I support somewhere around 50 users doing both help desk as well as server administration. Just recently a manager was suspicious that their employee was automatically forwarding all of his (manager's) emails to their (employee's) personal email address. There have been two separate events that raised suspicion and they have no asked me to look into it.
As far as legality goes... in our state is is perfectly legal for an employer to look into any kind of information of an employee. By that I mean the laptop is company property, it should only be used for company purposes, and they have been warned.
The employee is very technically minded. He knows what he is doing and also has several friends that are employed as pen testers, hackers, etc. In other words, he has connections that could help him.
Does anyone know if this is even possible? It feels like a secret rule on the employers computer that is sending all emails bcc to the employee.
Any suggestions?