• OmanMkII@aussie.zone
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        The short answer for this is that an employer probably doesn’t give a shit about you watching youtube at work, but what they (by they, their IT/security teams) do care about is your account logging in from a new geolocation, or clicking a risky link in an unusual email. If the employer logs everything that occurs (which is required by a lot of areas such as PCI DSS for electronic payment) they can track who’s account was compromised, how it happened, exactly what was done by the actor, and how far it’s spread across the network - if at all. If no logs are kept, then it may as well have never happened.

        ETA: there’s a large difference between mouse tracking mentioned by the article and logging though, the former is rather unethical and I’d hope that it’s never used in the name of security, I sure can’t think of a use.