Protecting companies from hourly employees
-
@Dashrender said in Protecting companies from hourly employees:
No, the question is what do I do to protect my company?
The answer is ....
...nothing because you work in IT, which is not a department that can fix these things.
-
@Dashrender How are the employee hours being tracked / reported? Do the managers have access to review their "punches" on demand?
-
@scottalanmiller said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
@scottalanmiller said in Protecting companies from hourly employees:
@DustinB3403 said in Protecting companies from hourly employees:
To disallow users to sign in, you could use time restrictions and GPO.
But this time that the employee is still trying to sign in is still "payable time". Of course, at that point management would slap the employee, and hopefully the issue would stop occurring.
Yup, that's an issue. They could try to log in, try to fix their phone, put in a ticket for IT support... all billable time.
huh, Yeah I don't agree with these things - under the huge assuming that management doesn't know that they are doing these things. Sure once management knows - then tells them to stop or be fired.. sure then the company owes them, then fires them.
You don't agree but you can say that about anything. Took a call but didn't make a sale, then I say you weren't working. Got to your desk and your computer was broken, you weren't working. You can not agree all you want, but in the world of "employees can work without permission", the absolutely anything is working if they want it to be.
There you go. again the rub - and now you just have to go to court to have them decide what is and isn't work. Then fire the employee anyhow because they are breaking HR policy.
-
@Danp said in Protecting companies from hourly employees:
@Dashrender How are the employee hours being tracked / reported? Do the managers have access to review their "punches" on demand?
yes. they have the ability to look on demand.
users can not punch in from home, or any IP that does not belong to our network (actually it's even more limited than that, but you get my drift). -
@Dashrender said in Protecting companies from hourly employees:
@scottalanmiller said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
@scottalanmiller said in Protecting companies from hourly employees:
@DustinB3403 said in Protecting companies from hourly employees:
To disallow users to sign in, you could use time restrictions and GPO.
But this time that the employee is still trying to sign in is still "payable time". Of course, at that point management would slap the employee, and hopefully the issue would stop occurring.
Yup, that's an issue. They could try to log in, try to fix their phone, put in a ticket for IT support... all billable time.
huh, Yeah I don't agree with these things - under the huge assuming that management doesn't know that they are doing these things. Sure once management knows - then tells them to stop or be fired.. sure then the company owes them, then fires them.
You don't agree but you can say that about anything. Took a call but didn't make a sale, then I say you weren't working. Got to your desk and your computer was broken, you weren't working. You can not agree all you want, but in the world of "employees can work without permission", the absolutely anything is working if they want it to be.
There you go. again the rub - and now you just have to go to court to have them decide what is and isn't work. Then fire the employee anyhow because they are breaking HR policy.
That's why HR policy is a must. While nothing in the US will ever protect you from being taken to court, HR policy is the sole activity that stands a serious chance of having a major impact and without one, is about the same as leaving it up to the employee.
-
@scottalanmiller said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
@scottalanmiller said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
@scottalanmiller said in Protecting companies from hourly employees:
@DustinB3403 said in Protecting companies from hourly employees:
To disallow users to sign in, you could use time restrictions and GPO.
But this time that the employee is still trying to sign in is still "payable time". Of course, at that point management would slap the employee, and hopefully the issue would stop occurring.
Yup, that's an issue. They could try to log in, try to fix their phone, put in a ticket for IT support... all billable time.
huh, Yeah I don't agree with these things - under the huge assuming that management doesn't know that they are doing these things. Sure once management knows - then tells them to stop or be fired.. sure then the company owes them, then fires them.
You don't agree but you can say that about anything. Took a call but didn't make a sale, then I say you weren't working. Got to your desk and your computer was broken, you weren't working. You can not agree all you want, but in the world of "employees can work without permission", the absolutely anything is working if they want it to be.
There you go. again the rub - and now you just have to go to court to have them decide what is and isn't work. Then fire the employee anyhow because they are breaking HR policy.
That's why HR policy is a must. While nothing in the US will ever protect you from being taken to court, HR policy is the sole activity that stands a serious chance of having a major impact and without one, is about the same as leaving it up to the employee.
And I accepted that 5 pages ago
-
@Dashrender said in Protecting companies from hourly employees:
yes. they have the ability to look on demand.
What about reports / automated warnings that get generated whenever an employee --
- is approaching 40 hours
- exceeds 40 hours
- etc
-
@Danp said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
yes. they have the ability to look on demand.
What about reports / automated warnings that get generated whenever an employee --
- is approaching 40 hours
- exceeds 40 hours
- etc
The issue is around people not reporting, though. So in the given scenario, no reporting system would help.
-
@scottalanmiller said in Protecting companies from hourly employees:
The issue is around people not reporting, though. So in the given scenario, no reporting system would help.
With an appropriate HR policy in place, the issue then becomes one of monitoring for non-compliance. It's the manager's job to know that the employee is / will be hitting OT if they continue working at the current pace.
Managements failure to monitor and take action becomes implicit approval for the employee to continue working and getting OT.
-
@Danp said in Protecting companies from hourly employees:
@scottalanmiller said in Protecting companies from hourly employees:
The issue is around people not reporting, though. So in the given scenario, no reporting system would help.
With an appropriate HR policy in place, the issue then becomes one of monitoring for non-compliance. It's the manager's job to know that the employee is / will be hitting OT if they continue working at the current pace.
Managements failure to monitor and take action becomes implicit approval for the employee to continue working and getting OT.
Again, that's not possible here. The issue is that it cannot be monitored and it is not reported. Partially because it is a made up problem that isn't happening today. It's a theoretical problem with theoretical unknowns.
-
Think of it a little like this...
when pigs fly, how will we predict when they will poop on us?
We really don't know the answer because we don't have flying pigs to observe first.
-
Scott is correct. Today users don't have access to log in remotely. But in the near future they will. The concern is that they MIGHT, might try to claim their remote access as working time.
As Scott said over 5 pages ago... this is an HR issue - That said, we can definite put reports and logging in place to report when people are logging in from unknown places, or equally weird, logging in outside their work schedules (7 AM - 5:30 PM).
So yes, the boss can watch these logs and nip in the bud before it becomes a real problem, or fire them if they don't change their actions.
-
-
@Dashrender said in Protecting companies from hourly employees:
So yes, the boss can watch these logs and nip in the bud before it becomes a real problem, or fire them if they don't change their actions.
The questions would be...
- The boss that can't be bothered to have a policy (we assume) will sit around watching logs every day?
- The boss will create a process by which they are legally responsible for knowing if people are logging in and determining if they are working? Sounds like they are creating liability rather than removing it. Employees will claim that the boss must have known, since there is a process for them to know, therefore it was approved.
- Will the logs be useful? Will there be good, easy to read logs that show actual login correlation? Maybe, but that will be a lot of effort.
- Will false positives be an issue?
- Will false negatives be?
-
@scottalanmiller said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
So yes, the boss can watch these logs and nip in the bud before it becomes a real problem, or fire them if they don't change their actions.
The questions would be...
- The boss that can't be bothered to have a policy (we assume) will sit around watching logs every day?
- The boss will create a process by which they are legally responsible for knowing if people are logging in and determining if they are working? Sounds like they are creating liability rather than removing it. Employees will claim that the boss must have known, since there is a process for them to know, therefore it was approved.
- Will the logs be useful? Will there be good, easy to read logs that show actual login correlation? Maybe, but that will be a lot of effort.
- Will false positives be an issue?
- Will false negatives be?
There is a policy - please - I don't know where the idea that there is no policy came from.
Now, that said, just because there is a policy... -
@scottalanmiller said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
So yes, the boss can watch these logs and nip in the bud before it becomes a real problem, or fire them if they don't change their actions.
The questions would be...
- The boss that can't be bothered to have a policy (we assume) will sit around watching logs every day?
See above.
- The boss will create a process by which they are legally responsible for knowing if people are logging in and determining if they are working? Sounds like they are creating liability rather than removing it. Employees will claim that the boss must have known, since there is a process for them to know, therefore it was approved.
Now this is a great point!
- Will the logs be useful? Will there be good, easy to read logs that show actual login correlation? Maybe, but that will be a lot of effort.
Sure, they could at minimum show that sucessful logons were made outside of the employees allowed hours - discipline.
- Will false positives be an issue?
Absolutely they could be - hopefully only in so much as showing failed logons, if an employee claims they didn't attempt (and succeed) at logging in, how we have a breach/known password issue
- Will false negatives be?
Absolutely possible because of hackers attempting to logon.
-
@Dashrender said in Protecting companies from hourly employees:
@scottalanmiller said in Protecting companies from hourly employees:
@Dashrender said in Protecting companies from hourly employees:
So yes, the boss can watch these logs and nip in the bud before it becomes a real problem, or fire them if they don't change their actions.
The questions would be...
- The boss that can't be bothered to have a policy (we assume) will sit around watching logs every day?
- The boss will create a process by which they are legally responsible for knowing if people are logging in and determining if they are working? Sounds like they are creating liability rather than removing it. Employees will claim that the boss must have known, since there is a process for them to know, therefore it was approved.
- Will the logs be useful? Will there be good, easy to read logs that show actual login correlation? Maybe, but that will be a lot of effort.
- Will false positives be an issue?
- Will false negatives be?
There is a policy - please - I don't know where the idea that there is no policy came from.
Now, that said, just because there is a policy doesn't mean that management is following and enforcing the policy.I completed that for you so there was no ambiguity.
-
-
@Dashrender said in Protecting companies from hourly employees:
There is a policy - please - I don't know where the idea that there is no policy came from.
Now, that said, just because there is a policy...Because if there is a policy, why is the manager asking to do this? We were giving her the benefit of the doubt.
Also, you said that you were unsure if there was a policy, so there was no reason to assume that there was one.
And I didn't state that there was not one, only that we had assumed that there was not given the history, information at hand and actions.
Have you seen the policy? Does it say what is needed?
-
@Dashrender said in Protecting companies from hourly employees:
- Will the logs be useful? Will there be good, easy to read logs that show actual login correlation? Maybe, but that will be a lot of effort.
Sure, they could at minimum show that sucessful logons were made outside of the employees allowed hours - discipline.
So a cell phone connects automatically, do you discipline for that? You can, of course, but it is really weird.
