RE: User rights in regards to policy violations

  • From: <oevans@xxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 12 Dec 2003 14:02:53 -0500

Basically, the rule of thumb is everything on the company's premise
belongs to the company.
This includes e-mail and any info on the hard.  As long as this is
stated clearly the the company's
policy you can check anything you want.


From: Marvin Cummings [mailto:mcummings@xxxxxxxxxxxxxxx] 
Sent: Friday, December 12, 2003 10:42 AM
To: [ExchangeList]
Subject: [exchangelist] User rights in regards to policy violations

Have a sticky situation where I'm asked to navigate through a users
email to see if I can locate any wrong-doings; ie replying to any spam
sent from "questionable sites". The mail is stored on the server and I
know this users password so I would like to know if there are any
implications that can come from me logging in as this user and viewing
his mail? It's my understanding that this user initially spearheaded the
campaign to have policy created to prevent users from accessing
"questionable sites" and viewing prohibited content, so it would seem
that he'd be aware of the consequences. 
This is a first for me and I've seen postings like this before so I'd
like to get an idea of how most handle these particular situations. What
procedures, if any, should be followed to ensure that the users rights
aren't violated or that the IT department doesn't come under fire?
List Archives:
Exchange Newsletters:
Exchange FAQ:
Other Internet Software Marketing Sites:
Leading Network Software Directory:
No.1 ISA Server Resource Site:
Windows Security Resource Site:
Network Security Library:
Windows 2000/NT Fax Solutions:

Other related posts: