This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

Inappropriate use of computer systems

Computer Forensics

Background: 
A routine scan of a client’s computer network by Deloitte revealed the presence of pornographic material on a number of computers. This raised immediate questions as to the origin of the material as the client already had strict web-filtering in place.

Concerns: 
How was pornographic material arriving on the network despite the filtering processes in place? Was any of this material illegal in nature?

Deloitte’s Actions:
• Analysis of proxy server and web-filtering system to determine current status.
• Imaging and analysis of computers found to contain pornographic material.
• Retrieval of intact and deleted web-mail and Internet chat traffic between users of the computers.
• Analysis of inappropriate material to determine legal status.

Deloitte’s Findings:
• A senior IT administrator was using his privileges to bypass the web-filtering equipment to access pornographic and other inappropriate material on the Internet.
• Another administrator had allowed other users access to his username and password to allow them uncontrolled access to the Internet.

Results:
• The first IT administrator was dismissed after disciplinary action.
• The second IT administrator resigned after receiving a formal censure after disciplinary action.
• Three other employees were disciplined according to normal disciplinary processes.
• After discussions with police, it was determined that no “actionable” legal material was found on the computer.

Comments:
While unpleasant and a serious legal threat to companies, access to conventional pornography is not banned in Irish law – in fact, current interpretation of EU employment law would permit users storing such material on business computers (ref. J. Mehigan –v- Dyflin Publications, Employment Appeals Tribunal, 2004).  It is crucial, therefore, that companies put in place clear guidelines about employee use of email, web and other Internet services. Deloitte has advised many companies and organisation in devising and implementing effective acceptable IT use policies.

Page Last Updated

Material on this website is © 2013 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/ie/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.

Get connected
Share your comments
More on Deloitte
Learn about our site