Employee Computer Surveillance

Many of us know that EPA has a policy allowing limited use of EPA's computers for certain personal activities. As a result, many of you do the occasional personal web surfing, check your personal email, or check Twitter or Facebook. EPA's policy notes that the policy is "to provide you with a professional and supportive work environment while meeting taxpayer expectations that tax dollars will be spent wisely."

The policy allows "limited personal use ... during non-work time:

  • if it involves minimal additional expense to the Government;

  • if it does not reduce your productivity or interfere with your official duties or the official duties of others;

  • if you are already authorized to use the equipment for official Government business; and

  • if it is legal and appropriate."

What you may not have considered, however, is that EPA is looking over your shoulder while you're doing that limited personal use. EPA may be viewing the Facebook accounts that you view, the tweets that you view, your emails and photos, and anything else that comes over its network. So if one of your friends thinks it's funny to send you a nude photo to your personal email account, when that photo loads on your government computer, the government can, if it wants to, see that photo even though you did not save a copy. A copy of that photo is automatically saved, whether you want it or not, on your computer's hard drive web "cache" and can be used against you later.

Tools EPA uses or can use to monitor your activities include:

Our advice is that you significantly limit your personal use on your government computer. Use your phone. Use your personal laptop. Use your home computer. But keep your personal browsing and other activities off government computers as much as possible. Put a cover over your laptop camera.  Mute your microphone.  But keep in mind that there are workarounds where the agency can activate the microphone against your wishes and record each keystroke you type.

If you're focusing on your work rather than on personal surfing, you're fine. But it's good to be cautious. Just because you're paranoid, doesn't mean they're not out to get you!

 

Beware: Computer "Ransomware" Impersonates OPM

According to Phishme and Fedscoop, there's a new piece of computer Malware that can infect your computer that appears to come from the U.S. Office of Personnel Management. According to Phishme, the thieves send an email to unsuspecting users "that cite[s] the purported detection of 'suspicious movements' in the victim’s bank account that were detected by the US Office of Personnel Management." The emails ask the recipient to "examine the attached scanned record," which is a file that, if opened, infects the recipients computer.

The Malware, dubbed "ransomware,"....

Read More