was warranted.
      I've looked through your log files, and I think you're lying.
    • Re:No Ethics (Score:5, Insightful)

      by dtml-try MyNick (453562) <litheran AT gmail DOT com> on Thursday June 19, 2008 @01:22PM (#23860373)
      Humans are curious by nature.

      If you forbid someone something and grant them acces to it 9 out of 10 people *will* take a look. Combine that with the powertrip most people get when put in a control position it get's to good to bet let alone.

      For those reasons alone I never trust any sysadmin anywhere, period.

      At work or anywhere else I simply asume some admin will read my email on a bored day and I simply asume he will browse through my files the other day.
      • by Bandman (86149)
        Maybe I got snooping out of my system early enough, before I was an admin. I just don't even care what my users email about. I'm too busy actually fixing things to care, unless something breaks.

        Like I said, the only time I care about content is when it's taking up too much space.

        I did have a user's mail break once, because she kept receiving 20MB attachments and she didn't know how to delete it. There was a hard filesize limit of 2GB in the mail software. I cared a lot about that content...enough to tell he
        • by Shakrai (717556) * on Thursday June 19, 2008 @01:38PM (#23860745) Journal

          Maybe I got snooping out of my system early enough, before I was an admin. I just don't even care what my users email about. I'm too busy actually fixing things to care, unless something breaks.

          Maybe I got snooping out of my system early enough, before I was an admin. I just don't even care what my users email about. I'm too busy browsing /. to care, unless something breaks.

          Fixed that for you ;) Not that I'm any better, mind you.... :P

        • Re:No Ethics (Score:5, Insightful)

          by foobat (954034) on Thursday June 19, 2008 @02:32PM (#23861735)
          would mod you up if I had points. Yeah i snoop through you files... as in, I run a search to see if you've decided to backup your ENTIRE itunes collection, Hi-def tv series, pictures/videos of your boring family, install massive programs to your home directory that i installed centrally on the file store 4 months ago or other entirely pointless files that do not need to be backed up and is eating up half of that space ON OUR REALLY EXPENSIVE SAN STORAGE otherwise, your files are boring and I have much better things to be doing.
          • by snuf23 (182335) on Thursday June 19, 2008 @07:34PM (#23866781)
            I don't think this constitutes "snooping". It's your job generally to ensure that company resources aren't being wasted by personal files such as music collections, videos, photos etc. Most of the time you are just looking for particular filetypes in excessively large profiles.
            As far as software installs go, it isn't important from a licensing and security standpoint to identify illegal or insecure software that an employee has installed. Just as it is to identify rogue network hardware.
            I don't think finding out that salesman Bob likes Britney Spears is in anyway a moral conflict. Reading through employee mail or accessing documents you have no right to (human resources for example) - now that is snooping.
      • Re:No Ethics (Score:5, Insightful)

        by omeomi (675045) on Thursday June 19, 2008 @02:32PM (#23861737) Homepage
        At work or anywhere else I simply asume some admin will read my email on a bored day and I simply asume he will browse through my files the other day.

        It's probably a good assumption, but I have to admit I'm surprised the number is as high as 1 in 3, considering that getting fired for snooping on others' email or files is something that could probably cost you your entire career. Who would hire somebody as a sysop who had been caught snooping?
      • Re:No Ethics (Score:5, Insightful)

        by myowntrueself (607117) on Thursday June 19, 2008 @04:29PM (#23863871)
        For those reasons alone I never trust any sysadmin anywhere, period.

        Then please take the advice of a sysadmin; never *ever* hire a sysadmin.

        If you can't trust your sysadmin then don't have one. Don't be in a position where you need to hire or manage one.
        • Re:No Ethics (Score:5, Interesting)

          by Vancorps (746090) on Thursday June 19, 2008 @04:45PM (#23864175)

          Well said, and this has always been my personal philosophy as a syadmin. If you can't trust me with your data you can't trust anybody. It's that simple. The only time I'll go into another account is to backup files in which case I'm not reading the content.

          There is one more instance when I'll go into an account, when there is a legitimate need for specific content and the account owner isn't available to provide it to the employee. Again, I don't go looking at other stuff, I have something specific I'm searching for.

          I've always taken my position pretty seriously, I can't believe that number is that high. Every sysadmin I know is either too busy to snoop or doesn't care enough to snoop. I can admit I was once tempted to snoop because I was dating a coworker but my damned personal ethics got in the way and I decided to trust her instead. Yeah it turns out she was lying through her teeth but there are other ways to tell if someone is lying that are far better than snooping through email which may or may not be out of context.

    • Re:No Ethics (Score:5, Insightful)

      by kc9fyx (1310661) on Thursday June 19, 2008 @01:29PM (#23860547) Homepage
      I have to agree with that. Sure, I could look at my user's files, but why would I want to? There's no doubt that I'd see things that no amount of eyebleach would fix. So long as nobody's filling up the server or causing me to get phone calls from network security, I'd rather not know what they're doing.
      • Re:No Ethics (Score:5, Insightful)

        by Southpaw018 (793465) * on Thursday June 19, 2008 @01:42PM (#23860835) Journal
        It's not even the eyebleach that's required. It's that peeking through peoples' files will undoubtedly reveal something you shouldn't, aren't supposed to, or (in the case of purely personal information) don't want to know or have no need to know. And once you know it, you have a responsibility to safeguard it - moral, most importantly, but legal as well depending on its nature. Who wants to safeguard other peoples' personal information for no damn reason at all?
    • Re:No Ethics (Score:5, Insightful)

      by scubamage (727538) on Thursday June 19, 2008 @01:33PM (#23860629)
      Ditto, I honestly could care less what files people keep. Have some mp3s? Fine. A few questionable video files? I still really don't care. Just don't be downloading malware or anything like that. Basically I figure I wouldn't want anyone accessing my files, so why would I want to access their files? Then again, I also despise knowing passwords because of liability because I genuinely don't ever like touching other people's accounts.
    • Re:No Ethics (Score:5, Insightful)

      by slashname3 (739398) on Thursday June 19, 2008 @02:12PM (#23861395)
      I had an admin that worked for me once that made the mistake of accessing the executives email accounts and then leaking information from those emails. I was notified of the problem and checked the log files. The admin did not cover their tracks very well. As a result they lost their job and I had to call a meeting and remind everyone on the team that with great power there comes great responsibility.

      Seems to have worked. Either that or they are better at covering their tracks now.

      Some of this I blame on the current school systems in place. There seems to be a lot more cheating going on and as a result not much character building. The rest I blame on poor roll models for the kids today. What with athletes almost openly using steroids and rappers thinking its cool getting busted the kids today don't have anyone to look up to. The easy way out is how it is done. A real shame that it has devolved to this.
    • Re:No Ethics (Score:5, Interesting)

      by Technician (215283) on Thursday June 19, 2008 @05:57PM (#23865407)
      It's a damned poor state of affairs that so many people put in that situation of trust betray it.

      Let me guess, you never check unknown files before deleting them?

      Instead of a car example, I'll use the Photocopier example.

      In clearing the photocopier, it's no business of yours that the thing has a jammed copy another employee's payrole, medical record, drug screen result, employee evaluation, or of a centerfold, but you see it. Is this an ethics violation?

      Snooping and being exposed to data outside your job role may be what the survey is all about.

      I have worked with highly classified stuff. Access is on a need to know basis. I have been exposed to other classified material that I had no need to know, and wasn't cleard for, but, I wasn't snooping. I saw just enough to identify it. With my security clearance, I treated the matter properly.

      Have you ever opened an unidentified file to identify it? Was it snooping, or system maitenance?
  • Scary (Score:5, Insightful)

    by Itninja (937614) on Thursday June 19, 2008 @01:17PM (#23860257) Homepage
    I know a place where they have'nt changed the root/admin passwords in years. They have so many servers that it would be "a huge pain" (their words exactly) to change all the passwords. I wonder how much of a pain it would be for a former DBA or sysadmin to snoop around and start publicly posted how much everybody makes?
    • Re:Scary (Score:4, Informative)

      by painehope (580569) on Thursday June 19, 2008 @01:32PM (#23860595)
      Someone needs to explain to them about using ssh-keygen to allow secure, password-less logins, and how write Expect scripts. That's how I handle changing the root passwords on the supercomputers that I manage (which undoubtedly have more nodes than that company has servers).
      • Re:Scary (Score:5, Interesting)

        by Bandman (86149) <bandmanNO@SPAMgmail.com> on Thursday June 19, 2008 @01:39PM (#23860771) Homepage
        Which really brings up another question to me.

        Suppose you have a high level IT staff member quit.

        You go through the normal password rotation, and call it a day, but they still had access to the private keys of every server. Do you generate all new keys for every server? How do you reconcile that with the authorized_keys and known_hosts files across the network? That's a large infrastructure change.

        Are there SSH key servers that allow this?
        • Re: (Score:3, Informative)

          by painehope (580569)
          Well, to be honest, it's never been an issue to me. Practice proper perimeter security and they'll never get in to the machines that they could damage.
          • Re:Scary (Score:5, Insightful)

            by slashname3 (739398) on Thursday June 19, 2008 @02:16PM (#23861453)
            Ah! The hard and crunch on the outside and soft and chewy on the inside security approach. Yummy!

            Seriously, that approach is just waiting for that one opening that allows someone inside. Security in depth, multiple layers, is the best practice.
            • Re:Scary (Score:5, Funny)

              by Bandman (86149) <bandmanNO@SPAMgmail.com> on Thursday June 19, 2008 @02:25PM (#23861621) Homepage
              The everlasting gobstopper approach...I like it!
            • Re: (Score:3, Informative)

              by painehope (580569)
              Ah! The presumption that I don't practice the type of security that you advocate! Fucking amazing what one can presume based upon a single statement.

              end_sarcasm(&slashname3)

              Seriously, I agree with you. I'm just not going to change the key files on and for > 2048 systems (regardless of how I can parallelize it) when I can just change the root password, disable their account and remote accesss, remove their keys, and call it a day.

              There is no such thing as perfect security, especially if the pe

        • Re:Scary (Score:5, Informative)

          by prockcore (543967) on Thursday June 19, 2008 @01:43PM (#23860855)
          They don't have access to the private keys of every server. Their public key is in their home directory on every server.

          You just delete their account, or their authorized_keys file.
        • Re: (Score:3, Informative)

          by fifedrum (611338)
          yeah the really expensive shell scripting kind

          for host in `cat hosts.change`
          do
              ssh -t $host ssh-keygen -t dsa -f id_dsa.pub
          done
          man ssh-keygen to see how to do this while supplying the passphrases on the command line
          • Re: (Score:3, Insightful)

            by Bandman (86149)
            Down your path, madness and insanity reign.

            If you tried that on production, you just broke every automated ssh attempt between systems, and now you've got to manually edit every known_hosts file to remove the old keys. Then you've got to manually add or ssh into the hosts all over again to re-establish key trust.
            • Re:Scary (Score:4, Funny)

              by wsanders (114993) on Thursday June 19, 2008 @04:10PM (#23863545) Homepage
              Yes, usually it is just easier to hire a hit man to kill the sysadmin. However, it's not legal in ultra-liberal states like California and Massachusetts.
            • Re: (Score:3, Informative)

              by Jeffrey Baker (6191)
              Only if you're an idiot who can't read the manual. See /etc/ssh/ssh_known_hosts. You put the new key into known hosts ahead of time, then you change the keys, then you remove the old key from known_hosts. No automated logins will have been broken.
  • And? (Score:5, Interesting)

    by mpapet (761907) on Thursday June 19, 2008 @01:17PM (#23860263) Homepage
    Maybe I'm missing the point but I don't see where there is an issue.

    In nearly all IT environments, either you trust your IT staff, or you have some killer PKI. Reality suggests management in the typical company wouldn't pay for or be bothered to use, so we're back to IT having super-snooping powers.
    • Re: (Score:3, Interesting)

      by gstoddart (321705)

      Maybe I'm missing the point but I don't see where there is an issue.

      Because, some people aren't supposed to be seeing certain things. If you're charged with protecting everyone else's crap, it's nice to develop a bit of indifference to what's in it -- I'll guard it, but I won't look in it.

      Think of it this way ... if your admin is reading your financials, they could be using it to do a little insider trading or taking the information for other purposes.

      It really is a huge breach of trust for an admin to be

    • Re:And? (Score:5, Interesting)

      by Bob-taro (996889) on Thursday June 19, 2008 @01:59PM (#23861139)

      In nearly all IT environments, either you trust your IT staff, or you have some killer PKI.

      The Sarbanes Oxley Act [wikipedia.org] makes trusting your employees illegal.

  • Which is worse? (Score:5, Interesting)

    by IronWilliamCash (1078065) on Thursday June 19, 2008 @01:17PM (#23860265)
    Given the nature of a sysadmin's job, I think I'd be more worried about the other 2 out of 3 that don't snoop around. A curious sysadmin will find more problems and more possible solutions than one who doesn't care.
    • Re:Which is worse? (Score:5, Insightful)

      by RingDev (879105) on Thursday June 19, 2008 @01:23PM (#23860399) Homepage Journal
      How exactly is reading another employee's email, or monitoring all of a user's web traffic (with out instruction to do so) going to help you in maintaining your domain?

      Is being able to flip through the HR database and seeing everyone's pay rate going to make your network more secure?

      And if your users learn of your snooping, is it going to be a boon to your company when either you are fired, or employees leave rather than be snooped on?

      If you are snooping and you are looking at anything more than purely technical information, you are likely going over the bounds of ethical behavior if you don't have managerial backing.

      -Rick
      • Re: (Score:3, Insightful)

        by jellomizer (103300)
        Well sometimes when you are performing a backup and you see that hey this user took 1 hour to backup. You kinda want to poke around and see what is there. There are a bunch of Movie Files oddly named. Now if you look at them and you see they are recoded video conferences then they are good. If their are something "No approprate for work" then it is an issue to either remove them or take action on the user. Knowing what is on your system is important. Most of the times when you look to see peoples salaries t
    • Re:Which is worse? (Score:5, Interesting)

      by Bandman (86149) <bandmanNO@SPAMgmail.com> on Thursday June 19, 2008 @01:44PM (#23860871) Homepage
      I think you're confusing the word "curious" with the term my grandma used. "Nibshit".

      It's great to be curious. Wondering how things work will definitely teach you.

      Being a nibshit will only get you into things you shouldn't.

      Of course, at one of my old jobs at an ISP, another admin (who was a nibshit) found a stash of kiddie porn in a users folder. I suppose it's a positive story, since the guy ended up going to jail.
    • Re:Which is worse? (Score:5, Interesting)

      by mandark1967 (630856) on Thursday June 19, 2008 @01:44PM (#23860873) Homepage Journal
      Curiosity for certain aspects of network management is far different than "snooping" on employees.

      As has been stated, Reading their email or watching them surf does nothing to increase the security of the network.

      (on a windows network)

      You wanna be curious? Fine. Go pull a listing of the 8000+ databases on the network share and check their properties to see if they are secured correctly so the HR data contained in some of them isn't available to be seen by the "everyone" group.

      Go search for old, out dated data files that haven't been accessed in 5 years, or personal multimedia files sitting on your shared space because the users want to listen to music all day long but are too cheap to bring in a $6 radio.

      These are some of the things a decent Admin would and should look for (among others) but that power does not justify snooping on people because you're too bored to crack open a tech manual of some sort or read a tech-site online
    • Re:Which is worse? (Score:5, Insightful)

      by malkavian (9512) on Thursday June 19, 2008 @02:00PM (#23861181) Homepage
      I've been a sysadmin for ages (started on that track in the early 90s, so a good 15 years already), and can honestly say, I can't be arsed to snoop people. The only time the records are examined is when I'm officially requests to investigate at the behest of the directorate, with agreement of HR and if appropriate, the relevant unions.
      Part of the reason being that I am too damn curious, except not in the "curtain twitcher" way of spying on people around you. I'm always probing the systems to see if they're happy or not, and seeing if I can tweak them to be more secure, or perform better.
      I'm also happy with my illusions of them being pleasant, professional people with no hangups or problems (unless they enter the 'mates' category, in which case I either ask, or listen, or both). Saves a lot of friction, and lets me get on with what needs doing.
      The biggest reason though, is that I think the world should be a better place than it is. I like my privacy, and think it's something valuable. Therefore, I show people the respect I think they should have, and politely decline to riffle through their private information. If I can't meet my responsibility for privacy, I have no business claiming the right.
      There comes a point where it's asked "Who watches the watchers..".. And I'd have to say they're damn poor watchers if they can't watch themselves.
      To be a sysadmin in a sizable environment, you need people on your side; you need them to trust you, and have a bit of faith in you.. Otherwise, the first big disaster that happens (and we all know they do, no matter how much you plan), you WILL be strung out to dry by everyone with an axe to grind, rather than having their support and help at the time you need it most.
  • by penguin_dance (536599) on Thursday June 19, 2008 @01:20PM (#23860339)
    Did they lie on the survey or really don't snoop?"

    I say most lied. Knowledge is power and it would be too damn tempting when you could have your finger on the company's pulse.

    It would also explain the smug look. (kidding!)
  • They have a life (Score:5, Informative)

    by Mikkeles (698461) on Thursday June 19, 2008 @01:21PM (#23860363)
    'Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?'

    They probably have a life. It's pretty pathetic to have to get one's jollies snooping on others rather than actually doing something.

    • by PhxBlue (562201) on Thursday June 19, 2008 @01:45PM (#23860885) Homepage Journal

      'Makes you wonder about the other 2 out of 3. Did they lie on the survey or really don't snoop?'
      They probably have a life.
      Or alternately, maybe they post to Slashdot.
    • by gedhrel (241953) on Thursday June 19, 2008 @01:47PM (#23860951)
      Agreed. The "makes you wonder" comment makes you wonder about the professional ethics of the submitter.

      There are three basic reasons why sysadmins don't snoop, in increasing order of importance:

      1. It'd get you fired.
      2. There isn't time in the day.
      3. Basic bloody professional standards.

      My institution recently underwent a long (very long) pay restructure. At about the point where things were finally settling down, the DBAs were hauled in and "reminded" that exposing or snooping through the resulting data would be a Bad Thing. My instant reaction was, "that's a fucking insult;" didn't think much of the middle-managers involved in passing on that message for not standing up for their staff. However, I think the reflection upon the personnel staff who issued the memo in the first place is that they are greasy, underhanded slime balls.

      So no change there then.
    • by g0bshiTe (596213) on Thursday June 19, 2008 @02:02PM (#23861205)

      It's pretty pathetic to have to get one's jollies snooping on others rather than actually doing something.
      Could you please explain Youtube then.
    • by Ruger (237212) on Thursday June 19, 2008 @02:25PM (#23861603) Homepage

      They probably have a life.

      And it's called World of Warcraft...so there's no time to snoop.
  • by fyoder (857358) on Thursday June 19, 2008 @01:24PM (#23860413) Homepage Journal
    So in other words, a significant majority of sysadmins are honest. Given that they have "the keys to the kingdom" in the words of the article, that's pretty impressive.
  • by Jailbrekr (73837) <jailbrekr@digitaladdiction.net> on Thursday June 19, 2008 @01:24PM (#23860415) Homepage
    According to that survey, 2 out of 3 sysadmins realize that spying in a CLI (career limiting move) if they get caught. That, and the whole ethics and honour thing, are why we are able to manage the confidential data without snooping.
  • by Anonymous Coward on Thursday June 19, 2008 @01:25PM (#23860441)
    Come on people, for 'computer nerds' it's amazing how little logic you collectively display.

    The company that sponsored the "poll" makes products for encrypting information and compliance with SOX..

    Do you think they'd release a study that DIDN'T imply your information was in jeapordy?

    This is simply marketing hype, don't fall for it -- it's positioned to get executives to suspect their IT staff (in my company's case, very respectable and honest IT staff) --

    1 in 3 is a completely made up number for the benefit of the company trying to SELL PRODUCT
    • Re: (Score:3, Insightful)

      by FatMacDaddy (878246)
      Agreed. My first thought after reading the article is where's the meat of the article? There's no indication of whether those 300 "senior IT professionals" were all in one company, what their actual jobs or skill levels are, or any other information. Basically, this boils down to them saying, "Hey, our product is really valuable, and we just did a survey to prove it. Honest!"
  • by mandark1967 (630856) on Thursday June 19, 2008 @01:27PM (#23860481) Homepage Journal
    of those SysAdmins who feel it necessary to snoop on people? If you're bored, get out of Admin Pack and head over to /. or Technet (if you are of the MS persuasion) and learn something new. I don't care who you are or how good you are, you don't know EVERYTHING...

    Maybe it's just me, but I just don't get it...

    I probably have access to more account information and networked shared space than most people, but I have no urge, need, or desire to see what's in their accounts or shares. (Beyond making sure private data is secured and there isn't pornography or other bad files out there using up all our networked drives. That's one of my monthly chores)

    Only reason I'm here right now posting is because I'm in the middle of a scan. Our scans take 6-7 hours to run (with the process set to realtime priority) so about the only thing my computer is able to do is browse the web (slowly, I might add)

    "Could" I snoop? Sure. "Would" I? Never. That's one of the reasons why I have this job.
  • I don't snoop (Score:5, Insightful)

    by ebunga (95613) on Thursday June 19, 2008 @01:28PM (#23860519) Homepage
    I don't snoop. Truth be told, I don't really care about anyone or what they're doing. Besides, most sysadmins are lazy. Good sysadmins do their best to automate as much as possible so they have to do as little as possible. Do you seriously think we want to create more work for ourselves?
  • The other 2 out of 3 (Score:3, Interesting)

    by 192939495969798999 (58312) <(moc.eroomnived) (ta) (ofni)> on Thursday June 19, 2008 @01:31PM (#23860575) Homepage Journal
    The other 2 know better than to out themselves as snoops on any kind of survey... I mean what is the guarantee that the survey wasn't a snoop by the employer to catch "honest spies"?
  • Never again (Score:5, Interesting)

    by citylivin (1250770) on Thursday June 19, 2008 @01:33PM (#23860643)
    I made the mistake of looking at a co workers pay who I thought was equal in status to me. BIG MISTAKE. After finding out he was paid several hundred dollars more than me a paycheque for doing basically the same job, I never looked at him or the company the same way again. I left that company not too long after, partly because I felt ripped off. Its very hard to unsee things sometimes.

    As for internet history or watching peoples screens while their back is turned, I would never do that *TO A PEER*. Its just a respect thing. I have definitely been told to monitor subordinates internet accesses as well as various people throughout the companies I have worked for. Ive gotten people fired for looking at facebook on work hours, but thats part of the job in some corporations. I wonder if the article is talking about peers (in the IT department) or extra-departmental persons whom you could legitimately be instructed to snoop on.

  • Define Snoop. (Score:5, Insightful)

    by kcdoodle (754976) on Thursday June 19, 2008 @01:33PM (#23860649)
    Yeah, I definitely have done it. No matter how you define it.

    I CAN say that I have never logged into systems I wasn't allowed in, but I have
    cd /home
    and looked around.

    However, I have never USED the information. I never really found anything incriminating, except TONS of porn. Hey, if you have a proxy server at work, all the porn you view is cached on the proxy. Our proxy used to show the file owner, ha ha, you are busted. I never busted anyone however, just backed up the porn to CDs and deleted it. Anyone want some old CDs?

    Also, I used to work nights. If you just turned me down for a raise (poor-mouthing how bad the company is doing), do not leave your 6 month $14K bonus paperwork lying around on top of your desk. I was just delivering reports, but damn, I lost all respect for you. That is why I do not work for you anymore.
  • So? (Score:3, Insightful)

    by Neko-kun (750955) on Thursday June 19, 2008 @01:34PM (#23860665) Journal
    As far as I know, sysadmins are bound by privacy laws.

    And if those are the same laws that apply everywhere I've worked at, then it doesn't matter if they access my files or read my email.
    As long as the info is not made public, used maliciously, discussed between colleges, then it doesn't matter.

    It's not what you know, it's how you use it.
  • Surveys... (Score:5, Interesting)

    by mulvane (692631) on Thursday June 19, 2008 @01:37PM (#23860717)
    Of those 2 out of 3 left, 4 out of 5 were found to have lied on the survey. Of those that lied, it was found that 2 out of 3 only snoop on those they think they have a romantic connection with and considered it not snooping but pre-mutual love investigation. Of those that act and are rejected, 50% continue to snoop to plan murderous intentions that later end in the woman of said attraction kicking said admins ass. Makes you wonder where all these stats come from really though doesn't it..
  • by Antony T Curtis (89990) on Thursday June 19, 2008 @01:39PM (#23860763) Homepage Journal
    At a previous sysadmin job, I never snooped on colleagues.

    However, as part of my duties, I was instructed to monitor some individuals and to scan for specific keywords in the logs.

  • assume they all do (Score:3, Insightful)

    by petes_PoV (912422) on Thursday June 19, 2008 @01:44PM (#23860867)
    The results of this survey are pretty meaningless. From a company perspective, they should assume that any or all sysadmins / DBAs (the DBAs will have juicier pickings) can and will rake through the company's data. Merely hoping that the interview process will weed out those who are likely to have a snoop is naive to the point of negligence.

    Given that anyone with both the access and the inclination will have harvested any information they want long before they hand in their notice, having them escorted out is going to be ineffective. From that position, threatening dismissal will not be an effective deterrent, especially now that it's so hard to put allegations into a job reference, unless there's a criminal case that's been proved.

    Probably the only industry where safeguards come close to working is in the financial sector - where the regulations about insider trading make it hard to exploit privileged information without getting caught. However, that's a legal solution, not a technical one.

  • Why not? (Score:3, Insightful)

    by br00tus (528477) on Thursday June 19, 2008 @01:47PM (#23860935)
    At many jobs, I have had access to my boss's, and his boss's (etc.) e-mail since I ran the e-mail server. I am not going to make any legal admissions here, but why wouldn't I read it? I would find out ahead of time about such things as layoffs and that type of thing. Being that I am a wage slave, I want to know about this sort of thing. This is like the "ethics" of slave snooping on their slave master. I am waiting for a Lenin/Pol Pot type to come along and wipe out these bosses, company boards, majority shareholders and the like, so the e-mail snooping is a no-brainer.
  • by Doc Ruby (173196) on Thursday June 19, 2008 @01:47PM (#23860939) Homepage Journal

    Did they lie on the survey or really don't snoop?


    There's surely one way to know. But who watches their sysadmin's sysadmin?
  • by g0bshiTe (596213) on Thursday June 19, 2008 @02:00PM (#23861171)
    2 out of 3, that's like the

    2% of people masturbate in the shower, the other 98% lie about it
  • Where's the survey? (Score:3, Interesting)

    by statemachine (840641) on Thursday June 19, 2008 @02:02PM (#23861209)
    It's not linked in the article, and it doesn't appear on Cyber-Ark's website, at least not in the PR or white paper sections.
  • Boring (Score:5, Insightful)

    by Orgasmatron (8103) on Thursday June 19, 2008 @02:03PM (#23861223)
    Ok, here's the thing...

    After you've flipped through dozens of inboxes and home directories as part of your job, you know how pointless it is to do it for fun. People are boring. They have boring mail. They have boring files.
    • Any sysadmin worth his or her pay knows how to automate the boring tasks. In this case it's relatively easy to set up a job to scan the directors / VP's email for key words like "lay off" "redundancy" "merger" "jail" etc. But most importantly, to scan for their own name.

      The trick is to keep your automated scanning away from the prying eyes of all the other systadmins, who might just stumble across it while they're installing their own methods of getting one step ahead of the rest of the crowd.

  • by John Jamieson (890438) on Thursday June 19, 2008 @02:08PM (#23861315)
    Alright, TFA says "IT Professionals" of which I bet only 1/3 has access to such info. That would imply all snoop that can.

    I don't buy that.
  • by addikt10 (461932) on Thursday June 19, 2008 @02:09PM (#23861329)
    Members of professional organizations such as the IEEE Computer Society Have promised to follow a "code of ethics and professional conduct".

    As a member, and having read the document, I understand that it is ethically wrong, a career limiting move, and not worth violating my promises just to satisfy my curiosity.
  • TFA == crap (Score:5, Insightful)

    by Sun.Jedi (1280674) on Thursday June 19, 2008 @02:10PM (#23861359) Journal
    Strictly from the P-O-V of a UNIX admin.

    1. 300 is too small a sample. Far too small.
    2. No breakdown on size of shop per admin. My SA/server ratio is 1:100, which means very little time. (I MAKE time for /. -- shutup :P)
    3. No breakdown on 'admin' roles. If this is a mom-pop-shop admin survey, then I guess it makes sense. Cisco riders can't touch a server in my shop. Neither can the Domain/AD Admins.
    4. MSNBC? Now -theres- credibility. ::eyeroll::
    5. These shops obviously don't log admin activity. Someone needs to watch the watchers.
    6. I am not a snitch. I don't get paid to snitch.
    7. auto_home FTW, baby!
    8. 1 out of 3 survey topics are meaningless.
  • by BytePusher (209961) on Thursday June 19, 2008 @02:18PM (#23861487) Homepage
    I've been a system administrator for about 10 years now and I've never really found snooping to be interesting. I even tend to look away when people type their passwords, open files with their personal finances or other information. I show them how to use encrypted FUSE file systems. In general, I don't care about someones personal files unless they're taking up too much space.

    However, I should say, from time to time you stumble across "information that (is) not relevant to (your) role," unintentionally. That can't be helped, but it is possible to not abuse the situation.
  • by LoudMusic (199347) * on Thursday June 19, 2008 @02:23PM (#23861565)
    I've sys admin'd for over a decade and can say that I've never intentionally spied on a colleague. However! I have stumbled onto quite a lot of unusual and interesting things. Some of these things I chose to ignore, some I reported, and some I think might have even been planted for me to find.

    Also, I was never asked to spy on a colleague by an employer. Basically the rule was, as long as you're getting your job done and you're not breaking any laws or offending any coworkers, why should we stop you from doing as you please?
  • by Zapman (2662) on Thursday June 19, 2008 @02:47PM (#23861999)
    Today a DBA came to me and asked why the partition filled up. I had to drill into oracle to find the answer (Oracle trace files. Let's just say I've worked with smarter DBA's). Was that snooping? Granted, that was in the realm of solving a problem.

    As an email admin, I've routinely seen subject lines of emails that made me raise eyebrows. It was almost always in the context of looking for a missing email. Is that snooping?

    Personally, I'd REALLY like to see the data. 1) What does '300 Senior IT Professionals' mean? 2) I'd REALLY like to see the survey questions asked.

    I often tell people that, as a sysadmin, if you don't trust me, fire me now, and escort me out the building. I have more than enough power to do irrevocable damage to the company.

  • by Minwee (522556) <dcr@neverwhen.org> on Thursday June 19, 2008 @03:32PM (#23862823) Homepage
    At least two out of three admins have professional ethics.

    The other one is easily tricked by slanted survey questions posed by a company with a vested interest in selling security products designed to prevent snooping.

    "Have you ever, in the course of your work, sought out or been exposed to confidential information which you were not supposed to see? Examples would include personal files, documents or misdirected mail."

    "I don't look at anyone else's files, but as the postmaster for our domain I personally receive every bounced email and those sometimes contain information which should have been kept confidential. I don't read any of it because that would be wrong, but it does wind up in my mailbox."

    "Okay, we'll put you down for 'Snoops on his coworkers' then, and I'll have the rest of our sales team take your manager out for lunch to discuss this. Thanks!"

  • by asackett (161377) on Thursday June 19, 2008 @06:24PM (#23865901) Homepage
    I've been a system administrator for years, have never snooped out anyone's stuff. I value my integrity far more than I value the contents of your files.
  • by Danny Rathjens (8471) <slashdot2@rathjen s . org> on Thursday June 19, 2008 @09:25PM (#23867657)
    When I'm interviewing people for a sysadmin position one of my primary concerns is honesty and integrity. The problem is that everyone asked to their face will claim to have high integrity. I try to approach the issue indirectly with neutral questions as, "Where do you draw the line on observing user activity?" Several times I've had them answer very vaguely or ask me questions about the question - apparently in an attempt to ferret out what kind of answer I am looking for. This type of error-prone and subtle indication seems the only way to find out.
    The human API is very poorly documented. Is there a better way? ;)

Real Users find the one combination of bizarre input values that shuts down the system for days.

Working...