I was asked to install Microsoft Teams and Outlook with a company account they gave me.
I have heard about how employers can monitor employees through software installed on their devices during the times of quarantine and remote working.
Am I reasonable for worrying about this?
IT person here.
The answer is ‘sort of’. Teams can track your activity in teams and reports can be made on how ‘active’ you are within in the app. But it can only monitor app usage, not anything you’re doing outside of it.
If it’s a work-issued computer, there may be other monitoring software on there. If it’s Windows, press the Windows key on your keyboard and type ‘Programs’ in the search bar to see all of the programs installed; Google the ones you don’t recognize to find out. You can also straight up ask your IT department; there may very well be MDM software that can track location or remotely wipe it. There are worse monitoring tools- I’ve heard of ones that will track eye activity- but haven’t actually seen it in the wild.
Note, if you are working remotely and connecting to your work’s VPN, the company can at now monitor all of your browsing until you disconnect from the VPN.
Final note, don’t use your work’s Chrome profile to do any personal browsing.
Something else to keep in mind that I haven’t seen in this thread.
If there is a legal investigation into your company, any device that is used for work purposed can be seized. So if they get themselves in hot water and you use your personal device, your personal property can and quite possibly will be confiscated. Something to think about.
It’s the companies device, and the companies software. It’s the companies network. If you want to be safe, use a personal device, not on the companies network, for personal things,
Keep it professional on company devices and on the company network. Everything CAN be logged for compliance somehow. Never engage in anything that could be considered inappropriate.
This is the only safe way…
Teams and Outlook cannot be used to actively spy on your or your computer (by your employer). Teams does allow admins to pull reports on user activity but only within the app itself (so things like number of message sent, meetings scheduled/attended, etc.).
So if people are sending you messages that you reply to or you never attend scheduled meetings it could show up in reports if they actually look at those. But they can’t see if you have Netflix open or if you’re browsing Reddit.
If it’s your company’s machine and they also manage it, just assume everything you do on it is tracked.
Don’t install work related stuff on personal devices. Don’t entertain work-related chats/emails/every shit on personal devices. That’s it, it should be common sense.
On company device, assume they can see everything. Just do your tasks, don’t overtime, clock out. That’s it.
Can they spy on you? No, but they can see every data that you input into the account (chats, uploaded files, etc.).
Just make sure that when logging in using the account, DO NOT allow your organization to manage your device. Just select “just log me in” or something (I forgot the exact phrase but you get the gist of it).
Alternatively, just use a browser. MS teams can run on chrome browsers just fine.
If they really want you to install the apps, use Sandboxie (windows) or through snap or flatpak (linux). This is what I do when work required me to use Teams. I installed it into a hardened sandbox (in sandboxie) and blocked access to all my files and other windows.
Using your personal computer for work, or your work computer for personal use is a very bad practice, you’re not only risking your own privacy and security (how much monitoring do they do, how do you know? Why risk it?), but also theirs (you may compromise company data because your device has access to company data, or logins for things that access company data, or your personal browsing and email habits result in malware) - which is why we’re not even allowed to at my job for security reasons. We may have stricter rules because security is paramount where I work (and for good reasons), but really everyone should maintain a strict division between “personal” and “work” devices, and the usage thereof. It protects you and your employer.
If your work doesn’t provide a device, buy one yourself (but check around first, they might offer a stipend or something for it). Don’t use your work device for anything you wouldn’t want your employer to see, and you should be fine. If it’s a work device, they have a right to dictate how it’s used. If it’s a personal device, get a work device.
Pretty sure outlook can be used entirely through the browser, I’m not sure why you’d need to install that.
As a strict rule, I only use my work device for work. If I want to browse social media/do some internet shopping, I use a personal device. When I worked in IT Support, I couldn’t believe how many work laptops I’d see being used for personal banking, personal shopping, personal email, etc. It’s poor digital hygiene.
I work for a worldwide company that everyone here knows. Like EVERYONE. When I took the training they gave me, they made it very clear from the get go: Any document done in any software (especially Office) belongs to them, because it was created inside their office. Personal or not.
My email for logging in, do my work, navigate and Windows/Office is from that company (name.company.com for those that are familiar.) The whole office uses Microsoft Teams, because there are multiple files and documents that everybody can edit, enter, chats, and also topics that come from that corporation that interest me. So yes, I use Teams daily for my job. I don’t feel spied on, because it’s part of my daily duties…to update/add to a list of names so another department takes care of the rest.
When it comes to Outlook, it’s the first thing I read in the morning. 80% of the emails I get, I don’t have to reply or do anything with them. Just general communication. The rest, work out as usual. Per policy, I keep in mind, whatever I write there is business only and of course, every document belongs to the corporation. I deviated a few times to help a coworker update her resume. Because in reality, every single thing I write I must keep in mind, I can be held accountable for, or if I write anything and it’s taken the wrong way it can lead to problems. I proofread like crazy.
When it comes to browsing, I don’t have access to Facebook. I must use Internet to do my job. I haven’t tried Reddit because the information that I require to complete the task that I need I won’t find it here. And of course, the company’s internal software which has a ton of departments.
For those that are interested, my Office license at work is elevated, so I have pretty much the full Office, loaded just like the one I have at home. The company runs on a network. But there are cameras all over the building and there’s one pointing at my area. So here’s the lesson, because Trump said this…
Just pretend you are being wiretapped all the time.
For those wondering, here are the different activities and analytics Teams collects:
I used to be able to access outlook and teams on my own device without giving my employer admin access. When they flipped the switch, I removed the applications. If they want me to have a mobile device which they have admin access to, then they have to give me one.
Personal computer, linux, vpn
Was in a MS webinar where they explained how it can be used to detect sexual harassment type things. Just depends if your company has that enabled.
One thing, I will say is that DONT USE TEAMS CHAT. Owners can read it. I learned it the hard way when me and my friends were talking about our boring physics sir.
Always assume that everything you do on a work computer is tracked and monitored. Or are you talking about your personal computer?
Are you in a working device. If not, separate your work from your personal life by having two devices, one for each.
I believe you could check in settings and sthg like Device management to see if you would be.
Normally shouldn’t be able to see what you’re browsing, I believe.
If not a work computer, I would suggest running your “work desktop” in a virtual machine. That not only protects you from the company but the company from you. I service many clients and each gets a dedicated virtual machine. Teams and the Office 365 login associated with each client goes into their respective machine. When I have gone through periods of single employment I use the same pattern if I am on a personal device. If you are using a work computer at home then use it solely for work and keep your personal activity on your personal equipment.
Until Google bought “The Divide” and turned it into a Google Business only product I did the same on my Android phone. I kept my business activity in the Divide. Now, I just carry two phones. I am not granting MDM access to my personal phone with remote wipe, surveillance etc. to anybody. This also means that my work phone (or main client) is setup to their standards and fully managed by them with no risk of my personal browsing activity or application installs risking corporate email, file sharing, etc.
So they can see that my Product Owner took 48 hours to respond to my questions? Fantastic.