This kind of thing is why I EXCLUSIVELY browse the Internet on my phone while at work (without using work wifi, of course). I also never use my work email for personal correspondence, ever.
Granted, I work at a remarkably lax institution that cares more about getting the job done and less about managing our lives, but these are habits I picked up working in Silicon Valley and I couldn't even imagine the kinds of perpetual monitoring that some of my friends from college have to put up with.
Nobody cares about how long I'm in the bathroom. They like the software I write. And then we all go home at 5.
Yeah, I am always shocked when I see people logged in to services and stuff at work. I use my phone, never on work wifi, to check e-mail, and if something comes up that needs a real interface, I use my laptop (on work wifi, but with a VPN to my home router). Doing anything else seems like madness to me.
Eh, I figured everything I did on the corp network was visible to my employer, but I also didn't care for the most part. If I'm going to post on Hacker News or Reddit, it's on the public Internet, and so having corporate network monitoring catch it is the least of my worries.
I just figured that the best defense against getting fired is delivering value to my employer; they didn't care if I take a HN break as long as my overall productivity stayed high. The same applies now that I'm self-employed, too.
I did tend to use my phone for personal IMs & emails, but that was because we also used GMail for work, and I didn't want to bother with having an incognito window open all the time.
I have friends who not only login to all of the services at work, but use their employer-provided laptop as their ONLY computer. It kind of blows my mind. I'm not as strict about the separation as some, but I can't fathom using my work computer for all of my personal stuff outside of work.
This was sort of understandable in the '90s when decent (for then) laptops were expensive. It is baffling today now that laptops are cheaper than many phones.
If you are part of a conglomerate you also have to consider the possibility that another IT group is snarfing your traffic for employee monitoring and IDS purposes. I've actually seen an overeager IDS I didn't even know existed shut down network access for legitimate services.
The company I used to work for required that you give them backdoor access to your cell phone if you wanted to check your work email from it. This gave them the ability to factory reset your phone remotely, as well as change your pin/unlock, along with who knows what else. I refused and was terminated.
We're confused because above it seemed as if your other choice would have been just not checking your work email with your personal phone. That doesn't seem as if it would have been a hardship.
Management required that you send a group email if you were going to arrive late to work. So when I'm stuck in traffic because of an accident how do I email them? Before you ask, they said no text messages were not acceptable.. their requirements were if you had any issues that you had to send an email.
If they require one to send an email outside of the company network, then should supply the equipment. I would never give my employer control of any personal device. If they don't give employee equipment to send the email on, then I don't see how they can reasonably require one to send an email. What happens if one does not have a smart phone? Do they require one to purchase one?
Also, if one is stuck in traffic one most definitely should not be sending email or a text message because that is dangerous to you and others on the road; it also gives the impression that the company does not care about the safety of people.
If I could not call my boss (or coworker) when I hit bad traffic and have said person send the email for me, I think that there is something wrong with the company or group. What exactly is the problem? Do they think your boss or co-worker are lying?
Anyway, sounds like a company that I would leave and save them the trouble of firing me.
Couldn't you just send an email from your personal email address? I mean, I've heard horror stories about retarded company policies and managers who just don't get it, but as a manager and employer myself I find it really hard to believe that you were let go simply because you didn't have your work account in your phone. Even if that was the final reason they gave, it sure sounds like there is a lot more to the story.
If I had the most average of developers on my team that caused me no grief and seemed to get on well enough with those around him/her, I can't fathom just letting them go like that. However, if we'd had a history of issues, the work was pretty dreadful, and/or the attitude was pretty piss poor, I could see where I'd just raise up my hands and say, "F* it, this person isn't worth the grief."
Either way, assuming you've since landed on your feet it sounds like you're better off not being there- I couldn't stand working for a company that micromanaged me like that.
I've seen that same phone policy before. I simply never paired my phone with the secure wlan, and it was fine. No email, but whatev'. I wanted Twitter.
I refuse to participate in the worker wellness program for this very reason. The $10/mo I'm giving up isn't nearly worth the data that I'm coughing up in exchange...
Yea, having worked for a big health insurance company with many "wellness programs" it's a bit scary what you agree to when you do the biometric screenings. All of your vitals go into a database for them to analyze and calculate risk. We weren't quite smart enough to really utilize it and most of the drive to implement these programs were not nefarious. Our intentions were primarily around the fact that requiring people with certain BMIs to lose weight does reduce healthcare costs.
> Our intentions were primarily around the fact that requiring people with certain BMIs to lose weight does reduce healthcare costs.
I've never seen a wellness program that "required" that. Most of them are just designed to bring attention to the issue so that you yourself start to address it (i.e. it is a subtle prod, not a hard shove).
If requiring weight loss has been implemented I'd be interested to read about it. In particular how employers and insurance companies avoid violating the Americans with Disabilities Act.
They started out as a way to stop people ignoring their health until it was too hate. Essentially they're designed around giving out health information and requiring annual checkups (either full health check or biometric screening, employee's choice).
Yep totally agree, I always found that to be a slightly bothersome but they are ultimately trying to reduce costs and don't have much control.
We had various stipulations as part of the wellness program:
First off, this is a "optional" wellness program but opting out could cost the typical employee hundreds of dollars.
If you fall within a certain threshold for BMI, blood pressure, and haven't smoked within 30 days you immediately qualify for the health premium discount (or some other custom incentive including PTO, cash, giftcards, etc whatever we negotiated with the group).
If you failed the BMI or blood pressure criteria, you have the option to show improvement in your BMI over the course of a period of time.
If you smoke or can't/won't improve your BMI or blood pressure you immediately fall into the third ring which involves third party programs that you have to prove you attended. Some of which include achieving a particular goal at Weight Watchers, smoking cessation programs, Walkadoo, etc.
> ... most of the drive to implement these programs were not nefarious.
Nice choice of words there; that would imply some of the drive was nefarious.
In my case they wanted all the usual vitals (height, weight, blood pressure), along with a couple of blood draws... and if you started reading the little thing you signed along with it, it was unreal what you were signing away. I had co-workers getting calls from the insurance companies nurse practitioners wanting to discuss their vitals. You're basically talking a turnkey Gattaca scenario.
If the intention is truly just to make people aware of potential health risks, partner with GPs and have them do the conversation. I'd be much more comfortable with a "firewalled" abstraction layer between me and the insurance company that doesn't allow for any data sharing.
Insurance companies are strongly incentivized to make the catastrophes they insure against less likely to happen. Car insurance companies are the force for safety engineering in the automotive industry. Property insurance companies audit safes and alarm systems and require that policyholders use good ones. The FDIC is pretty strict about the behavior of its covered banks. Hell, go look at your household appliances and light fixtures - UL is Underwriter's Laboratories.
It makes perfect sense that health insurance companies become the force for healthy lifestyles.
This topic came up for debate recently and the American people chose to stay the course of addressing healthcare through for-profit insurance companies. Why should those companies not act in their self-interest to reduce risk?
> It makes perfect sense that health insurance companies become the force for healthy lifestyles.
Insurance companies are incentivized to promote lifestyles that have less healthcare expenses. This often maps to "healthy lifestyles", but that is not universally true.
> Why should those companies not act in their self-interest to reduce risk?
Because we probably want people to quit smoking and eat better, but those activities cause people to die faster[1], which is cheaper for insurance companies.
My employer MITMs my https sessions. The result is that I can not use Firefox to google stuff or use any site that uses HTTP Strict Transport Security . And since we are still on Windows 7, we end up using IE which is a pain in the ass.
Some of those 'security' platforms are pretty terrible.
I can't remember which vendor it was, but at least one of them was accepting invalid certificates, and re-encrypting the traffic with its own certificate chain. Completely hiding any errors that should have been visible to the end users.
I've noticed some popular Windows anti-virus software doing similar things recently. Trying to check one of our own (HTTPS/HSTS enabled) sites after a report from a customer suggested something might not be set up ideally, we looked at the certs showing on someone's laptop and it turned out their anti-virus had rewritten the whole thing anyway.
I understand why some scanning tools decrypt SSL traffic and effectively MITM their own system so they can do their job, but when this results in rewriting the chain of credentials to use some phantom authority that isn't who you originally thought you were talking to, that seems a significant downside.
I work at a school whose Wi-Fi requires you to install some suspicious software, I mask my browsers user-agent to pretend I'm on a platform that software does not run on, stops them from nagging me. Now I am on a platform they can't support anyway (Linux).
Granted, I work at a remarkably lax institution that cares more about getting the job done and less about managing our lives, but these are habits I picked up working in Silicon Valley and I couldn't even imagine the kinds of perpetual monitoring that some of my friends from college have to put up with.
Nobody cares about how long I'm in the bathroom. They like the software I write. And then we all go home at 5.