Originally posted here by Tiger Shark
We monitor anything we please..... Period!!!!

Our employees are warned at their orientation that nothing, I repeat _nothing_ you do on our company's network is private. I make the point that I can sniff every piece of traffic they send and receive across the network including their passwords. They are informed that every webmail server I can find, every AIM, IRC etc. is blocked at the firewall and that I am warned immediately connection attempts are made.

Am I a bit harsh in the policies I enforce? I don't think so for 2 reasons:

1. I work for a non-profit - I can't throw money at problems so I minimize my risk by removing the high risk items.

2. Folks, this is work...... You are being paid for it - not to go galivanting around the web or BSing with your friends.....

Lastly, someone mentioned "trust"...... Number one rule of IT security: Trust noone and trust nothing!!!!!
Couldn't have said it better. It's amazing how much non-productive traffic there is. I think HR should include a disclaimer to new employees AND contractors that all network activity is monitored. With that done, sniff away! If somebody feels strongly enough that they "should be trusted" by the employer, then they don't need to take the job.