Snooping

  • Comments posted to this topic are about the item Snooping

  • I'm not sure that anything I have done would be considered snooping. Probably the worst thing I have done is check to see who had more vacation time for me and had less service time. It really comes down to morals. Does being able to justify your actions make them right?

  • There are a number of very good reasons to snoop, most of which are presented on these pages http://members.iinet.net.au/~bofh/index.html 😉 I think most DBA's, SO's, PFY's should snoop (at least a little) to be aware of anomalies before they get out of hand. It could be a poorly written SP or trigger or just plain greed. We all have to responsibility to do an honest days job.

    Cees Cappelle

  • As Cees points out, there are definite areas where snooping may not only be necessary but could, in the long term, save a company from embarrassment, legal action or other.

    But, Steve, consider this. Had the officers of the company where your indiscretion was made been forthcoming (given the moral argument, I think this constitutes expecting them to tell the truth), you would never have had the question. Why is it that corporate management has to treat employees (oh yes, we are all a.......s now. I can't even say the word.) as children who should be seen and not heard? They have obviously seen MIB one too many times and taken Tommy Lee Jones at his word that people are better off ignorant.

    Our new CEO was blindsided in his first group meeting where one person brought of the question of confidence in management and another replied that "we've never been told the truth" by management. Granted, the new guy can't fix the past, but he can affect the future by telling it like it is. People may not always be comfortable hearing the truth, but it at least shows them the respect of treating them like adults.

    ------------
    Buy the ticket, take the ride. -- Hunter S. Thompson

  • In my last job, I had access to the accounting and HR databases, but I never touched them. As "fun" as it would have been to answer questions that people had debated around the office such as "I wonder how much the boss makes?" or "Am I the lowest paid person in this department?" I couldn't think of any scenario that would make me happy to look at that data.

    Either the boss makes much more than me and I get depressed since I'm undervalued or she was making only a little more than me and I'd never be able to make that much.

    If you're going to snoop, think about what you might find and how you would react to it, then think about what would happen if you were caught (either someone seeing you do it, or after a few beers loosened your lips). Sometimes ignorance is bliss. Although I had accessed information that I had access to without super powers that had nothing to do with my job, but that was more out of curiosity and a lack of work to do than looking for gossip or politiking ammo.

  • This topic brings up the larger topic of information security. Though of course not condoning "snooping" I think that what Steve described is very human. If otherwise moral people can give into the temptation (even one time) to snoop, what will happen when people of less character are put in charge of mountains of information? What will happen when our major databases are moved over to third-world countries where the average inhabitant doesn't like us very much and where a 10-to-1 exchange ratio turns a $100 bribe into $1000? In a recent bank scandal, employees in an american bank were found to be releasing information on individual accounts for about $25 a piece. I was shocked when I heard that employees were risking jail sentences for such a comparatively small amount. Throw in international exchange rates and your personal information gets very cheap for interested parties.

    And of course, there is a lot of info out there that is considered less sensitive and hence less secure. The general rule: If you don't want someone reading your info, don't put it out there!

    ___________________________________________________
    “Politicians are like diapers. They both need changing regularly and for the same reason.”

  • Ian Massy


    If you're going to snoop, think about what you might find and how you would react to it, then think about what would happen if you were caught (either someone seeing you do it, or after a few beers loosened your lips). Sometimes ignorance is bliss.

    Not to be an a**, but that sounds like th ploicy banks where taking years ago when the first hackers started to expose the safety holes. Sometimes by 'snooping' we stumble upon backdoors other people left, for whatever reason.

    Someguy (8/13/2008)


    If otherwise moral people can give into the temptation (even one time) to snoop, what will happen when people of less character are put in charge of mountains of information?

    Then there's that too :hehe:

  • Cees Cappelle (8/13/2008)


    Ian Massy


    If you're going to snoop, think about what you might find and how you would react to it, then think about what would happen if you were caught (either someone seeing you do it, or after a few beers loosened your lips). Sometimes ignorance is bliss.

    Not to be an a**, but that sounds like th ploicy banks where taking years ago when the first hackers started to expose the safety holes. Sometimes by 'snooping' we stumble upon backdoors other people left, for whatever reason.

    Someguy (8/13/2008)


    If otherwise moral people can give into the temptation (even one time) to snoop, what will happen when people of less character are put in charge of mountains of information?

    Then there's that too :hehe:

    Then the lesson to be learned is that as a business owner you should hire someone whose job it is to snoop. Taking on the risk of snooping yourself, even if it results in a benefit to the company, is not worth the liability you are incurring. If you tell them you found and defused a situation through snooping, they will congratulate you and then quietly find a way to edge you out, since they can no longer trust you to not be snooping.

    ---------------------------------------------------------
    How best to post your question[/url]
    How to post performance problems[/url]
    Tally Table:What it is and how it replaces a loop[/url]

    "stewsterl 80804 (10/16/2009)I guess when you stop and try to understand the solution provided you not only learn, but save yourself some headaches when you need to make any slight changes."

  • The first ten years of my adult life were spent in a company with very tight security standards. Since I was one of the people who was enforcing those standards, and also had over 6-million dollars in security liability agreements, I got in the habit of not snooping.

    Not snooping has burned me once, quite mildly. (Would have been nice to know that the company I was working for was out of money and would be shut down.) But my honor and integrity are more important to me than that.

    - Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
    Property of The Thread

    "Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon

  • Someone should be checking up on who's doing what, but there needs to be some control on that person as well. It could be reporting to someone that can check their actions (person A checks people B, c, D and person D can check person A).

    I think that if the business owners had been more fair or open, I might not have done what I did. Didn't make it right, and I found that almost everyone had gotten smaller bonuses than previously except the owners and one other person. With the company doing well, it was the final straw for me.

    But I was wrong and it's not something I should have done.

  • I was not going to weigh in on this, but since no one is looking: :w00t:

    Our new net admin is putting out a policy statement that says that the company will be monitoring our e-mail and Internet usage. At least that's what I overheard.

    I've been in positions where I had access to mounds of data. Working for the dental company I had full access to all of the patient data of many hundreds of practices all across the US. I've done project for drug companies. You think military and intelligence security is tight, they have nothing compared to those folk. I've worked with government data and was appalled at the level of access I was given. (These were "absent parents" who had skipped out on their child support so I was not to prone to give a rats tail about their data.)

    My prayer is, "Oh God, don't let me get away with anything." It seems to work. I don't get away with anything. I don't like being punished so I don't try.

    My advice is to get over your idle curiosity as soon as possible! One way is to not be idle in the first place. 😉

    ATBCharles Kincaid

  • It is surprising that more employers do not require their DBAs to sign some sort of agreement that they will not use the company data for personal gain or malicious intent. Other than financial and securities firms, I'm guessing the oversight is pretty lax.

    I've signed nondisclosures before, but I don't think the mishandling of data was really covered. I guess if the NDA is broad enough, a good lawyer could argue it covers any impropriety by the DBA.

  • Someguy (8/13/2008)


    This topic brings up the larger topic of information security. Though of course not condoning "snooping" I think that what Steve described is very human. ... The general rule: If you don't want someone reading your info, don't put it out there!

    I agree that wherever there is a chance for someone to look at confidential data when they don't need to, someone, somewhere will do it. Everyone needs to think about whether it will be worth your job to have that info.

    However, sometimes you have no choice about revealing your info. I am reminded of a recent case in California where employees of the Department of Motor Vehicles were found to have inappropriately accessed data stored in the DMV database about Hollywood celebrities.

  • Steve Jones - Editor (8/13/2008)


    Someone should be checking up on who's doing what, but there needs to be some control on that person as well. It could be reporting to someone that can check their actions (person A checks people B, c, D and person D can check person A).

    ...

    This circular authority can also get you into difficulty. One place I worked, an organization affiliated with a state university, they had instituted a practice of the next higher management level needing to sign off on the reimbursement requests of their subordinates. Sounds fine, right? Well, what about the highest level? Since this was not a private company, the rules still applied to the person at the top. Their solution was to have a subordinate two levels down sign off on the reimbursement request. But since that person was indirectly managed by the person being monitored, it was almost impossible to disallow a request.

    For example, I knew my boss took me out to lunch once a year to thank me for my efforts -- but the value was somewhat diminished to me when I learned that she was entering the cost of the lunch on a reimbursement request as a business expense.

  • I work for a government agency that deals with taxpayer data and we're required to sign a confidentiality statement. We also take manditory security awareness training every year and ethics and confidential information handling training every 2 years.

    This training makes very clear what the penalties are for unauthorized access or disclosure of confidential data, which really helps dampen then impulse to snoop. So far, so good!

    Greg

Viewing 15 posts - 1 through 15 (of 34 total)

You must be logged in to reply to this topic. Login to reply