Microsoft Lync Server Gathers Employee Data Just Like NSA 207
coondoggie writes "Microsoft's Lync communications platform gathers enough readily analyzable data to let corporations spy on their employees like the NSA can on U.S. citizens, and it's based on the same type of information — call details. At Microsoft's Lync 2014 conference, software developer Event Zero detailed just how easy it would be, for instance, to figure out who is dating whom within the company and pinpoint people looking for another job."
And why should you expect anything different? (Score:5, Informative)
If you're instant messaging someone on the company's IM platform on the company's time why the fuck would you have any expectation of any sort of privacy?
I know my company can see everything I can do when I'm logged on to their computer. This is part of the agreement I signed with them. It's also the reason why I don't do stupid shit on my company's network like look for another job or send out resumes from my company email address.
Oh wait, the outrage is because it's Microsoft. Got it.
Re:Assume all MS products are spying on you. (Score:5, Informative)
People should assume that with any means of communication they use in the workplace. There is no guarantee and should be no expectation of privacy when using an employer's systems.
Re:In related news... (Score:1, Informative)
It's the taxpayers' property, and the 4th and 5th amendments don't have an age limit.
Either get a warrant, or it's an illegal search. Case closed.
(I'm only replying because you are obviously the same person loudly and obnoxiously defending the corporate status quo above)
Re:Can see how own network, messaging is being use (Score:4, Informative)
We had an email go out saying that people were using Bittorrent from home over the VPN and to please stop since it's illegal and taking up bandwidth.
You guys need better network admins. Proper firewalling and proxying should block traffic like that.
Also, I shudder to think of the potential mess caused by allowing personal laptops to VPN in the first place.
Re:today. (Score:4, Informative)
Regulated industries (Score:2, Informative)
Companies in the financial sector - stock brokers, mortgage dealers, financial advisors and the like - are REQUIRED to archive and monitor their employees' work-related electronic communications, and must be able to demonstrate to regulators that they are actively doing so, or they face stiff penalties. The regulations are deliberately vague, but a general rule of thumb is that if an employee says something they're not supposed to say and the company's own compliance team failed to catch it, then they weren't doing enough monitoring and they can be fined.
Posting anonymously because I work for a company that specializes in communications archiving for the financial industry. And yes, we archive Lync IMs (and AIM and Facebook and Twitter and Salesforce Chatter and Instant Bloomberg and whatever else the kids are using these days, because if we can't archive it they're not allowed to use it).
It's just CDR records. It's not like it's a secret (Score:4, Informative)
Lync stores the info in two databases, LCSCDR and QoEMetrics. The first one has info on all sessions, other one has quality data. It's not like it's some super-secret database, MS has full specs in Technet, for example http://technet.microsoft.com/e... [microsoft.com] shows what's exactly stored in SessionDetails table.
Yes, such info *could* be used to do data-mining. Same info could be used to optimize least cost routing, gathering statistics on network performance, planning upgrades, and whatever you like. I've personally crafted a few reports from those DBs on how much folks are calling PSTN from Lync on various customer sites, so they can decide what is the priority in upgrading E1/T1 to VoIP-based PSTN connection.
It's not a conspiracy. Server admins can look at what kind of stuff you are doing on such servers.