IF they want to they can see everything your computer does on the company's network They own the server that sends the information to and from the Internet to your work station computer. Everything you do over the network is kept in a log file in the server. Erasing browsing history on YOUR computer does NOT erase it from the servers log file. The company's server will know your IP address as it is the one that assigns it to you.



Reality check. The IT department has too much to do go searching through the computers logs for web sites someone visits. They will do this only if asked to do so by the company bosses because of a problem or a court order.



The company should have an Internet policy in place for personnel to read. The same goes for e-mail. An e-mail log is normally kept because if the company is ever sued for any reason, the opposing lawyer may ask for correspondence from the company on that subject. You and your computer are considered part of the company and anything sent or received from it can be subject to review.

When you go through the central company 'gateway' it's there they can log ALL traffic; irrespective if it's over a 'secure' connection (https).

If the gateway is configured to, it can give you a self generated certificate; your browser sees it's an encrypted connection (& shows the padlock and "https" in the address bar).

Your traffic is decrypted at the gateway, logged, then re-encrypted, and sent to the Internet to it's destination, where that server 'sees' a valid secure connection (again, coming from the gateway), and then proceeds to behave as if it were only you involved.

All traffic goes to the gateway, encrypted, decrypted, logged, re-encrypted, and forwarded.



All this of course depends on whether or not Corporate has the gateway configured to have this behavior.



To ascertain your 'https' connection is not being proxied (and therefore potentially compromised a la 'man-in-the-middle' or corporate snooping):

double click the browser padlock indicating 'secure'> look @ the properties, and examine the 'chain of trust' or the 'certification path'; who's issuing the certificate, and so on. Untrusted issuing authorities, between the website and your machine would be an indication of some monkey business.

For example: a corporate environment or hotel, where the connection was using the gateway to issue certificates.

Yes, since it is their resource that you are using to connect and browse the internet, they have every right to monitor the websites that you use. Some companies can use this as grounds for termination. As to the level of detail that they can monitor, such as information entered into the browser goes, it depends. Things like banking websites use encryption to secure information transferred online, however, if your company has installed a keylogger on your system, they can monitor every word that you type.



Should you be concerned enough with your privacy that you need to hide everything that you do online while at work? Well your employer won't use your credit card information to commit fraud atleast, but you should be only using the company internet to perform work related to your occupation. Visiting non-work related websites can be a bad thing.

hey

they can see anything you type that is plain text like websites, chats etc the only thing that they cant see is any connection to a website that is https like login to gmail and anything else that uses cryptography