How We Safe Guard Your Privacy

During the Pandemic, BBC Click published this video (below), which discusses how some companies are using technology to spy on their employees who work remotely. Sadly, some businesses continue to do so.

It got us thinking: no IT support company publishes a transparency document. At Kimbley IT, we want to be completely transparent and let you, the people we look after, know exactly what we can do and see on your devices. This blog post is our transparency document. 

On company-owned devices, we install a few bits of software; we don't install any software on devices you own (unless you agree) - but even without our software installed, it does not mean you are invisible to us if you use your own computer. 

Remote Access

The software we install on company devices is used to access your computer quickly, to assist. The software also helps us install updates to the software running on your computer to keep it safe and secure. For this to function, your computer must report information to us, such as when the computer is turned on, what the hardware configuration and software are currently installed, and who is now using the computer. 

Web Filtering

The software we install on company devices filters what websites you can visit online, both in the office and outside. It blocks the obvious; porn, abuse, alcohol, drugs etc., as the business you work for has a duty of care to you. Generally, we do not block any more than the legally required categories. Your company computer does report back every website and service your computer connects to - mainly to keep you secure from hacked websites in real time. For people who are using their own devices, when you are on your company’s WiFi, your internet will also be filtered, and we can deduce which websites you have visited while you are on the company’s internet. However, apart from knowing you visited a website, we do not see or know what you did on the website. This is the same level of reporting your internet service provider receives, and they don’t tell you.

Emails, Documents and Data

We can reset the password on your Google Workspace account. Doing so would allow us to access your whole account and everything contained within. If your password gets reset, you will get an email alert. 

We never reset the password to access your account without a good reason provided by your employer - and where possible, we will suggest other routes for them to take that don't require access to your account. The most common reason for a password reset is that you have gone on holiday and forgotten to grant access to essential documents to fellow team members who urgently need access to them. We suggest the employer contact you first, but if they can't, a password reset will be performed. 

In the rare occasions data needs to be recovered from your account, there is a self-service portal that you can use to recover your data. However, if you need our help, we will be able to see the contents of the information you need to recover.

Our e-Discovery system, which is generally used for administrative purposes, such as legal proceedings and HR investigations, will reveal all data in your account, even data you may have deleted. This system has only been used a handful of times in the last decade. When an employer wants to use the system, we will always push back for a valid reason; only if one gets provided and there are no alternative options will they be granted access to use the system. 

Of course, we will abide by any warranted requests by law enforcement to access your account, so please don’t do anything illegal with your work account.

Spying on your use

The BBC Click video, which spurred this article, talks explicitly about employers wanting to spy on their employees with hidden software. We have never been asked by any client to install spying software. If we were requested - we would outright refuse. We won't install secret software that invades your privacy.

PolicyKimbley IT Teampolicies