Spying in the company

[kwiz117]

I am having a little [bIG] concern about my email in the Company.

We have an IT Department. They maintain an Email Server internally in Lotus Notes. Recently I have found out that some guys in the Department have access some of my very confidential emails related to the future plans of the Company.

I think they can do it as they have the Administrative Passwords.

I want to take the control of email from the IT Department and may be to outsource it to some other Company.

Anyone know any Company that I can contact for this? We have a registered Domain Name.

I prefer if that Company to be owned by a Foreigner. Any possibility of Hosting the Email Service outside Thailand?

How will it effect to the speed of accessing the Emails?

Even after I do that, do you think it is possible for the IT Department guys to do this.

or any one have any other ideas to overcome this habit of spying.

I am sure this will help some other readers as well.

Thanks

[Chiangmai]

sorry for not writing  fluent english   (i am french!)

as computer engineer there is wery few solution to your problem -  

1)  as you probably  have a local network with  several computer, you need somebody to administrate your system, make maintenance also  -  and his person will automatically have admin right  to the network  and to your computer

-  so in any case this person will be able to spy any file

if you do not trust your administrator,  look for a new one

the only solution of course is

--  retrict the number of person with administrative right

--  make the safety policy  (who have admin rigth - account name - password )  by writing    and check every month that the policy is operative

--  ask your (trustfull)  administrator to have record of login file (name of person, date, which file hasbeen accessed etc..) and request a writing report every month

in any case of spying - you will have to show some evidence to the spy or the wrongdoer

************

if you believe that you can not trust any network administrator,   you need to have a solution you may administrate yourself  with a minimum of computer skill

one solution should be

1) have a independant  laptop

2) open a special personal mail  account - completely independant from your Lotus notes network  

(CS-loxinfo-or any other  account for example -   but not hotmail or yahoo )

3) configure your laptop to access to this account directly

4) take care of this laptop  (account login with password, admin account of your laptop, )  and periodically  save your confidential information on CD  - and delete the information  from your laptop

5) connect just for dowloading the message

thern disconnect and work   then reconnect to send reply

*********

Sincerely, the true solution is to  find a trustfull computer administrator  - and to implement clear safety procedure with monthly report  -

Martin

[email protected]

[kwiz117]

Hi Martin

Thanks for your reply and never mind about spelling. It matters only to very few above average Native English speakers in this forum only.  

I appreciate your points.

Also agree in what you have said about the Network Administrator.

In the Company I work, it is not possible to change the guy. Reason is, he is the Programmer, Network Administrator and also the Systems Analyst and the Designer. I see this as a very unprofessional way of doing things and came across with so many unethical practices.

It is hard to replace him as he has worked for around 12 Yrs and also have built up so many links with some Other Managers. I am just the Finance and IT consultant protecting the Investors interests.

I exactly thought to do the suggestion that you have made in the bottom part of your reply. Let’s say I do all you have described. Notebook, Outside Email Accounts from CS etc.

Can you suggest any way to overcome below problems?

1. When I send an Email to another Employee in the Company then again the Email will go through the Internal Network as the guy I sent the Message will have access only to an Internal Email. I do not want to provide Notebooks and seperate email accounts to all Staff and Managers.

2. How to make use of the Company Domain name in the emails. We do not want to use a Domain Name like [email protected] etc..

Will Outside Hosting services will help to sort out this problem?

Ex:

a. Host the emails outside.

b. Can we share the Leased Line in the Network to send emails directly through the Host without duplicating any Email copy in our Server.

Thanks

[Guest IT Manager]

Depending on your O/S, why not set up your own server on your PC, with you the mail administrator, and then have an outside pop3 server, say via a web site or somethng like www.myownemail.com.

Sounds to me like you are being dicked by a Thai ######/Programmer who is a goose, which is quite prevalent as many natives think programmers are the bees knees of computing. They are the feet, not the knees.

I use a program called ARGOsoft email server which gives you 5 free accounts. If you need more go to Pro version, which is $88 and very secure. Good filtering and high level of security.

If you really want to tickle the IT mans nuts, d/l PGP 8.0 for windows, the freeware version, and encrypt everything. Really makes IT mans day.

[Zendesigner]

hy kwiz,

I'm an expat ###### / network consultant looking for a job. if you need to change to a trustworthy and secure system system. just PM me, we can talk.

Probably he is not spying but just not capable like so many systems and administrators i've seen here.

bart

[exchange1973]

Hi Kwiz117,

i'm also Softwareengineer, Systemdesigner and Net-Admin in one person. (But I don't sniff the mails of other persons ;-) ).

I can understand that it is really hard to replace the guy shortterm because he keeps all the systems going and he is the only one who can do so. But in longterm-view you should really replace him.

But the Adhoc-solution should be:

1. Encrypt everything you send! (Agree to IT-Manager, PGP is should be the tool of your choice!)

2. You are the head of the finance-department. Outsource the mail-services. Just say the TCO (Total Cost of Ownership) of the current solution are not adequate. But take care: Outsourcing is only easy going if it is only email-service we talk about. If there are public folders, knowledge bases and so on outsourcing is really hard.

You can also rent a dedicated linuxbased server to serve your mails and administrate it by yourself or a person you can trust. In Germany (i'm german) you can get a dedicated root-server for only €39,- per month. So set it up to support all of your company mailaccounts and arrange the change of the MX-Pointers to the new Server.

3. Don't agree to setup a mailserver only for your account or some accounts. Keep the TCO in mind and choose a coomon solution for all the mails.

Hope this helps a little!

Regards and greetings from Berlin!

exchange1973

[blabla]

hello,

Well, it's current this story.

There is some solutions who exist but they depend of one thing :

What is the policy of your firm?

Have you spoken about this problem with some others managers?

There is no need to point on the fact the sys admin can be guilty, better to speak about the a bad security, or something.

there is no need to outsource the mail server, you can have it in the DMZ, this is the usual implementation, but on a separate computer, with different rights, let the actual sys admin to do it, but ask for a linux system, and explain him all in logged, and yes ask to have the logs every month or every week, you will just ask anacron to send if to you automatically, like that he will be not able to modify the logs (ask also for the logs system, like that if he do something somewhere you will know it), in my opnion, better t oscare him (or to have very good proofs) than to make him upset, remenber you are a farang, and he is thai ... Save his face, just let him now you know.

If this solution (who cost only the price of linux 150 bht, and the price of an old computer a Pentium II at 150 mhz is enough) interest you, just PM me.

I will return to sing my message in a bottle

be back next week hehehehe

Sting

Roxaaaaaaaaaaaaannnnne

[kwiz117]

Hi

Thanks for all valuable replies.

Thought to discuss this matter with the Directors [owners] coz it is effecting them as well.

If they are interested to get one of you guys service to handle this situation, I will let you know by PM.

Thanks all.

kwiz

[erain]

Hi ....your solution is simple.....just host your mail to a different server and you keep the admin password. It can be done my chaging your MX record or hosting your domain name to a new server. I can provide you a 100MB server space for 10 US/ month  only , with Cpanel to control all aspects of your mailing system. If you are interested I will set you up in 72 hours ..

regards

eRain

[Chiangmai]

Looking  for a long term solution ?

Face and  solve THE PROBLEM  by looking for a trustfull admin !!!

**************

In such problem, with Lotus Notes, everything will be under control of your admin in any way (even your own connection password, mails and stored datas).

If your admin  is a expert wrongdoer, he will do things  in the way that you will never get any evidence to prove his wrongdoings -  

As for any alternative technical solution, your administrator will be involved in the process. On the contrary,  your admin will suspect about it.

Same remark if attempting to find the evidence of his wrongdoing by hiring a expert (James Bond 008 ?) .

Concisely, technical alternative is NOT a good solution in your case.  (your Lotus Notes system is working well; Lotus notes is a VERY GOOD and safe solution with many tools available for secure encrypted data exchange and management  - and you are able to find easely experienced people available in Bangkok)

Dont spent any money for any alternative solution (mail server, Unix server, DMZ, Firewall  etc.)

Face and  solve THE PROBLEM  by looking for a trustfull admin !!!

While waiting, I suggest you to find somebody as an "admin assistant"  to share his knowledge of the system step by step as Lotus Notes is very common everywhere.

And dont' forget to improve the basic security (office door locker ?, garbage paper ?,  safe for confidential documents ?  aso..)

Warmest regards

Martin