VPNs and remote-desktop software have the same web-browsing monitoring as at a physical office

VPNs and remote-desktop software have the same web-browsing monitoring as at a physical office

Although such software may feel intrusive, it is legal, and in some cases, your employer doesn’t need to tell you it’s running on an employer-issued computer. The EFF has a chart detailing which software has which features, if you’re interested. If this type of software is installed on your computer, avoid using that computer for anything personal, no matter how mundane that thing may seem. If an employer asks to install monitoring software on your personal device, ask for a work-provided device, if you can.

If you access your work computer through remote-desktop software such as Citrix, Splashtop, or TeamViewer, everything you do within the window of that application happens on the computer in your office. This means the IT department or company managers also have the same sort of computer access they have at a physical office. For most people, that means monitoring your internet browsing activity, but typically it also means they can see any files you’ve stored or documents you’re working on.

If you’re required to connect to a VPN, you’re funneling your entire internet connection through your work computer, but not anything else you do. In most cases, this means an employer can see high-level data about what websites you visit.

For remote desktops especially, treat them the same as you would if you were sitting at a desk in an office

If you’re required to use a VPN to connect to your office network, use the internet just as you would at your office computer. In both cases, avoid web browsing you wouldn’t want your employer to be privy to.

Didn’t I hear something about Zoom spying on me?

In early 2020, Zoom got some flack for features such as “attendee attention tracking” and the fact that some private messages were showing up in recordings. Both of those issues are fixed.

An administrator can still see some details of your Zoom usage, such as any recordings you’ve saved to the cloud, meeting names, and meeting participants. That can include people outside the company for any call you host on your work Zoom account, but not calls you join; for example, the Wirecutter administrator knows that I hosted a call in March and who was in that call. Admins for Google Meet and Microsoft’s Skype can get similar information.

Use your work Zoom account only for work-related meetings

Create a free personal account or use a different service altogether for personal calls. If you want to record a Zoom meeting, save it locally, to your computer.

The larger risks to privacy

The data generated from what a worker does throughout the day, whether it’s anonymized or not, represents a privacy concern, and it’s easy to imagine scenarios in which an employer might use that data impractically or unethically. Since bossware can take periodic screenshots or record video-sometimes without an employee knowing-the software may incidentally pick up all sorts of sensitive information, such as medical or banking information. Tools like CleverControl, InterGuard, and Teramind can collect everything from geolocation data to social media posts to instant messages. If the software uses machine learning to generate productivity reports, there are worries that any algorithmic recommendations stemming from it may reinforce social, gender, or racial inequalities because of biased training data. And smaller employers reliant on professional judgement may lack a wall between a middle manager with ill intent and the administrator with the keys to the communication tools.

There are certainly some jobs that require monitoring for security, compliance, financial, or intellectual-property purposes. Even then, employers can acquire bespoke tools, at a better price, that are easier to target at the information they need. One example Cyphers suggested: “If you’re trying to monitor how people access sensitive health information, then you can build a tool that only does that. And that will only alert the boss if there’s a suspected violation. It doesn’t have to monitor everything that someone does on their device and become a productivity monitoring tool in addition.”

Did you like this? Share it!

0 comments on “VPNs and remote-desktop software have the same web-browsing monitoring as at a physical office

Leave Comment