O.K. guys here is the deal I have an admin that is reading other users mail. This includes executive staff. I have checked the database user details and it shows his id as access the database. For some reason this does not seem to be enough to get this guy in trouble. My question is, is there any additional logging I can do. Is there anyway to see which items inside the database he is looking at, ie email which ones, etc. Thanks in advance…
Subject: Help ethical issues
Hi,
you can try to modify the template of your users to add code in the queryopen of to db to log every access. You can also add code in the queryopen of every document . so , every time an access is done, you can log it in an another db. Don’t send it by mail, your admin could know it.
JYR
Subject: Help ethical issues
You can modify the db to report access to mail and write it off to a log but it’s shutting the stable door after the horse has bolted I fear. You have to ask yourself, or rather, your organisation has to ask itself who really owns the email.
Here in the UK, all email and indeed all phone conversations are the property of the Company - so if someone duly authorised reads the email or listens in or records the phone conversation it’s completely legal and part of the Company’s property.
This actually makes legal sense - beyond the boundary of the exchange the missive in whatever form belongs to the Company - it’s disingenuous to think they are not. If your admin is reading the mails and he has been given appropriate access to the mail db then it’s unfortunate but I would suggest that whoever designed the mail security is at fault. There is no reason why an admin should be able to read someone else’s email unless the ACL was weakly designed.
So I suggest two things need to happen - firstly an appraisal of email security needs to take place and second an interview with the admin as to why he feels the need to read someone else’s email.
George…
Subject: Help ethical issues
It would definately be a problem if the admin can’t be trusted, but also consider the fact that these accesses might be completely legal.
As admin you are responsible for maintaining the servers and databases. On occasion that gives you reason enough to open another user’s mail file. In my opinion, the admin should first ask the user’s permission before doing this, but not every admin feels that this is necessary.
As admin, it is also possible that any number of administrative agents are signed by him, and that these agents are perfoming some needed tasks, like making sure that the correct database owner is in the calendar profile, or any number of other things. This would still cause an entry in the database usage log.
The log entries from the databases could point to completely innocent administration work. It wouldn’t be the first time that database usage logs are misinterpreted.
When talking about adding queryopen code to database and forms, that might not give you anything if you are not a trusted signer of code by the admin guy. If you are not trusted, he will get the question each time asking if he wants to execute code signed by you. All he has to do is answer no to this question, and that will simply bypass your code. If it was me, I would become very suspicious about this question if I was knowingly doing something wrong, when it has never been asked before.
/Peter
Subject: Help ethical issues
Hi.
May be other ways to do this, but straight of the bat you could do the following.
On query open event in the view and the memo form you could trigger a back end agent that would send a mail.
The agent would only be triggered from the queryopen if the user was not the owner of the database.
sending a direct mail from the the query open event or any event will show that a mail was sent from the status bar and also possibly be saved in the offenders sent mail view. So backend mailsend is the only way.
Not sure if it would work if the mails are only being previewed!!
Anyway it is an idea, maybe there are better ways??
Cheers
Mike
Subject: Help ethical issues
For some reason this does not seem to be enough to get this guy in trouble
If, by this, you mean the higher ups need more data, then see the other posts. As an aside, if the db shows this user reading docs, I’m not clear why that’s not sufficient info to indicate the admin is actually snooping. If I’m reading one of my bosses emails, I might as well be reading all of her email - what diff does it make which mail is being read?
If it means you’ve notified the right folks (your boss, HR, legal, whoever is appropriate in your org), and it’ not a problem to them, it’s not your problem. If you haven’t spoken to the right folks, get yourself to them post-haste and let it be their problem.
If you’re the boss and have management authority over this admin, council him, and fire his rear if he keeps snooping.
This may not be a technology problem but a human problem.
Best of luck.
Doug
Subject: Help ethical issues
There are products that will monitor database usage at a finer level than native logging. One is Extracomm’s SecurTrak.
But here’s my take on this issue. Administrators may have occasional legitimate reason for needing to open user mail files. If that is unacceptable within your organization, you can lock down mail files such that the administrator in question would have to use Full Access Administration privileges – which are logged – in order to open any mail file, and you could institute procedures whereby the administrator is required to document exactly what he or she does while using Full Access. Or, you can go further and disable Full Access – though that only works if you are in a position where you can keep the administrator from accessing the server’s notes.ini file. A more reasonable solution, however, may be to enable encryption for all inbound mail – but this is only effective if you have been following rigorous procedures that insure that the administrator doesn’t have access to user ids and passwords.