In my office, I have a PC that connects to the company's local area network. I have access to the Internet via...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
the LAN. If I do Internet banking with the PC, will my user ID and/or my PIN be known by somebody else that has the LAN access?
This looks like a simple yes or no question, but my answer is maybe. Let me explain.
First, as an employee, you have absolutely no right to privacy on your company's network. If your company does not have some sort of formal policy and/or login banner stating that they have the right to monitor you, they probably should. Most companies have some sort of monitoring software in place at the Internet gateway. Some will even use software that restirct what sites you are able to view.
As for online banking, hopefully it is done via SSL-protected Web pages. If so, the communications between your computer and the bank's computer are encrypted. If your company only has basic monitoring programs, then anything sent SSL cannot be read by admin staff. However, there are products, such as NetIntercept that can even decrypt SSL communications. Thus, even your "secure" transactions may not be secure.
Your admins can also install keystroke monitors on your own machine, that in all likelihood, you will not be able to detect or remove.
So, the bottom line is that regular users on your network should not be able to see your banking transactions, but if your admin staff really wants to see what you are doing, they can. The good news for you is that most admins will not go to those lengths unless they suspect you are doing something illegal or against company policy. They are generally far too busy to monitor each individual that closely.
As a final point, more reasonable companies have policies that permit a certain amount of personal use of the Internet, on the theory that it is no different than making a personal phone call. You should definitely know what the policy is for your company.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Security Policy and Infrastructure
Best Web Links: Employer/Employee Privacy Issues
Dig Deeper on Network Access Control Basics
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.