We noticed an employee’s timecard timestamp didn’t match the time he actually arrived to work. We knew he arrived at 8:30AM, yet the timestamp showed 7:45AM. We thought he must’ve clocked in on the way to work, but we checked the gps capture and it showed he clocked in at the job-site.
I checked the audit log and the log captured the actual UTC time that the sync was performed, not the timestamp. This verified his timestamp was wrong and that something was amiss.
We did some poking around, asked the right questions, and found out that last year several employees were changing their device’s time, and then clocking in. Turns out, it was happening very frequently. We thought we’d devised a fool-proof system with timestamps and gps capture, but, obviously, we were mistaken.
As you can imagine, it’s caused quite a stir around here. The amount of loss via theft of time is incalculable and nightmarish. Quite honestly, it has our leadership group asking whether, absent a tamper-proof solution, this is the right platform for us. I’m an advocate for the platform so I’ve fallen on the sword and accepted responsibility for not being aware of this. I’m keeping my fingers crossed that Steve’s “band-aid” is sufficient but I think it’s something I’ll have to monitor daily.