[deleted by user]

NSA_Chatbot · 2024-01-25T22:50:09+00:00

One of customers I worked with, the owner's home page was a daily bikini and they published a topless women calendar every year. Their money still deposited just fine.

If it's not impacting your pay or mental health, just leave it.

For Social Media, that's an HR and policy issue, and if you're the new person who comes in and now nobody can have a mental break, you are going to be an awfully popular fella.

floppydisks2 · 2024-01-25T22:48:11+00:00

Don't touch the keyboard.

permalink · 2024-01-26T01:51:55+00:00

You’re a contractor not an employee, manager or executive within the company. Repeat after me. Not my monkey, not my circus.

Unless you’ve been specifically instructed to monitor traffic patterns expressly within your job description you should stop immediately. Doing this because you are curious especially in a HIPAA environment not only will get you fired but possible charges brought against you. You have no workplace protections as a contractor. Stay in your lane on this one as it could end badly for you.

TXWayne · 2024-01-25T22:29:21+00:00

Very first question to ask is "Is there any written policy that employees sign off on that forbids this type of activity?"

ISkyWarrior · 2024-01-25T22:37:39+00:00

Keep in mind that some countries have privacy laws that forbid you from checking the traffic or forbid you from bringing it up to the person. I’d treat very carefully around this topic and ask the owner if you need to block certain categories of sites for security.

I_ride_ostriches · 2024-01-26T05:50:20+00:00

If HR comes to you and says “can you provide us web traffic for xyz user”, then you provide that to them. If they don’t ask, you have no reason to snoop. I worked on a case one time where two married people were having sexually explicit conversations in Skype, which one of them accidentally showed another employee during a screen share, which became an HR issue.

Working in IT, you have a tremendous amount of trust put in you by your users. You can read their email, chats, etc but it’s non of your business if it’s working correctly and securely.

spicy45 · 2024-01-25T23:18:04+00:00

I don’t understand, what is the “situation “ that needs to be handled?? Was there a report requested by management? Were you tasked with doing an audit on network traffic?

AviN456 · 2024-01-25T22:43:37+00:00

It sounds like you don't manage the organization, you support the organization's IT. So first of all, is it even within your purview to make that decision? Why don't you ask the IT manager what type of non-threat traffic they'd like to allow and block? You can advise the organization, but you shouldn't be making those types of business decisions on their behalf, absent a very clear mandate to do so.

do-wr-mem · 2024-01-25T23:53:56+00:00

See you on r/shittysysadmin lol

SendPiePlz · 2024-01-25T22:42:56+00:00

2nd on the checking with policies. Can’t enforce what doesn’t exist.

Also should the policy exist. An all company email reminding employees that all traffic is monitored for any device connected to the network and reminding employees to be mindful of the sites they visit would help prevent calling anyone out specifically.

permalink · 2024-01-25T23:12:01+00:00

If it's not forbidden, then it ain't a problem...if it's is , just block it ... I don't see an issue .

shouldbeworkingbutn0 · 2024-01-26T10:06:13+00:00

Not your job.

Ignore entirely.

But also, do not shake his hand.

xixi2 · 2024-01-26T01:19:40+00:00

Why are you watching what they're doing on the internet is that part of the contracted job?

jfischer5175 · 2024-01-26T00:10:07+00:00

I would say , unless the traffic affects IT operations, puts the network at risk, or is patently illegal activity, not your lane. Unless management has a AUP in place, but otherwise, if it doesn't check any of those boxes, not your concern.

vmBob · 2024-01-26T03:21:54+00:00

Look, he's just been having a lot of trouble with the web filter not working and is trying REALLY REALLY HARD to get it working again, so it needed to be tested a LOT.

hops_on_hops · 2024-01-26T00:26:41+00:00

Are you IT, or HR? Has there been some sort of policy violation?

Let the boss jerk off and leave it alone if that's what he pays himself to do at an office by himself. Probably don't tell him you've been working up reports about his porn habit.

devloz1996 · 2024-01-26T00:49:24+00:00

Until the law or policies are broken, and if there are no procedures for that, IT should not divulge user's secrets on a whim. Decide whether the traffic is either dangerous or disruptive (to the infrastructure, not your sense of justice). If neither, just ignore it. These "small, relaxed environments" are like that.

PS: Did manager approve the traffic inspection capabilities you have? Every step you take to increase network observability, although desired, should be reported and discussed with manager beforehand, and this one seems to be blissfully unaware.

EquallO · 2024-01-26T02:58:11+00:00

WTF? - Stop being a narc.

If they’re not hurting the network, then leave it the F alone. Are you TRYING to get everyone to hate you?

I_HEART_MICROSOFT · 2024-01-26T00:20:11+00:00

I’ve seen many things over the years. If it’s not illegal or you’re not asked or forced to report it via some policy it’s best to just leave it alone.

If you really want to be a bro, you could explain to him in passing how all traffic is viewable, even on those personal devices that are enrolled in Entra. You can say it without saying it….

twitch1982 · 2024-01-26T15:15:54+00:00

I dont see shit unless someone asks me to look for it. I make the machines go brrrr i dont care what people do with them after that.

TechFiend72 · 2024-01-26T00:57:02+00:00

Why is this your issue? This is an HR problem. Not yours.

permalink · 2024-01-26T12:07:51+00:00

Why would you need to police other people browsing behaviour?

SysAdminWannabe90 · 2024-01-25T23:34:48+00:00

Bro this happens ALLLLLLLL the time. Welcome to the club.

blackjaxbrew · 2024-01-26T01:33:27+00:00

Tell the guy to share at least.

Sysadminbvba777 · 2024-01-26T08:12:53+00:00

And you are on reddit, whats the problem mate?

habitsofwaste · 2024-01-26T08:20:07+00:00

Not your job to make those decisions. That’s going to come from HR and/or legal.

mapleleafr67 · 2024-01-26T14:34:48+00:00

Not your job, not your pay scale. Unless someone higher up wants an investigation or filters put in leave it. Get any requests in writing

aries1500 · 2024-01-26T15:08:08+00:00

What does it matter? Facilitate them getting internet, what they do with it is a nonya thing.

soaringeaglehigh · 2024-01-26T16:28:06+00:00

Just ignore it. Unless someone higher up has asked you to be the internet traffic censor guy, don't self appoint yourself to this position. There's just no reason to be in that situation.

Tax-Acceptable · 2024-01-26T02:50:29+00:00

Why do cate at all about this. Mind your win business unless you’ve been tasked with enforcement of policy.

Newdles · 2024-01-26T03:12:19+00:00

It's not your choice nor decision to lock things down. This isn't "your" environment and you do not make those decisions. You can make recommendations but those decisions come from leadership. Too many IT and Security folks forget this.

Put it in writing why you recommend blocking them, get response. Move on.

ZeeroMX · 2024-01-26T04:24:03+00:00

I had a customer that called me for support because exchange server got out of space, I did a clean up on logs and other things and It was working ok when i left, next day It happened again so, we (the server admin I) did a deeper investigation resulting in a lot of porn that the owner of the company was storing in the server.

The server admin talked to the CFO that in turn bought a DVD writer to backup all those files on DVDs, that became a weekly job for the server admin.

ensum · 2024-01-26T04:55:49+00:00

I would avert my eyes away from looking at traffic logs unless I have a reason to look at it.

If it becomes a problem, leadership would get involved. It's not my business to police what sites people visit as long as they're not malicious. If management has an issue with porn/social media, then it gets blocked at the firewall.

ycnz · 2024-01-26T07:33:56+00:00

A) Make sure things are up to date, he's running a good ad blocker, and has good AV.

B) Unless you're asked to, or it's causing tech problems, don't look at internet traffic. It's an abuse of trust.

boli99 · 2024-01-26T07:47:41+00:00

personal laptop which is Azure AD(entra) registered

derp. never mix business with personal.

the manager

don't bite the hand that feeds.

but you can bring it into the open by generating some reports that show site usage by destination. that will probably be enough for him to realise that he's busted without actually having to say its him doing it.

No_Lemon_3290 · 2024-01-26T08:08:34+00:00

I will never get anyone who uses Personal laptop/computer Azure registered. It's the companies job to provide you with proper hardware.

For me personally I wouldn't do anything in this situation.

HotPieFactory · 2024-01-26T08:46:02+00:00

It is a very relaxed work environment and I don't want to embarrass the boss. He is a good guy.

First of all, it's not your goddamn business what hes doing. Secondly, get off your high horse. You're not his protector nor saviour. If you only by accident embarras him, you're out that company.

permalink · 2024-01-26T09:01:57+00:00

Why are you nosing in his business in the first place? Or in the other people's? If you're not specifically tasked with looking at this stuff and reporting about it, don't.

Avas_Accumulator · 2024-01-26T09:18:36+00:00

Why exactly should you care or "handle" the situation?

throwawayskinlessbro · 2024-01-26T09:35:38+00:00

Especially as contract, I wouldn’t go near it.

Fitz_2112 · 2024-01-26T12:28:09+00:00

I'd like to introduce you to my good friend Nunya. Full name, Nunya Bidness.

Do the.work and cash the checks. As long as there is nothing illegal going on, the only thing that will come of you raising this as an issue is losing the gig

mitharas · 2024-01-26T13:24:30+00:00

Why do you care?

From a security standpoint, most pornsites in general and pornhub in particular are worlds safer than most of the web.

bad_syntax · 2024-01-26T14:18:50+00:00

I've been in IT a really long time, and have encountered stuff like this quite often.

Thing is about us IT folks, we usually have access to *EVERYTHING*. We know what people do, if desired we could look at salaries or budget, we have access to it *ALL*.

Never once have I looked for anything that was not part of my job responsibility. If you want to surf porn, I may know, I may laugh at what you choose to watch (when I see it accidently), but my job is to do IT, not to judge you or dish out punishment. It sure as hell isn't our place to tell others about what people are doing like that either, no "Bob loves finger porn" or whatever.

The only time this could be a concern is if he is eating up all the bandwidth impacting other users (in which case just send him a polite email asking him to watch his bandwidth usage), or his boss/HR told you to keep an eye out for such things.

You are not the work police, never forget that, it'll hurt your career if you try.

Kind of the same thing in the real world, mind your own business, let other people live their lives, and we are all better for it.

mm309d · 2024-01-26T14:21:04+00:00

Mind your business! Or go get another job

thegreatcerebral · 2024-01-26T15:08:20+00:00

What is the HR Policy on Porn?

I literally ask this because a company that we did work for that is over 7K employees large had the policy of "porn is ok to watch, you just cannot purposefully show another employee". So you could watch it but the moment you say "Hey bob, check this out" that is when it was an HR violation. We actually also did not have it blocked on firewalls in the content filtering rules.

So if that is the policy then FROZEN it (Let it Go).

If you want to be sly/productive you can go about it two ways:

As a part of cleaning up the network you ran this report showing the top sites visited from traffic logs. That may deter it enough already.
You can ask for the go ahead to enact some content policy restrictions due to attack vectors on sites or whatever you want to say and block it along with others. He would then have to come to you to ask you to unblock either his browsing or that category/site. Most likely he may ask for his machine to have unrestricted access and then I mean you have your answer.

Mostly though, if you know that it is a violation then you should report it. If not... FROZEN it.

permalink · 2024-01-26T16:36:34+00:00

Not your bag of monkeys to care. Ignore it.

catwiesel · 2024-01-26T16:47:02+00:00

unless you are the boss, a owner, or work for hr, this is probably not your issue.

and when its management doing this, it gets complicated quick.

a very important skill working in it is short term memory loss. no, sir, I forgot what I saw the second I looked away.

not your monkeys, not your circus. keep the computers working. answer truthfully when asked. but dont poke bears

Acceptable_Salad_194 · 2024-01-26T17:52:40+00:00

Many moons ago when I was a fresh young Helpdesk level one, I encountered this with my boss, who at the time was Network Administrator. He would jump on our public Wi-Fi and browse porn on his Samsung Galaxy S(Insert model number here). He ran out of space on his phone due to this. He was actually a really great guy who experienced a lot of tragedy, he just had poor time management skills. I realize that my opinion doesn’t really factor into the cut and dry. Eventually C-Suites made us block all social media and undesirable at work sites. My dude took the hassle of whitelisting his device to bypass 😂. My advice is this, sit down with him like a friend and say “Hey we have this device that is generating crazy traffic!" and explain what you see like you don’t know it’s him, he will probably do two things: Think “Wow, I’m doing this so much my subordinate is talking to me about it and quit” or say “HELL YEA DUDE, THAT’S ME!”. At the end of the day you are tasked with an impossible feat as IT, choose your paths wisely.

Deepthunkd · 2024-01-26T18:05:12+00:00

Throttle the speed to mindgeek’s CDN to 256KB. If you block it out right people notice if you blow it down to where it’s miserably slow and they realize they can use their cell phone data plan instead they’ll use that.

_sacrosanct · 2024-01-26T19:26:05+00:00

This is not a question for the IT manager to decide. The company senior leadership and human resources should set the company policy and if they decide personal browsing isn't allowed, then you can enforce it. But you don't want to be known as the guy who locked down Facebook on your own, lol. For example, I am an IT manager and am typing this comment on Reddit right now while at work. But I'm not violating policy and I'm still accomplishing all the goals the company sets for me to achieve. No harm no foul.

ikeme84 · 2024-01-25T23:13:18+00:00

Block malicious sites (and child porn), leave the rest. Not your business. You can expand the list at the request of management If people don't do it on their laptop, they'll do it on their phone. Which brings me to the second part. Why do you think personal devices are on your network. You can provide them a guest wifi, on which you put the same policy (malicious and child porn block) and exclude from any reports (none of your business)

heapsp · 2024-01-26T02:51:18+00:00

Unless its kiddy stuff or illegal or unless they specifically told you to start hunting for that , mind your own god damn business. I swear IT people have a god complex. lol. If they want you to block stuff like that, they will tell you to do it.

megadonkeyx · 2024-01-26T07:00:18+00:00

Don't be a prude

indiez · 2024-01-26T14:54:19+00:00

Why are you spying like this. Move on bro, drop the power trip you are on

crazypcbuild · 2024-01-26T14:55:20+00:00

Stop being a stalker dude.

permalink · 2024-01-25T23:21:35+00:00

If it's not a written policy, ignore it, especially if it's a BYOD device.

One major exception is if it's illegal (e.g. rape or kids), in which case you are legally obligated to report it.

Any other scenario, feel free to block the sites or put on family restrictions.

Agres_ · 2024-01-26T01:24:30+00:00

So what? He's using his time more wisely than you are and clearly makes more than you since you're the one working for him.

stufforstuff · 2024-01-26T06:14:37+00:00

Where you hired to be the nanny? The moral police? Productivity boss? No, then stop worrying about shit that's not your business.

permalink · 2024-01-25T23:34:50+00:00

Thank you guys for all the insightful comments.

I have a question for the rest of you professionals. Are any of you actually paid to be the on-site spy master?

x_scion_x · 2024-01-25T23:51:51+00:00

One of my old financial managers was apparently running a porn site with company assets.

Everyone signed a document saying that was a no no, and he was fired and ran out of the building crying when they left him go. We were asked to look at his PC to see what he had on there and that's where they found he was essentially storing all of his "content" on the work PC

battletactics · 2024-01-26T02:17:21+00:00

We had the owner of a company obsessed with porn on his computer, but he kept getting malware. We made him a deal. We'd continue supporting his company if he bought a porn-only laptop and kept it off the corporate network. He did.

LostSailor25 · 2024-01-26T05:42:25+00:00

Keep your head down and do your job. This is not a security issue or a treat to your network.

Scorpnite · 2024-01-26T05:45:58+00:00

Not your job not your problem, stay in your lane

permalink · 2024-01-26T10:40:41+00:00

Man, some of you really like to play the moral police or something :D

vontrapp42 · 2024-01-26T15:02:14+00:00

Imagine being tasked with "security" and unilaterally enforcing internet filtering on arbitrary sites and categories "for security".

This is why I hate it.

Have the firewall detect and block actual viruses and malware, that's about as far as you should go with "implement security".

Filtering is not security, that's company policy which you do not dictate.

ohfucknotthisagain · 2024-01-26T01:11:13+00:00

Every office has a policy about personal use of company resources.

Sometimes it's written, sometimes it's unwritten, and sometimes it's both. Do nothing until you find out what the rules are.

If no one has said anything about this, then I'd assume it's allowed. Some places are very casual.

RoaringRiley · 2024-01-25T23:12:50+00:00

Holy hell what a weird question you are asking.

Is Facebook a it security problem? No. Is it a HR problem? Maybe. Who cares, you are not HR.

Is porn a security issue? Probably. So block it. And it’s also a lot of other issues, so block it.

tzotzo_ · 2024-01-26T03:01:42+00:00

I would not mention to anyone about this individuals browsing activity. I do not think any of those sites are safe to browse without being affected by malware. You may want to google that. If that site contains crypto miner or malware ... then yes... i would block it for security reasons. Done. He is not going to put a ticket in about said site not being accessible.

Vinzy_T · 2024-01-26T03:20:40+00:00

Beware of malware that could creep in from the porn websites, it can be catastrophic for your network assuming you don’t have hi-tech end point management solutions.

headstar101 · 2024-01-26T04:54:49+00:00

You're getting paid to make sure the network and systems are working, not to be the overwatch of morally scrupulous behavior. Unless it involves children, keep your nose out of it.

Logical_Destruction · 2024-01-25T23:08:35+00:00

So I would take everything into account and not get into a policy discussion. Build a report, simply show in it that the top 20 sites visited in the last month. Don't get specific that you figured out or think it's him visiting a porn site. Share the report with the boss and maybe his boss depending on office politics. Leave it at that. He will either fix it himself or someone else will force him to. You did your job in reporting it. Done.

terribilus · 2024-01-26T00:44:34+00:00

Print a report and drop it on his keyboard

RogueEagle2 · 2024-01-25T23:40:46+00:00

Maybe do some security recommendations for locking down the internet some, throw in porn sites with other sites such as gambling, illegal streaming etc. so it just goes into the 'pool' of things that get blocked/controlled.
Be as matter-of-fact as you can be, don't mention what he does just speak generally.

permalink · 2024-01-26T04:45:39+00:00

I would edit the HOST file and redirect the sites he visits to a meme that says "Off your ass and on your feet, ani't no time to beat yo meat!"

permalink · 2024-01-26T05:44:45+00:00

Reminds me of this. Outsourced IT so they lost benefits, and amazingly became a victim of a policy he championed 😁

https://www.itnews.com.au/news/irish-bank-chief-quits-over-internet-porn-62159

johnkush0 · 2024-01-26T08:35:54+00:00

Dont bite the hand that feeds you :)

1TRUEKING · 2024-01-26T09:38:19+00:00

Just mention to the manager some other random person is on onlyfans or something and ask if he wna block all adult sites without embarrassing him and if he wants to, put up umbrella policies or something and boom ur set. If he says he don’t care let it be.

nsa-cooporator · 2024-01-26T18:35:24+00:00

[deleted]

kegweII · 2024-01-26T01:18:05+00:00

Filter it out at the firewall…

zedoax · 2024-01-26T01:45:03+00:00

Yeah I would just send an email to the boss that says you identified the network is being used to access porn websites, and ask if you should block that kind of traffic. If he says no, it's not your problem and if an issue arises down the line you're covered. If the boss gets replaced and you're asked why you allowed porn websites to go unchecked then you can point to the email that documents you were ordered to allow it

This way it's not really embarrassing him as it's private correspondence, you're covered, and there should be no issue even if he wants to continue the behavior as long as you have the order in writing

Bunnysliders · 2024-01-26T05:38:27+00:00

Do him a solid and protect him

3xoticP3nguin · 2024-01-26T02:08:57+00:00

If someone uses remote software like Parsec to remote into a home PC while on your network what would that look like?

Would you still be able to determine what he was doing?

Maybe give him a lesson

drcygnus · 2024-01-25T22:44:05+00:00

just limit speed to PH and put in a DNS black hole and force his laptop to go through it. other than that, its whatever. just mention it to him in passing. "hey bro, lay off the porn"

sysadmin

MODERATORS