Inappropriate use of computer systems
A routine scan of a client’s computer network by Deloitte revealed the presence of pornographic material on a number of computers. This raised immediate questions as to the origin of the material as the client already had strict web-filtering in place.
How was pornographic material arriving on the network despite the filtering processes in place? Was any of this material illegal in nature?
• Analysis of proxy server and web-filtering system to determine current status.
• Imaging and analysis of computers found to contain pornographic material.
• Retrieval of intact and deleted web-mail and Internet chat traffic between users of the computers.
• Analysis of inappropriate material to determine legal status.
• A senior IT administrator was using his privileges to bypass the web-filtering equipment to access pornographic and other inappropriate material on the Internet.
• Another administrator had allowed other users access to his username and password to allow them uncontrolled access to the Internet.
• The first IT administrator was dismissed after disciplinary action.
• The second IT administrator resigned after receiving a formal censure after disciplinary action.
• Three other employees were disciplined according to normal disciplinary processes.
• After discussions with police, it was determined that no “actionable” legal material was found on the computer.
While unpleasant and a serious legal threat to companies, access to conventional pornography is not banned in Irish law – in fact, current interpretation of EU employment law would permit users storing such material on business computers (ref. J. Mehigan –v- Dyflin Publications, Employment Appeals Tribunal, 2004). It is crucial, therefore, that companies put in place clear guidelines about employee use of email, web and other Internet services. Deloitte has advised many companies and organisation in devising and implementing effective acceptable IT use policies.
Page Last Updated