Two of the people did not change their habits when advised in advance that this monitoring would be taking place (at the router) and were subsequently disciplined (both chose to leave)Ģ) A more tricky case. In this case, I warned (by email) all users in that office that we had performance problems with their Internet that was affecting the business use (they used remote access to head office that was being impacted) and that I would be monitoring internet use for several days, starting. I have dealt with two cases, years ago, where there were specific thingsġ) Inappropriate use of the internet in a sub-office.
There are also free tools that will unpick a user's browsing history (this is better because it comes from an authenticated profile - I am assuming that you are talking about a domain based system) if it is web activity, then there is probably a proxy of firewall that will log things. If you don't have the easy option of walking away from this, at least do the followingġ) Insist on having a copy of the organisation's policies on IT and Internet use make sure that it is dated and signed as being in effect at that dateĢ) Ask for a written instruction as to which users it should be installed for, and the activities suspectedģ) Armed with the above, you can put in appropriate measures e.g. Here in the UK the simple thing of accessing people's voicemail without their knowledge has sent people to jail and caused huge problems for News International. I am fairly sure that if this comes to light you will probably find yourself on the receiving end of legal acton, possibly criminal, and certainly civi. I recall cases where people have been jailed for spying on partners like this. How is this different from a virus? I am pretty sure that giving managers the opportunity to spy like this is illegal - maybe not where you are, but in many countries. What if the person you spy on was in the middle of writing a sensitive letter to one of your colleagues for example? Or if the person is running payroll and you see the salaries of people that you shouldn't be seeing? If they're going to do it, I'd at least inform the users in a very simple and open way and have them sign off on it (which I'm sure many of them will refuse to do, which will hopefully see the people wanting to do this change their mind). Doing this opens up potential privacy issues. There are better ways of tracking things like web activity and installed programs. That's going to be a pain if you want to push it out via GPO or similar.Īs you already know, this is a bad idea. It looks like they have changed it in newer versions so that you must use the interface to disable it though. You can see the registry change in the FAQ at. I am using %windir%/system32/msra.exe /offerra.Where I used to work (years ago), we used to use TightVNC with a registry change to hide the icon exactly as you desire. I tired to connect and it still asks for permission.
User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Set rules for remote control of Remote Desktop Session Host server user sessions - set to enabled, with option full control without user permission User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\ Set rules for remote control of Remote Desktop Session Host server user sessions - set to enabled, with option full control without user permission However, I tired to change the use and computer configurations on the GPO as follows:
I figure it would be a good thing to know how to do, just in case we need to. Well, now it is more curiosity more than anything.