Q

Safety of Internet banking on a company LAN

In my office, I have a PC that connects to the company's local area network. I have access to the Internet via the LAN. If I do Internet banking with the PC, will my user ID and/or my PIN be known by somebody else that has the LAN access?

This looks like a simple yes or no question, but my answer is maybe. Let me explain.

First, as an employee, you have absolutely no right to privacy on your company's network. If your company does not have some sort of formal policy and/or login banner stating that they have the right to monitor you, they probably should. Most companies have some sort of monitoring software in place at the Internet gateway. Some will even use software that restirct what sites you are able to view.

As for online banking, hopefully it is done via SSL-protected Web pages. If so, the communications between your computer and the bank's computer are encrypted. If your company only has basic monitoring programs, then anything sent SSL cannot be read by admin staff. However, there are products, such as NetIntercept that can even decrypt SSL communications. Thus, even your "secure" transactions may not be secure.

Your admins can also install keystroke monitors on your own machine, that in all likelihood, you will not be able to detect or remove.

So, the bottom line is that regular users on your network should not be able to see your banking transactions, but if your admin staff really wants to see what you are doing, they can. The good news for you is that most admins will not go to those lengths unless they suspect you are doing something illegal or against company policy. They are generally far too busy to monitor each individual that closely.

As a final point, more reasonable companies have policies that permit a certain amount of personal use of the Internet, on the theory that it is no different than making a personal phone call. You should definitely know what the policy is for your company.


For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Security Policy and Infrastructure
Best Web Links: Employer/Employee Privacy Issues


This was first published in August 2002

Dig deeper on Network Access Control Basics

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close