@@thomascrabtreeon the company’s wifi that is. Tether to your phone. And the number of my colleagues who willingly connect to the company’s wifi on their personal phones instead of just paying a hit more for an unlimited data plan 🤦♂️
I worked for a company in IT. They told people they could use their computers for personal stuff on breaks. All the while using monitoring software that recorded everything. Keylogging and screenshots. Like passwords to everything. Phone calls being recorded. Check. So if you want it private. Use your own phone/laptop.
In 1991 only a handful of academics even knew what email was. It wasn't used for business purposes until late 90's / early 00's. You should watch the movie "you've got mail" which was released in 1998 to get a glimpse into my how email was perceived and be more realistic with your lies in future. I bet you don't even know what Trumpet ****** is or what it was used for, prove me wrong.
@@VoteForBukele prior to windows 95 simply connecting to the internet was a challenge in itself, let alone configuring and running one of the very few email clients. Webmail came much later! People have a tendency to think the way things are today are just a faster version of how things were back then, which simply isn't true.. but an even bigger tendency is for ppl to exaggerate when they lie. If they had said 2001 then that's totally plausible and believable, even 94 whilst a bit of a stretch is possible. But being given *advice* about the content you should or shouldn't put in an email in 91, nope, i call BS. No way that happened. For the record it's not that it's bad advice, it's just the obvious and completely unnecessary lie about it being in 91. Why lie about something like that, it's such a weird thing for someone to do and i'm gunna call it out as there are far too many liars these days...
@@sirtra oh I’ve been on the internet longer than you, kid. I’m absolutely sure the other kid is lying. I just wanted to add a little context. It’s full of liars and insufferable know it alls 😉
IT guy here, I have to explain to new people, we can theoretically see eveerrryytthing, but we don't look, but you mess up or get associated with something that goes bad, what you said could get eyeballs on it. Don't use your work anything for personal anything, and vice versa.
IT guy here as well. Any spying is illegal in EU. No one can read your emails even after you've left. Unless there're court orders involved, of course. Yes, the functionality is there in MS365 admin panels even on European tenants, but one mustn't use them. That is what I tell my users.
Any respectable company will put these features behind legal blocks and approval policies. People dont just have compliance admin access. This is locked down to only being allowed when needed for legal holds, evidence discovery, etc.
From a security standpoint it's not micromanaging but if there is a business case where certain information is needed or requested, it can be gathered within the Microsoft suite of tools. Normally a security team is only looking at this information for an investigation, an alert gets triggered, or it shows up in a policy / compliance issue.
Very unlikely is the team that is bad, most likely is the boss who is the micromanager. Also, this is not different than security cameras. Are we using them for security or checking if people are working or not.
@@TrysomieflexntjesThis is assuming that a manager isn't petty and doesn't like you. There's people out there that are wanting to hold employees back even when their work is great due to social reasons or pettiness
No this is because Microsoft has reduced the amount of storage and how it is calculated for education licenses. In the past years two major changes were made: for large orgs, it is at least 100 times smaller now. This information is public: use your favorite search !
If a company is going as far to just check whatever you do and dig into the data. Just flag the company on websites for being complete sociopaths/red flag to work for.....
Then you might as well red flag almost every large company in business. Thanks to hackers, ransomware, and AI, companies have major risks now. My company doesn't even let us save data files to our local hard drive or use the USB either. We edit on the network only.
I think its important to trust eachother and if you are a manager you won't have to worry about what your employees get up to if they feel engaged. It's about leading rather than managing.
Nah, trust doesn't scale and the stakes are too high for big companies (or even mid sized companies). I hate spying as much as everyone else and there should be laws that limit the scope but as a company who's paying for all these resources you want to have visibility on them. I've always assumed they can read my messages but seems like that's still limited. I didn't see anything particularly controversial here, the visibility admins get into the state of my machine caught me off guard but that's about it. If you have edge security software running on your machine all the things in this list pale in comparison.
I am in IT, we do not go this deep unless there is a specific reason to do so. By the way, every employer has that much control but no time to check everything every employee is doing
@@VicMansaMusa makes a lot of sense. I’m one of those people that’s highly productive but don’t micromanage me. I’m probably not where I said I’d be lol
This confirms that watching this at work should be done using 2nd computer. On different network. I am setup with KVM and 2 internet connections. Thank fully.
My company "deactivated" that stuff (GDPR/european union privacy act exists, you know). While at the same time installing something that when you google it, tells you outright that it monitors everything you do on a computer. This is hell
Yes, usually on company computers all network traffic is monitored, either though use of certificates etc. This monitoring is mostly automated process, and that message is there mostly to scare you not to visit websites that are not sanctioned or work related. All network activity is logged but only suspicious and flagged activity might get you into some trouble. Single visit on sanctioned website is ok.
This is basically why you'd use USB switches for your hardware that can be monitored: Just kill that device. I have done that, and I am not going back. Camera & Mic are only on when I am in a meeting/call, for example.
I imagine the reason much of this exists is for what @ctCJ is saying in the comments. it's for things like legal discovery if something goes sideways. I'm curious how many employers actually use these reports for things outside of that reason. That said, maybe I'm naive as I don't have time to look at this as a boss. -Brian
@@PragmaticWorks I think it is used more often then you think, most likely on a ad-hoc basis, when needed or suspicious or whatever. Or even just in bulk massive surveillance, who knows.?
If you are using the company equipment for personal use, you are putting all of your coworkers at risk. Hackers and AI are at work to do ransomware and steal the company secrets. Go buy yourself a smartphone or tablet to do your personal stuff on 5G at work instead of putting the company network at risk.
Us admins, have enough crap to do on a daily basis and could care less about some joe schmoe is doing on Wednesday. The only reasons this would ever come up is because the owner of the company is suspect of someones performance, which they have the right to be, or for litigation reasons like FOIA requests, or legal cases (lawyers)
@@UGotTheFunk "because the owner of the company is suspect of someones performance, which they have the right to be" Is that a right? What about the right for privacy?
Don't connect to the company wifi system with your personal phone and use a VPN. If you do, consider every, text, tweet, email and search going directly to HR.
SNS texting is another ball game though. If you are paranoid you should be using end-to-end encrypted messaging like Signal anyway. I guess in theory your office could have a cell extender in it to increase reception in the office that might leak texts.
I brought a 14 inch HP Chromebook that i take along to work so that if i need to do anything personal i use that. Even if its just checking closing time of a business i will still use the Chromebook. It gives them absolutely nothing that they can use against me.
Yeah I definitely don’t use it for work purposes and I only use internet from my personal phones hotspot. (Yes I even have 2 phones, one for everything work related and my personal number) I personally would not work for a company that made me BYOD, if you need something to achieve your work being completed they can supply it. Can’t trust any business these days, I have been shafted so many times that I am super paranoid about it all. I even have a full work journal that I log most things in just in case.
I've always assumed I have zero privacy in my workstation. There's so many safeguards running that I have roughly 50% of my RAM available at any given time. I can see log reports automatically generated from some activities, like PowerShell sessions. Even simple consultations sometimes generate a transaction ID. Software I download sometimes end up in the official company repository a few weeks later, so I assume they've analyzed it for security reasons but ended up liking it. So I'd say, don't do anything you'll have a hard time explaining later. Of course, This isn't the type of data managers/supervisors should have access to. It's for security reasons and to support an investigation in case something weird happens, not for micromanaging.
My office does it by default. You can’t do anything install anything access anything email anything look anything up without having to first run it by IT because they have everything locked down so incredibly fucking tight. I got tagged to make a photo archive 690 photos of a project we are working on ….. I couldn’t even download them from the camera to the workstation because connecting devices is disabled. They had to be emailed one at a time.
After Watching this video I’m so glad I don’t have an office job anymore. What an absolute dystopian nightmare that looks like. If I did have an office job, I’d basically be bringing in my own laptop for ANYTHING beyond just the bare minimum company tasks and software installed on the work computer. Just the few official apps with very terse business related messages on the official computer, and I’d use my own (with encrypted tunnelling) for all web browsing, media playback, and all other messages.
That is what you should do. I work in an office environment and we have extreme rules on where we keep data and what we are allowed to do. I am okay with it because it isn't the fault of the company. It is hackers and AI that have caused the harm. This has cost companies millions of dollars trying to deal with the security requirements and protect against AI stealing company intellectual data. Company losses mean lower salary and layoff's for us employees.... Lets protect the data.
corporate networks use 802.1x port authentication to verify devices - you cant' just plug in random devices to open ethernet ports and get on the network. Same goes for wifi. Everything is tracked, on ALL connections
@@woodalexander That is my thought too. My employer won't allow a personal laptop to connect to the network by any method. I can email a few web links for business sites from personal email and that is about it. I suppose someone could use personal laptop in lieu of cell phone for personal use, but a laptop with 5G is expensive.
@@jeffer2350 It seems weird to me that you'd even be allowed to have a personal laptop in a lot of companies, although I have seen them in one case (not sure if they are really allowed though).
I used to work in IT. Yes, we can pretty much see anything, but unless instructed too, we're not typically actively monitoring you. But, yeah... we can.
My opintion is the output is good who gives a flip if they worked for 8 hours that day or someone gigachadded only 8 minutes. If there performance is bad well that is all the info you really need too... I guess in that case you can at least maybe try and "diagnose" the cause for the poor performance but I suspect talking to the person for five minutes about the performance alone is going to yield a better outcome regardless.
Employer employee relationships should be based on mutual trust, if not just start looking for a new job/employees, it never ends well, be it constant surveillance/monitoring, report "sync" meeting, mandatory RTO,... are just trashy behaviors companies uses out of fear to put themselves in a superior position they lost
I had an O365 license with my school that was active several years after graduating. When it finally got canceled I just downloaded LibreOffice, works great for what I need.
If your employer is gathering statistics and micromanaging you like a toddler who needs his nap time set, getting fired might not be the worst thing that can happen to you. Companies should be tracking your output.
As a former IT-admin i can tell you looking through a "private" work correspondence of a former worker is highly illegal as per european law. This also includes Teams and other form of communication, our protocol was to always have someone from a corporate legal team as part of procedure and written consent of ex-employee or legal reperesentative, court order etc. so for mail communications, someone requesting access had to specify in much detail what correspondence he was looking and he was allowed to have access only to that correspondence, everything else was off limits. If we would skirt the rules that would be over for us, as Data protection officers inside&outside company take these things very seriously. We had inTune on corporate phones, theoretically allowed tracking, but due to privacy laws we were not allowed to track phones even if they were lost, much to the frustation of the users. Best we could do is play a sound or send a message, but that's it.
This applies very limited to EU workers as we actually have laws that protect our privacy. Really, the M365 dashboard works differently here. GL there in the USA!
As a 365 VP AI can tell you that I could not care less about snooping on users. However, once AI is able to monitor content without humans combing through messages, you may find that getting flagged for anti-management discussion, toxic communication styles, or lack of activity may increase.
I worked for an organization that had multiple locations across the USA in the 1990s. We heard about two people who lived in separate locations. They sent each other smutty emails and thought their conversations were private. Instead, they were an example of what NOT to do on a company network!
@@atari7001Yeah, the whole laissez faire, “It’s A pRiVaTe CoMpAnY, tHeY cAn Do WhAtEvEr ThEy WaNt” attitude has really shown its limits in the post-“Mexican beer,” brave new world we inhabit. However, companies are just following the example of the government here in US. The Patriot Act passed nearly 23 years ago, and since the 4th Amendment is apparently an analog concept, privacy has essentially been made obsolete in our always online, digital world.
LOL check again... it is not monitoring at all. these tools are available for business continuity purpose and for legal reasons and are definitely there in England. Active monitoring is not allowed in many countries.
Here’s something to consider. Does being in meetings 8hrs a day make you more valuable to an organisation? Does typing 8hrs a day make you more valuable? If you monitor all employees e-mails, are you using that to monitor if people are getting bullied or if they’re talking about last night’s game? If you’re not monitoring bullying, why not? If someone is talking about last night’s game, is that a problem? If so, why?
Most important, what are people monitoring doing instead of actually working ? They need to go after doers as through out the human history, It has always been a scam
@@BossFlight - My point here is that it is difficult to measure productivity in a system that doesn’t output widgets or words per minute. Not typing something can be because someone is thinking. Not all thinking is done on Teams calls or in meetings. Being in meetings for many hours a day leaves little time to think or actually do stuff.
Possibly because the people monitoring are doing all the bullying. A lot of Gov Depts don't want people working at home as Managers can't strut about undermining others or trying to assert their unwelcome style on everyone. Deprive them of an Audience and they hate it.
@@Matt-yg8ub - It wasn’t trolling, it was a rhetorical counterpoise to the corporate “monitor everything” thing. It’s not really possible to assess the effectiveness of an employee by the proportion of time online.
A few things to remember this is company property and software people are working with. As a general rule of thumb it should only have company data on it, us folks in IT don’t want to have to dig up 100GB of family photos or your personal information if you get terminated are leaving the company. IT admins generally have god access and can theoretically see whatever they want on a corporate device so long as it’s online. That said we have neither the time nor care to monitor staff , but if you’re in trouble with your boss they may request access to this information. If it’s something important to track or report on it’s an automated process that spits out an alert or report. Broadly speaking IT is in staffs corner when it comes to privacy and frequently push back when executives try and roll out aggressive monitoring software.
Hot tip: sample piece together emails that would get your boss fired and post them globally in outlook just before being escorted out then repost them to twitter after for good measure. Later when your boss shows up to your house and attempst assault with a deadly weapon you'll be prepared to deal with it's attempt with it's own repercussions.
Fyi when they make you do onboarding or try to nicely make it seem like no big deal to just downloaf their app or login to their workday...or visit their websitw fkr something...READ THE FREAKING TERMS YOU AGREE TO.
When working remotely, I expect there would be some level of tracking / surveillance from the employer - especially websites visited. Major rule is never use the work laptop or device as you would a personal one. I'm sure they can override the microphone deactivation. But I deactivate it anyway, and use that little plastic shield to cover the camera lens.
GUIDs aren't not a method of weak anonymity, they're just the Microsoft version of a unique identifier for a user account. UUIDs in Linux are similar. It's a unique, queryable value. If user Djones worked for the company 5 years ago, left, and a new Djones gets hired, you could potentially re-use the user account name, but have unique GUIDs
It makes perfect sense why Microsoft still is profiting, even though their software is declining in quality each year. The level of surveillance access an employer has is akin to literal wage slaves. No rights in the office? You can't pay me enough to be subject to that 40 hours a week.
I like to keep my bosses too tech-illiterate to do this kind of stuff. I work as a freelancer now, but if anyone ever made me sign a consent form to spy on me, they’d lose me faster than they could blink. If this is what they need to do to keep business operations at an efficient pace, they were never gonna pay enough.
I always put in six point text, white text on white background, in my email signature. Some controversial terms just haphazardly spread around, solely because I knew this type of stuff was going on.
Presence is problematic, although it's better now, sometimes you can be online and working and presence doesn't show you as available, especially if you are working from a phone or tablet. You can get a lot done on phones these days
I use a mouse jiggler, but I also set my status to Away. I use it because if my pc locks and the monitors shut down, when it wakes up I have issues with my monitor setup and they flicker constantly 🤦♂️
Technically, an administrator can make themselves a delegate of yours (a person who can act on you behalf). Then they can see all private appointments easily.
@@PragmaticWorks That's why you when you schedule a block of time on your calendar for personal reasons, simply name the event "Private", with no other details. Then track whatever you need in your personal life calendar somewhere else. What matters is people know that you're busy.
Such surveillance should be an insider threat detective measure, not a performance evaluation tool. A good company sets SMART (Specific, Measurable, Achievable, Realistic, Time-bound) targets for their employees and evaluate their performance base on these. I wouldn't mind if my employee achieves agreed targets in 60 productive work hours instead of 160. Such employee would be more valuable than the other working 200 hours and achieving 70% of targets. 🤷♂️
When i have to reboot my computer i shut off teams. (Quit, log out, whatever) I've had to turn it on for a handful of meetings but otherwise it's not running. The company started using it maybe 5 years ago. I'm fortunate that 90% of my work is done on a separate non networked computer. Let's see if i can continue this for about 5 more years. 😊
I just work and assume everyone's always watching, I go out of my way to stay very neutral on teams etc as even without someone tracking it you may as well assume anything you say to anyone on teams is going to be leaked in one way or another.
Let's say I work from home using a company laptop. Obviously I only do work on the company laptop. But on my own laptop and phone, I may have music and/or TV shows running in the background. Could my employer use my work laptop to "colonize" my router and/or my other devices so that they can see everything I do even on my own devices?
I think the most they could do is use your company machine to scan your home network. If you put your work computer on the guest WiFi and enable AP Isolation on your guest WiFi this should mitigate that risk without having to spend money on extra networking gear to use something like VLANs 😅.
I don't think most companies would be interested in doing that. Most companies are trying to protect against hackers and AI stealing their company technical secrets rather than worrying about you listening to music. My employer sends out fake phishing emails to company email addresses. If you click on a link on one of them you failed and get more security training. They don't want you browsing social media and clicking on random links.
If you're tracking mouse clicks and keyboard presses, you're tracking effort rather than results. You need better metrics to determine whether an employee is being productive.
Just don't use company's tools for personal use. The company is allowed to do what they want with their tools. If you aren't trying to play the system then you shouldn't be worried.
This is somewhat misleading. He keeps saying boss, when what he really means M365 Global Admin. Your boss, unless he is the global admin, does not* have access to the majority of these tools.
Anything on your company network can be seen if it's not encrypted. Do not do anything you shouldn't on a company computer or network. Some IT departments will spy on it's employees just because they are bored.
Now that's an interesting thought. GDPR is for customer privacy but I wouldn't think it would apply if you're employed by a company. That said, I'm an American and don't know all the minutia of GDPR beyond what we have to do to support it with our customers.
@@PragmaticWorks the GDPR law would apply as long as the employee process data of employees that are residents of the EER. (Even if they work in de US) Arrests like Niemietz, Halford, Copland (all European arrest) state that there is “ an employee may expect privacy within the workplace”. That said I am a European and I understand that US law will be different. My main concern would be that M365 features probably are exactly the same in the US as in Europe… that makes things interesting ;-)
@@kevinmitchnik702GDPR doesn't stop companies tracking what you do on their company computers, as long as they tell you, which pretty much all companies do with some clause in the Acceptable Use policy. GDPR also doesn't over ride other laws and regulations where collecting and keeping data is mandatory and this is explicitly spelt out in the GDPR regulations.
@@kevinmitchnik702I don't know about those arrests but the privacy the courts talk about normally relates to private communications at work or using work computers. I.e. an email to a family member rather than a supplier or client where it's expected that they could be monitored.
Gdpr is even stricter for employees in a certain way. Because you are in a submissive position as employee you are considered a vulnerable group similar to children with additional consideration regarding your data protection.
LOL they can "track" your location, if you do anything that touches corporate ressources or devices. By tracking I mean they can know your IP and thus approximate physical location. This functionality is available in ANY website or software that connects to a server and is the basic info a security team expects to find in logs.
You should assume they see everything you do on their IT assets. They're not literally spying on you actively. Nobody has the man power for that. It's all monitored and recorded. They only care about IP assets and liability. i.e. in appropriate emails/DMs. IP theft, unauthorized access. In appropriate accessing of forbidden websites. etc.
Not being funny but at this point you are better off starting your own business or outsource your services in a gig economy. Companies wondering why they can't fill positions 😂😂😂. If you are doing this to your employees you really don't deserve to manage people. Essentially you are creating a slave economy removing any enjoyment from a work environment. So what do you think is going to happen to your productivity and staff turnover?
1. Assume that your company CAN monitor everything on your work PC, since it's not really yours, it's theirs. 2. If they actually are looking at even a fraction of this stuff, they apparently suck at managing and have nothing better to do, so time to find a new job.
Office 365 keeps everything including stuff that was deleted. all it does is unlink it from your mailbox. its why don't use it mostly because of all the office 365 hacks. Your proprietary information is 1 bug away from being open source
It is not possible to recover deleted chats in Teams for users. Deleted chat or channel messages cannot be restored directly. If you have a compliance retention policy or legal hold in place for Teams messages, an administrator can recover these from the Compliance center via eDiscovery search.
One of our super important Teams channels got deleted by accident the other day and around 3 days later it was restored with all the messages still there. Not sure how they did it but it's clearly possible, maybe with eDiscovery.
make new emails and phone numbers and use virtual machines to do anything on one of my dozens of surface tablets for work. If work tries to make me do anything on a pc i tell them they must provide me with a device (legal right) or I do it on the clock at work in their physical location.
Anything owned by your company belongs to them. So if you’re using anything provided by the company, be aware that they can track and monitor it. It’s that simple
Never use a company computer for private use!
As a manager you should definitely not use your work computer for personal things. I would never risk it.
Exactly, I actually carry my own second private laptop to work, and I will use that for anything personal.
@@aussiegruber86 They can also track everything you do on your own personal laptop if you're using it inside the office.
@@thomascrabtreeon the company’s wifi that is. Tether to your phone. And the number of my colleagues who willingly connect to the company’s wifi on their personal phones instead of just paying a hit more for an unlimited data plan 🤦♂️
I worked for a company in IT. They told people they could use their computers for personal stuff on breaks. All the while using monitoring software that recorded everything. Keylogging and screenshots. Like passwords to everything. Phone calls being recorded. Check. So if you want it private. Use your own phone/laptop.
I was told in 1991 "never put an email anything you wouldnt want printed and pinned on the wall"
Good advice.
I never use company computers. I only use my computer, like a chef bringing his own knifes. What you let companies do to you, it is your problem xD
In 1991 only a handful of academics even knew what email was. It wasn't used for business purposes until late 90's / early 00's.
You should watch the movie "you've got mail" which was released in 1998 to get a glimpse into my how email was perceived and be more realistic with your lies in future.
I bet you don't even know what Trumpet ****** is or what it was used for, prove me wrong.
We used email at work in 93-94. I used email in college in 92 - 93. (prodigy/aol). I can’t speak to 91.
@@VoteForBukele prior to windows 95 simply connecting to the internet was a challenge in itself, let alone configuring and running one of the very few email clients. Webmail came much later!
People have a tendency to think the way things are today are just a faster version of how things were back then, which simply isn't true.. but an even bigger tendency is for ppl to exaggerate when they lie.
If they had said 2001 then that's totally plausible and believable, even 94 whilst a bit of a stretch is possible.
But being given *advice* about the content you should or shouldn't put in an email in 91, nope, i call BS. No way that happened.
For the record it's not that it's bad advice, it's just the obvious and completely unnecessary lie about it being in 91. Why lie about something like that, it's such a weird thing for someone to do and i'm gunna call it out as there are far too many liars these days...
@@sirtra oh I’ve been on the internet longer than you, kid. I’m absolutely sure the other kid is lying. I just wanted to add a little context. It’s full of liars and insufferable know it alls 😉
IT guy here, I have to explain to new people, we can theoretically see eveerrryytthing, but we don't look, but you mess up or get associated with something that goes bad, what you said could get eyeballs on it. Don't use your work anything for personal anything, and vice versa.
IT guy here as well. Any spying is illegal in EU. No one can read your emails even after you've left. Unless there're court orders involved, of course. Yes, the functionality is there in MS365 admin panels even on European tenants, but one mustn't use them. That is what I tell my users.
@@YS_Productionshoulder surfing is illegal
Spot on!
Crazy how Office 365 itself is essentially bossware.
Any respectable company will put these features behind legal blocks and approval policies. People dont just have compliance admin access. This is locked down to only being allowed when needed for legal holds, evidence discovery, etc.
Never used it, except on the job
Makes me glad I'm not too far away from retirement. We're literally going to be factory robots in the near future.
We already are …
... or else ...
Micromanagement 101
No wonder some people get miserable at work. If you have to micromanage a team, get a new team…or a robot.
Agreed. We will keep micromanaging until morale improves :).
From a security standpoint it's not micromanaging but if there is a business case where certain information is needed or requested, it can be gathered within the Microsoft suite of tools. Normally a security team is only looking at this information for an investigation, an alert gets triggered, or it shows up in a policy / compliance issue.
or someone who can manage a team might help.
Very unlikely is the team that is bad, most likely is the boss who is the micromanager. Also, this is not different than security cameras. Are we using them for security or checking if people are working or not.
If you have to micromanage, you shouldn't be in management in the first place.
Big brother is always watching. 👀
Thanks for the heads up. I really need to stop calling my grandma in Jamaica on Teams every lunch break!
LOL
Lol, no, as long you do your work good, they wont do anything.
@@TrysomieflexntjesThis is assuming that a manager isn't petty and doesn't like you. There's people out there that are wanting to hold employees back even when their work is great due to social reasons or pettiness
This is why universities lost the 5tb storage we had for OneDrive all the way down to 100gb. They needed all the spare space for the data logging.
No this is because Microsoft has reduced the amount of storage and how it is calculated for education licenses. In the past years two major changes were made: for large orgs, it is at least 100 times smaller now. This information is public: use your favorite search !
@@sashkashurik lol never heard of a joke before? You should get out more.
@@aussiegruber86🧢
mine still had 5tb
If a company is going as far to just check whatever you do and dig into the data. Just flag the company on websites for being complete sociopaths/red flag to work for.....
Then you might as well red flag almost every large company in business. Thanks to hackers, ransomware, and AI, companies have major risks now. My company doesn't even let us save data files to our local hard drive or use the USB either. We edit on the network only.
@@jeffer2350meanwhile I worked at a small company and copied my whole work hard drive and took it home lol
I think its important to trust eachother and if you are a manager you won't have to worry about what your employees get up to if they feel engaged. It's about leading rather than managing.
“Naive” is all i can say
Nah, trust doesn't scale and the stakes are too high for big companies (or even mid sized companies). I hate spying as much as everyone else and there should be laws that limit the scope but as a company who's paying for all these resources you want to have visibility on them. I've always assumed they can read my messages but seems like that's still limited. I didn't see anything particularly controversial here, the visibility admins get into the state of my machine caught me off guard but that's about it. If you have edge security software running on your machine all the things in this list pale in comparison.
I wouldn’t want to work for the boss who has that much time on their hands lol
I am in IT, we do not go this deep unless there is a specific reason to do so. By the way, every employer has that much control but no time to check everything every employee is doing
@@VicMansaMusa makes a lot of sense. I’m one of those people that’s highly productive but don’t micromanage me. I’m probably not where I said I’d be lol
This confirms that watching this at work should be done using 2nd computer. On different network. I am setup with KVM and 2 internet connections. Thank fully.
My company "deactivated" that stuff (GDPR/european union privacy act exists, you know). While at the same time installing something that when you google it, tells you outright that it monitors everything you do on a computer.
This is hell
Report them
@@JohnSmith-op7ls you can’t.
Yes, usually on company computers all network traffic is monitored, either though use of certificates etc. This monitoring is mostly automated process, and that message is there mostly to scare you not to visit websites that are not sanctioned or work related. All network activity is logged but only suspicious and flagged activity might get you into some trouble. Single visit on sanctioned website is ok.
you might as well force the webcam to be turned on during the shift. time to ditch the corporate world and become solo
In that case you will become the target of hackers and AI just like your employer.
This is basically why you'd use USB switches for your hardware that can be monitored: Just kill that device.
I have done that, and I am not going back. Camera & Mic are only on when I am in a meeting/call, for example.
Over react much? This video doesn’t show anything surprising.
@@mementomori29231not if you just entered the workforce yesterday. There was a time when every keystroke and mouse click wasn't monitored.
😂😂😂😂😂😂😂😂😂😂😂😂
Or have conversations with your imaginary friend and do psychotic rants and then look at them like they’re the ones that are crazy😂😂😂😂😂
Thanks for showing. Although I have nothing to hide, this is really going too far and violates my privacy enormously.
I imagine the reason much of this exists is for what @ctCJ is saying in the comments. it's for things like legal discovery if something goes sideways. I'm curious how many employers actually use these reports for things outside of that reason. That said, maybe I'm naive as I don't have time to look at this as a boss. -Brian
@@PragmaticWorks I think it is used more often then you think, most likely on a ad-hoc basis, when needed or suspicious or whatever. Or even just in bulk massive surveillance, who knows.?
If you are using the company equipment for personal use, you are putting all of your coworkers at risk. Hackers and AI are at work to do ransomware and steal the company secrets. Go buy yourself a smartphone or tablet to do your personal stuff on 5G at work instead of putting the company network at risk.
Us admins, have enough crap to do on a daily basis and could care less about some joe schmoe is doing on Wednesday. The only reasons this would ever come up is because the owner of the company is suspect of someones performance, which they have the right to be, or for litigation reasons like FOIA requests, or legal cases (lawyers)
@@UGotTheFunk "because the owner of the company is suspect of someones performance, which they have the right to be" Is that a right? What about the right for privacy?
Don't connect to the company wifi system with your personal phone and use a VPN. If you do, consider every, text, tweet, email and search going directly to HR.
SNS texting is another ball game though. If you are paranoid you should be using end-to-end encrypted messaging like Signal anyway. I guess in theory your office could have a cell extender in it to increase reception in the office that might leak texts.
I can confirm this as I'm in eDiscovery, Purview, and Defender XDR daily.
I teach it
Yup, and what you can unearth from e.g. Defender Advanced hunting is pretty amazing.
If my manager looked at my computer usage she'd just see that i spent 10h in the same excel spreadsheet and furiously using copilot
I brought a 14 inch HP Chromebook that i take along to work so that if i need to do anything personal i use that. Even if its just checking closing time of a business i will still use the Chromebook. It gives them absolutely nothing that they can use against me.
They told us 'bring your own device' is a thing of the past a few weeks ago
but, you shouldn't use their wifi network for browsing, etc.
@@orangemoonglows2692yea, I hope gruber86 is using their personal mobile on 4G as a WiFi connection!
Yeah I definitely don’t use it for work purposes and I only use internet from my personal phones hotspot. (Yes I even have 2 phones, one for everything work related and my personal number) I personally would not work for a company that made me BYOD, if you need something to achieve your work being completed they can supply it.
Can’t trust any business these days, I have been shafted so many times that I am super paranoid about it all. I even have a full work journal that I log most things in just in case.
@@orangemoonglows2692 yep I definitely won’t use works wifi for my personal devices
I've always assumed I have zero privacy in my workstation. There's so many safeguards running that I have roughly 50% of my RAM available at any given time. I can see log reports automatically generated from some activities, like PowerShell sessions. Even simple consultations sometimes generate a transaction ID. Software I download sometimes end up in the official company repository a few weeks later, so I assume they've analyzed it for security reasons but ended up liking it. So I'd say, don't do anything you'll have a hard time explaining later.
Of course, This isn't the type of data managers/supervisors should have access to. It's for security reasons and to support an investigation in case something weird happens, not for micromanaging.
My office does it by default. You can’t do anything install anything access anything email anything look anything up without having to first run it by IT because they have everything locked down so incredibly fucking tight.
I got tagged to make a photo archive 690 photos of a project we are working on ….. I couldn’t even download them from the camera to the workstation because connecting devices is disabled. They had to be emailed one at a time.
Our company installed mitm certs. They do track Everything!
Geeze. I don't even have a reason to be paranoid, but now I am more paranoid.
After Watching this video I’m so glad I don’t have an office job anymore. What an absolute dystopian nightmare that looks like. If I did have an office job, I’d basically be bringing in my own laptop for ANYTHING beyond just the bare minimum company tasks and software installed on the work computer. Just the few official apps with very terse business related messages on the official computer, and I’d use my own (with encrypted tunnelling) for all web browsing, media playback, and all other messages.
That is what you should do. I work in an office environment and we have extreme rules on where we keep data and what we are allowed to do. I am okay with it because it isn't the fault of the company. It is hackers and AI that have caused the harm. This has cost companies millions of dollars trying to deal with the security requirements and protect against AI stealing company intellectual data. Company losses mean lower salary and layoff's for us employees.... Lets protect the data.
corporate networks use 802.1x port authentication to verify devices - you cant' just plug in random devices to open ethernet ports and get on the network. Same goes for wifi. Everything is tracked, on ALL connections
What company allows you to use your own laptop at work? Seems more than a little weird.
@@woodalexander That is my thought too. My employer won't allow a personal laptop to connect to the network by any method. I can email a few web links for business sites from personal email and that is about it.
I suppose someone could use personal laptop in lieu of cell phone for personal use, but a laptop with 5G is expensive.
@@jeffer2350 It seems weird to me that you'd even be allowed to have a personal laptop in a lot of companies, although I have seen them in one case (not sure if they are really allowed though).
I used to work in IT. Yes, we can pretty much see anything, but unless instructed too, we're not typically actively monitoring you. But, yeah... we can.
My opintion is the output is good who gives a flip if they worked for 8 hours that day or someone gigachadded only 8 minutes. If there performance is bad well that is all the info you really need too... I guess in that case you can at least maybe try and "diagnose" the cause for the poor performance but I suspect talking to the person for five minutes about the performance alone is going to yield a better outcome regardless.
Employer employee relationships should be based on mutual trust, if not just start looking for a new job/employees, it never ends well, be it constant surveillance/monitoring, report "sync" meeting, mandatory RTO,... are just trashy behaviors companies uses out of fear to put themselves in a superior position they lost
I think that in general ditching Microsoft is a good idea.
I doubt Google or the other providers aren't any better.
@@PragmaticWorks I think Matrix is much better tho. Or other alternative free and open source products.
Your company or boss determines. Your choice doesn't matter
I had an O365 license with my school that was active several years after graduating. When it finally got canceled I just downloaded LibreOffice, works great for what I need.
@@PragmaticWorks google is no better, they honestly data mine absolutely everything
If your employer is gathering statistics and micromanaging you like a toddler who needs his nap time set, getting fired might not be the worst thing that can happen to you. Companies should be tracking your output.
As a former IT-admin i can tell you looking through a "private" work correspondence of a former worker is highly illegal as per european law. This also includes Teams and other form of communication, our protocol was to always have someone from a corporate legal team as part of procedure and written consent of ex-employee or legal reperesentative, court order etc. so for mail communications, someone requesting access had to specify in much detail what correspondence he was looking and he was allowed to have access only to that correspondence, everything else was off limits. If we would skirt the rules that would be over for us, as Data protection officers inside&outside company take these things very seriously. We had inTune on corporate phones, theoretically allowed tracking, but due to privacy laws we were not allowed to track phones even if they were lost, much to the frustation of the users. Best we could do is play a sound or send a message, but that's it.
I watch RUclips all the time 😂 I told my boss I need some background noise 😂.
This applies very limited to EU workers as we actually have laws that protect our privacy. Really, the M365 dashboard works differently here. GL there in the USA!
Maybe this should be a question to ask an employer before you accept the job. Who wants to be under surveillance all the time? How draconian.
As a 365 VP AI can tell you that I could not care less about snooping on users. However, once AI is able to monitor content without humans combing through messages, you may find that getting flagged for anti-management discussion, toxic communication styles, or lack of activity may increase.
Now imagine having to discuss a bad employee without being able to use any negative adjectives for fear of ending up in HR.
I worked for an organization that had multiple locations across the USA in the 1990s. We heard about two people who lived in separate locations. They sent each other smutty emails and thought their conversations were private. Instead, they were an example of what NOT to do on a company network!
I am a M365 admin. Yes we can see everything. No we dont unless your boss asks us too.
This monitoring is not legally allowed in the UK/EU.
Yeah the government hates the competition
@@atari7001Yeah, the whole laissez faire, “It’s A pRiVaTe CoMpAnY, tHeY cAn Do WhAtEvEr ThEy WaNt” attitude has really shown its limits in the post-“Mexican beer,” brave new world we inhabit.
However, companies are just following the example of the government here in US. The Patriot Act passed nearly 23 years ago, and since the 4th Amendment is apparently an analog concept, privacy has essentially been made obsolete in our always online, digital world.
LOL check again... it is not monitoring at all. these tools are available for business continuity purpose and for legal reasons and are definitely there in England. Active monitoring is not allowed in many countries.
@@sashkashurikcopilot reports are absolutely active monitoring.
Here’s something to consider. Does being in meetings 8hrs a day make you more valuable to an organisation? Does typing 8hrs a day make you more valuable? If you monitor all employees e-mails, are you using that to monitor if people are getting bullied or if they’re talking about last night’s game? If you’re not monitoring bullying, why not? If someone is talking about last night’s game, is that a problem? If so, why?
Most important, what are people monitoring doing instead of actually working ? They need to go after doers as through out the human history, It has always been a scam
@@BossFlight - My point here is that it is difficult to measure productivity in a system that doesn’t output widgets or words per minute. Not typing something can be because someone is thinking. Not all thinking is done on Teams calls or in meetings. Being in meetings for many hours a day leaves little time to think or actually do stuff.
Possibly because the people monitoring are doing all the bullying. A lot of Gov Depts don't want people working at home as Managers can't strut about undermining others or trying to assert their unwelcome style on everyone. Deprive them of an Audience and they hate it.
@@OH2023-cj9if - Yeah, agreed. Those big bosses get lonely when there’s no audience to be in awe of them.
@@Matt-yg8ub - It wasn’t trolling, it was a rhetorical counterpoise to the corporate “monitor everything” thing. It’s not really possible to assess the effectiveness of an employee by the proportion of time online.
This is truly a dystopian nightmaire. A paradise for micro managers.
A few things to remember this is company property and software people are working with.
As a general rule of thumb it should only have company data on it, us folks in IT don’t want to have to dig up 100GB of family photos or your personal information if you get terminated are leaving the company.
IT admins generally have god access and can theoretically see whatever they want on a corporate device so long as it’s online.
That said we have neither the time nor care to monitor staff , but if you’re in trouble with your boss they may request access to this information.
If it’s something important to track or report on it’s an automated process that spits out an alert or report.
Broadly speaking IT is in staffs corner when it comes to privacy and frequently push back when executives try and roll out aggressive monitoring software.
Congress should make a law banning people from accessing private messages even you have signed a contract that contract should be null and void.
My work computer has a notice that all activity done is monitored.
I'm well aware of the dangers.
That first screenshot about the boss is just very specific about the boss to employee interactions... not everything that employee is doing
Is there a way to recall my own M365 activity for a day? There is a good side to this where I want to recall the things I’ve actively worked on.
Hot tip: sample piece together emails that would get your boss fired and post them globally in outlook just before being escorted out then repost them to twitter after for good measure. Later when your boss shows up to your house and attempst assault with a deadly weapon you'll be prepared to deal with it's attempt with it's own repercussions.
Fyi when they make you do onboarding or try to nicely make it seem like no big deal to just downloaf their app or login to their workday...or visit their websitw fkr something...READ THE FREAKING TERMS YOU AGREE TO.
Thank you for sharing 🙏
Never think you have privacy, at home or at work. You can be tracked anywhere, for any reason, and any time.
Don’t use your bosses computer to talk crap about them.
LOL!!!
When working remotely, I expect there would be some level of tracking / surveillance from the employer - especially websites visited. Major rule is never use the work laptop or device as you would a personal one. I'm sure they can override the microphone deactivation. But I deactivate it anyway, and use that little plastic shield to cover the camera lens.
GUIDs aren't not a method of weak anonymity, they're just the Microsoft version of a unique identifier for a user account. UUIDs in Linux are similar. It's a unique, queryable value. If user Djones worked for the company 5 years ago, left, and a new Djones gets hired, you could potentially re-use the user account name, but have unique GUIDs
Next step: cameras in toilet stalls, justified by bosses wanting to ensure employees are not in there just to scroll on their phones.
A car factory in the UK removed a number of toilets to stop people meeting or taking too long when they should be working!
It makes perfect sense why Microsoft still is profiting, even though their software is declining in quality each year.
The level of surveillance access an employer has is akin to literal wage slaves. No rights in the office?
You can't pay me enough to be subject to that 40 hours a week.
This is why I use my phone at work for everything.
Thanks for enlightening the bosses
Well, good thing that searching email, even employee email, is forbidden over here due to privacy laws :)
Big brother is watching.
A lot of people got fired over Slack private messages thinking its pretty hard for the admin to look up conversations.
I like to keep my bosses too tech-illiterate to do this kind of stuff. I work as a freelancer now, but if anyone ever made me sign a consent form to spy on me, they’d lose me faster than they could blink. If this is what they need to do to keep business operations at an efficient pace, they were never gonna pay enough.
I always put in six point text, white text on white background, in my email signature. Some controversial terms just haphazardly spread around, solely because I knew this type of stuff was going on.
Presence is problematic, although it's better now, sometimes you can be online and working and presence doesn't show you as available, especially if you are working from a phone or tablet. You can get a lot done on phones these days
I use a mouse jiggler, but I also set my status to Away. I use it because if my pc locks and the monitors shut down, when it wakes up I have issues with my monitor setup and they flicker constantly 🤦♂️
The big question for me was whether they could hear or transcribe calls.
Wow!
Great video, very interesting. What about the details of outlook meetings and calendar entries set to “private”
Technically, an administrator can make themselves a delegate of yours (a person who can act on you behalf). Then they can see all private appointments easily.
@@PragmaticWorksthank you
@@PragmaticWorks That's why you when you schedule a block of time on your calendar for personal reasons, simply name the event "Private", with no other details. Then track whatever you need in your personal life calendar somewhere else. What matters is people know that you're busy.
Such surveillance should be an insider threat detective measure, not a performance evaluation tool.
A good company sets SMART (Specific, Measurable, Achievable, Realistic, Time-bound) targets for their employees and evaluate their performance base on these. I wouldn't mind if my employee achieves agreed targets in 60 productive work hours instead of 160. Such employee would be more valuable than the other working 200 hours and achieving 70% of targets. 🤷♂️
Great info!!
Thanks for watching!
When i have to reboot my computer i shut off teams. (Quit, log out, whatever) I've had to turn it on for a handful of meetings but otherwise it's not running. The company started using it maybe 5 years ago. I'm fortunate that 90% of my work is done on a separate non networked computer. Let's see if i can continue this for about 5 more years. 😊
In large organisations Zane's boss would also be monitored and probably his boss as well......
I just work and assume everyone's always watching, I go out of my way to stay very neutral on teams etc as even without someone tracking it you may as well assume anything you say to anyone on teams is going to be leaked in one way or another.
Im so pleased to be retired, no more company crap
Let's say I work from home using a company laptop. Obviously I only do work on the company laptop. But on my own laptop and phone, I may have music and/or TV shows running in the background. Could my employer use my work laptop to "colonize" my router and/or my other devices so that they can see everything I do even on my own devices?
I don't think that's possible unless they have developed malware to do so, which breaches all sorts of ethics and legality issues.
I think the most they could do is use your company machine to scan your home network. If you put your work computer on the guest WiFi and enable AP Isolation on your guest WiFi this should mitigate that risk without having to spend money on extra networking gear to use something like VLANs 😅.
I don't think most companies would be interested in doing that. Most companies are trying to protect against hackers and AI stealing their company technical secrets rather than worrying about you listening to music. My employer sends out fake phishing emails to company email addresses. If you click on a link on one of them you failed and get more security training. They don't want you browsing social media and clicking on random links.
When you entire OS becomes a trojan horse
I still got fired. This sucks! They saw EVERYTHING
Beautiful
If you're tracking mouse clicks and keyboard presses, you're tracking effort rather than results. You need better metrics to determine whether an employee is being productive.
Just don't use company's tools for personal use. The company is allowed to do what they want with their tools. If you aren't trying to play the system then you shouldn't be worried.
Remember, like any tool, it can be used for good or for bad.
This is somewhat misleading. He keeps saying boss, when what he really means M365 Global Admin. Your boss, unless he is the global admin, does not* have access to the majority of these tools.
Why did you need 10+ minutes to say “everything?” Seriously though, very interesting to see how it is done which makes it much more real
because videos under 10 minutes aren't monetized the same... all about the dolla dolla bills, yo'
Anything on your company network can be seen if it's not encrypted. Do not do anything you shouldn't on a company computer or network. Some IT departments will spy on it's employees just because they are bored.
Looks like a million ways to not comply with the GDPR when using M365
Now that's an interesting thought. GDPR is for customer privacy but I wouldn't think it would apply if you're employed by a company. That said, I'm an American and don't know all the minutia of GDPR beyond what we have to do to support it with our customers.
@@PragmaticWorks the GDPR law would apply as long as the employee process data of employees that are residents of the EER. (Even if they work in de US) Arrests like Niemietz, Halford, Copland (all European arrest) state that there is “ an employee may expect privacy within the workplace”. That said I am a European and I understand that US law will be different. My main concern would be that M365 features probably are exactly the same in the US as in Europe… that makes things interesting ;-)
@@kevinmitchnik702GDPR doesn't stop companies tracking what you do on their company computers, as long as they tell you, which pretty much all companies do with some clause in the Acceptable Use policy. GDPR also doesn't over ride other laws and regulations where collecting and keeping data is mandatory and this is explicitly spelt out in the GDPR regulations.
@@kevinmitchnik702I don't know about those arrests but the privacy the courts talk about normally relates to private communications at work or using work computers. I.e. an email to a family member rather than a supplier or client where it's expected that they could be monitored.
Gdpr is even stricter for employees in a certain way. Because you are in a submissive position as employee you are considered a vulnerable group similar to children with additional consideration regarding your data protection.
Surveillance was too high even before all this crazy stuff. This is worthy of actual protests and changes in law.
what ever you do don't sign into O365 on your personal phone they can track your location then
LOL they can "track" your location, if you do anything that touches corporate ressources or devices. By tracking I mean they can know your IP and thus approximate physical location. This functionality is available in ANY website or software that connects to a server and is the basic info a security team expects to find in logs.
You should assume they see everything you do on their IT assets. They're not literally spying on you actively. Nobody has the man power for that. It's all monitored and recorded. They only care about IP assets and liability. i.e. in appropriate emails/DMs. IP theft, unauthorized access. In appropriate accessing of forbidden websites. etc.
These bosses are sick and paranoid. I'm sorry for them.
If your boss is looking up if youve been active enough or not... you're already fkd
Not being funny but at this point you are better off starting your own business or outsource your services in a gig economy.
Companies wondering why they can't fill positions 😂😂😂.
If you are doing this to your employees you really don't deserve to manage people.
Essentially you are creating a slave economy removing any enjoyment from a work environment. So what do you think is going to happen to your productivity and staff turnover?
Why do I feel like I am watching Saul Goodman?
Can't they get the team chat private messages and also voice calls?
1. Assume that your company CAN monitor everything on your work PC, since it's not really yours, it's theirs.
2. If they actually are looking at even a fraction of this stuff, they apparently suck at managing and have nothing better to do, so time to find a new job.
Office 365 keeps everything including stuff that was deleted. all it does is unlink it from your mailbox.
its why don't use it
mostly because of all the office 365 hacks. Your proprietary information is 1 bug away from being open source
How about reading the emails actually sent to the boss?
I'm a software engineer -- I am far more productive when comm tools are completely turned off
What about deleted Teams messages?
It is not possible to recover deleted chats in Teams for users. Deleted chat or channel messages cannot be restored directly. If you have a compliance retention policy or legal hold in place for Teams messages, an administrator can recover these from the Compliance center via eDiscovery search.
One of our super important Teams channels got deleted by accident the other day and around 3 days later it was restored with all the messages still there. Not sure how they did it but it's clearly possible, maybe with eDiscovery.
This is "InZane"
make new emails and phone numbers and use virtual machines to do anything on one of my dozens of surface tablets for work. If work tries to make me do anything on a pc i tell them they must provide me with a device (legal right) or I do it on the clock at work in their physical location.
And people keep calling the the EU stance towards data privacy “unnecessary limiting”. Brave new world.
Anything owned by your company belongs to them. So if you’re using anything provided by the company, be aware that they can track and monitor it.
It’s that simple
If you’re on a company owned device they are within their rights to track literally anything they want.
Zane needs to tell his boss to go to heck.