Can I.T. check what I am browsing on public wifi in Office

thejourney

I have an office computer that I sign into and has blocked all social media etc. I use a special wifi for this connection. This is not the problem.
However the company I work at has public wifi which also has a password for visitors. I use this for my phone so i can access google for messages, private emails. There are 70 people working in the office.

I would like to know if IT can see what I am searching on my mobile using google or my private computer on the public wifi. I know IT are busy and probably don't care but I would Like to know if its possible. Also there are no Terms and conditions when I signed into the public wifi for the first time.

Thanks

BKtje

Whoever is running the public Wi-Fi can if they so wish. If your employer is then yes, if it's run by a third party then it depends on the agreement in place.

Technically the person with access to the router could see what you're looking at, at a minimum they could see what domains/IP addresses you're connecting to. If the sites you're visiting are over HTTPS then they would need to preform some sort of MiTM attack to see exactly what you're doing.

testicles

This post has been deleted.

smelly sock

Eh not so sure regarding the above.

Who is providing the WIFI pipe? The line to the connection?

If they don't have any monitoring system sitting on the wifi then they will find it hard to see who is browsing what. Especially if you dont have to sign in to access the web.

If it's an Eir line they would be able to check as that's where the traffic breaks out onto the internet.

testicles

testicles wrote: »

Or just look at the IPs / Certificates which will give you the domains.

Sorry what? I said they can see what domains/ips he's accessing on both HTTP and HTTPS but seeing the actual traffic if its HTTPS is a different story.

Maybe that's not clear when I say "exactly what you're doing"

Permabear

This post has been deleted.

smelly sock

Permabear wrote: »

This post had been deleted.

What kind of authentication do you use for connecting to the public wifi? Thats they key here really. If using 802.1x they can see when you connected etc but still wont be able to what your looking at. If using mac filtering they will also be able to see when you were connected but not what you were viewing. Did you connect via your private device or with one of their devices? I presume you have deleted browsing history etc.

Anyway as i have said probably no need to worry. Very unlikely they will ask the isp for internet records. Very unlikely the isp would give them these records as they would have to thrawl through millions of entries and match them again the public ip of the connection. And almost impossible for your company to match these records to any individual

wandererz

If they have internal web filtering then it's relatively easy to expand that filtering to the free/guest SSID that they provide.
Even if they are not enforcing a policy on this wifi network they can still log and report on the traffic.

That typically means source IP, destination IP, URL, time etc.

Very rarely do they actually log what you actually do. This costs time, money and various other resources.
And the majority of Irish companies won't go to that expense.

If they are monitoring and you have accepted their certificate then they have more insight into what you are are doing on encrypted channels such as HTTPS.
In this case they can intercept your traffic, inspect it, action it, re-encrypt it and then send it on it's merry way inbound to you or outbound to the destination server.

If a company is monitoring and perhaps also doing MITM type inspection of https traffic then they can see (for example) what videos you've uploaded or viewed on YouTube, what files you have uploaded or downloaded to/from Dropbox/ Google, possibly what search queries you have made on Google, Bing, Yahoo etc.
Those are just examples, but hopefully you get the idea.

It's all possible but whether they have the time, budget and resources to do it is a different question altogether.

As i said above "the majority of Irish companies won't go to that expense".
The majority are essentially clueless and are dictated by their CFO's/Finance departments and so are severely restricted in terms of what they can implement.