Monitoring Employees' Windows-Based Computer Activities

Try a discussion with employee before monitoring his/her activities

Q: I suspect an employee is doing some monkey business on his Windows-based work computer. Can I investigate the activity? Where do I begin?

A: Generally, yes, you have the ability to investigate work-related activity on Windows-based computers at work. There's a key question you need to consider before you investigate: Do you believe this "monkey business" involves a law being broken? If so, you should contact law enforcement before you do any research or investigation at all.

Ways to Monitor User's Web Activity

If you decide to move forward with your own investigation, the best place to begin is with an analysis of the behavior. For example, if you believe web surfing is involved, consider monitoring the user's web activity from the proxy or router or deploying a Group Policy that configures Microsoft Internet Explorer (IE) to retain logs. If the user might be accessing data outside his or her defined role, auditing and network logging on the client and server are easy to set up through Group Policy and will quickly reveal the truth.

Wasting Work Time is a Common Investigation Target

One of the biggest investigation targets I see is based on complaints of users wasting time on personal websites, games, and other non-work activities. My suggestion here is generally to have a discussion with the employee before monitoring his or her activities. More often than not, the behavior stops with a strongly worded caution.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.