Smazz Posted November 5, 2012 Share Posted November 5, 2012 Earlier this year I was called upon by a young friend (mid 20s) to help him with his start up company. At first I was reluctant to agree to come on board as i was already critically tight with time in addition to both my parents being in very very dire health (Mother stroke, then fall- broken hip/wrist - Father cancer), as some of you would know I was absent from this forum for a good spell of time partly because of these circumstances. I really didn't think I would have the time to help my friend with his start up under even normal circumstances but then I thought to myself "well, you are going to find the time help the guy anyway for free so may as well just take him up on his offer for your time". You see, I am one of those people that CANNOT let my friends go without my help if I can at all assist. So I agreed, and off we go. Now that I got the sob story part out of the way, this is where things get a bit messy: I knew as soon as I would come on board other equity holders (there are 4 in total - myself, My friend who is majority owner, ITguy1 and ITguy2) ,the ITguy1 and ITguy2 would soon get noses bent out of shape considering I have probably 3x the expertise and experience as the balance of the other shareholders and this would come through probably not in the most subtle of ways. My young friend, majority shareholder, though having majority votes he defers to me on most business and strategic type decisions. Not to be crued but IT1 and IT2 equity holders don't have the experience or knowledge to strategically take the company where it needs to go. They are programmers and other than writing code and webpages they aren't a resource above that role. They did a fine job setting up the program. Yes, they want to be more than that but its just not there and thats not just my word but the majority owner's as well. Yes, we are all working for equity and equity alone. Fast forward to today where a lot of decisions have been made and as I suspected a lot of feelings have been hurt/insecurities surfacing. This is unfortunate but that is life and these things happen in business. Much of the framework of the business, mostly programming, legal etc was constructed before I came on board. My friend, majority owner is the specialist in the field the company is in however absolutely green when it comes to general business practice. He did not make any provisions or put safe guards in place should the IT equity holders be relieved from their duties (not relieved of their equity). I had just assumed he had taken care of this before I came on board unfortunately no. Without getting into even longer winded detail he has no knowledge of program passwords, backups etc etc. The server where the program lies is not even in his/company name etc etc. Critical stuff here considering the program is the major piece of IP that we have. Yes, legally, the company is the owner but as you could probably realize it would be a nightmare if something happened for us to try to get things back to order. So. Question #1 (again, sorry for the long story): How best to determine if the IT gents are reading the majority owners/CEO emails (which have been going through this company website email)? Much has been communicated by him through this email that they would not be too happy with and their recent actions confirm my thoughts they were probably reading his emails. I would be surprised if they don't have access (to the shock of the young maj owner) but i have to confirm some how. I am almost 100% certain this is the case however I don't have the IT expertise to prove it. Can any one enlighten me on the best practice to confirm my suspicion? As with most start ups this company is running on a shoe string budget till funding comes through. FWIW General info on the status of the startup: We have had meetings with many govt and university groups already, all conceding right from the get go that we have something of tremendous value on our hands. We have been asked to partner up with one university and we have a fairly substantial line up groups wanting to meet with us. I am just trying to get the house in order in a few areas before we take neck steps. Thanks for any guidance. We are also waiting some feedback from legal on this as well. Link to comment Share on other sites More sharing options...
ItsAValueTrap Posted November 5, 2012 Share Posted November 5, 2012 1- This sounds like a partnership where there will be much infighting. :/ 2- Anyways... to address your email problem. There are ways to lookup who owns your domain name and who is providing your web hosting and email services. Use a WHOIS lookup website. e.g. whois.net It will tell you what name is registered for the domain. You can find out which domain registration company was used. You can see what nameservers are used- you can figure out what web hosting company is being used for the domain. There are ways to figure out the MX records for a domain... this will tell you information about what email service is being used. For example, the WHOIS for this forum shows the following information: Domain name: cornerofberkshireandfairfax.ca Domain name status: registered Creation date: 2008/11/27 Expiry date: 2013/11/27 Updated date: 2012/09/12 Registrar name: Go Daddy Domains Canada, Inc Registrar number: 2316042 Name servers DNS 1 hostname: ns1.watermelon503.com DNS 2 hostname: ns2.watermelon503.com DNS 3 hostname: DNS 4 hostname: DNS 5 hostname: DNS 6 hostname: DNS 7 hostname: DNS 8 hostname: DNS 9 hostname: DNS 10 hostname: DNS 11 hostname: DNS 12 hostname: DNS 13 hostname: This forum is being hosted by this company: http://www.watermelonwebworks.com/ 3a- In general, you should not talk trash about other people over email even if they supposedly don't have access to the email account. Because some idiot will be dumb enough to forward said incriminating emails. 3b- In general, you probably should not talk trash about your partners. Link to comment Share on other sites More sharing options...
Smazz Posted November 5, 2012 Author Share Posted November 5, 2012 Thanks for the info. Unfortunately in life there are such things as realities. ie. it is not realistic for all people to fill all roles AND it sure would be nice to let the wind blow and lets all hope for the best but that's not too realistic nor the way things work. BTW, did I say any trash was talked? Trash does not have to be talked for people to get bent out of shape. If that is the first thing that would come to mind when you read that, ok, however when people are not working out changes have to be made. There was no trash talking here. Changes will be made. I didn't detail any specifics of what was communicated in the email because really - yes, that would be trash talking. You shouldnt assume such with the little that I wrote. In addition, the emails were not coming from me, not that i needed to state that but i feel you wanted to do a morality check so there you go. What was communicated was the type of information that gets communicated daily in business. Its not always nice to hear about if it is about you but, this happens. Again, I want to thank you for you time however I did ask about the emails in particular unauthorized viewing of emails. I do appreciate the help for info about domains etc but that information I already have. Re the servers, domain, I apologize if I was vague, we do know where they are who they are under - the point i was making is that I was surprised that they were not listed under the company. Again, not trying to be a prick here -just looking for some info. Link to comment Share on other sites More sharing options...
ItsAValueTrap Posted November 5, 2012 Share Posted November 5, 2012 1- The root of all your problems is that the partners don't get along. I have no idea how to solve that (I would lean towards having a single party being the controlling interest). 2- You could setup your email so that only you can read it. The easiest way is to get a gmail.com account (or other similar email service). Change the email address on your website to that email account. If you do this, then your partners are likely to figure out that they are not trusted. So... this just goes back to the root of your problem. If you migrate all your email accounts to Google's paid email services, then you can have emails point to smazz@yourcompanyname.com instead of smazz@gmail.com (if you are worried that the latter may look unprofessional). 2b- If you want your emails to be pretty secure then: - Make sure you control your domain registration - Make sure you control your email service (it may be bundled with your web hosting) - Scan your computer for viruses and keyloggers - Don't send email to other people. This sounds stupid but some people are dumb enough to forward emails that they shouldn't. - Make sure that physical access to your computer is secure. 3- One way to check if somebody else is reading your email is to have an IT friend send you an email with a hidden/invisible image in it. Some email clients will load that image (some email clients like gmail don't automatically do it). The web server that serves the image will have logs that track all the IP addresses that have requested the image. Based on the different IP addresses that request the image, you can figure out if there is more than one person looking at the email. But it is not foolproof. There is software (or a service) out there that does this but I don't know what it is called. but i feel you wanted to do a morality check so there you go Um... no. Link to comment Share on other sites More sharing options...
ItsAValueTrap Posted November 5, 2012 Share Posted November 5, 2012 Smazz, check your personal messages on this forum. Cheers! Link to comment Share on other sites More sharing options...
Smazz Posted November 5, 2012 Author Share Posted November 5, 2012 Thanks again. I will digest what you wrote. Again, appreciate your concern but not really looking for advice other than confirmation of reading of emails which I see you have addressed thank you. There is a controlling interest in the company. I believe I did mention that a few times. That is not the problem. There really isnt a huge problem other than some hurt feelings going forward and a little extra work in the near future for myself and the CEO. Thank you Well done. Link to comment Share on other sites More sharing options...
maxprogram Posted November 5, 2012 Share Posted November 5, 2012 I am a "business person" and a programmer, currently running a small tech startup. One piece of general advice I have for anyone in a similar situation is this: no matter the equity split, in a tech startup like that the "IT guys" are always in charge. At least for the first part of the company's life. Then as the company grows, strategy, sales, mgmt, etc. will take a bigger role. Also, on a related note, when giving out equity (especially anything >5%) always do vesting. So, promise them 10% or whatever but space it out over 1-2 years. Obviously this won't help Smazz now, but I just wanted to put it out there. Re: email. It depends on what email system you are using. If you're using something like Google Apps you're probably right -- they could easily get access to your email. You just need to find a way to get control over the server (like ItsAValueTrap recommended). If they have control over it and that's where your email goes through, they can have every email sent to your address forwarded to another and you'd never know. Know you're not looking for this advice, but I'm giving it anyway: Make up with the IT guys, work something out, and come to a compromise. You may have already tried but that's the only good solution. Sounds like they are in control short of legal action. Link to comment Share on other sites More sharing options...
rkbabang Posted November 5, 2012 Share Posted November 5, 2012 If these guys set up the company email servers they certainly have access to all of the emails that pass through it. I’m not sure there is anything you can do to know for sure that they are reading them, unless they fall for the picture trick above. Email is an inherently unsecure form of communication. Treat it the way you would shouting from office to office in a crowded office building. For important business, encryption should be used. PGP / GPG type encryption should be set up. This way even if unauthorized people copy or view the emails they can’t read them. Back in the early 2000s a person close to my wife's family set up his own ISP & webhosting company and gave many of the people in our family free email accounts. One day he tells someone in my wife’s family that his wife is cheating on him and proceeds to show him printouts of email exchanges and chats on myspace. He was not only reading all of her email, but used access to her email to get her myspace password to find the really good stuff on her. My wife and I discontinued using those email accounts immediately after that. I use gmail now and while I have no doubt that there are Google employees who have access to the gmail database I feel safer being lost in the millions of gmail accounts rather than having someone who knows me personally with access to my info. In the corporate environment the IT guys will have access to the email. That is a given, and precautions should be taken. I also know someone who works for an insurance company selling insurance and he was reprimanded for something he wrote in a personal email using his company's email account. He, like many, was under the false impression that email is private. It isn’t. Link to comment Share on other sites More sharing options...
Guest deepValue Posted November 6, 2012 Share Posted November 6, 2012 Coming to an investing forum with a question on internet security probably won't yield the best answers. Try http://www.neowin.net/forum/ Link to comment Share on other sites More sharing options...
meiroy Posted November 6, 2012 Share Posted November 6, 2012 There are plenty of ways for the IT guys to read your emails and monitor any activity while you use your computer including visually seeing what you see and capturing keystrokes etc. Considering these guys set things up, the only thing you could do at this point is take the communication completely off the company's network and computers. Make new email accounts with password as they probably have these by now. Do not leave around any gadgets that might be used to access these accounts. I'm not going to comment about what this means business-wise at this point. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now