I am with this company that are making all sorts of stupid moves, they might go out of business soon. Anyways, the company fired my supervisor and made this dweeb who is not even IT to begin with, the head of the department. I was trying to invoke a security policy around the office and was given the okay to at least put an admin password on everyones computers. Problem then, all the head honchos got pissed off and demanded the admin password so they can download whatever they want on their office computers. I do know for a fact that my boss and a few others do that whole outdate p2p and torrenting with seeding totally everything they stole. This guy who now is the person I report to, I over heard employees asking for software I KNOW we do not have product keys for to install on their computers, he is agreeing to this. I have already been searching for a more Sane IT job. Can I get in trouble for this? Even if say I leave the company and they get busted down the road (It is so going to happen).
ABQ? Albuquerque? If I was you, I would start gathering email records and anything else you can in written form (paper or electronic) to cover yourself and show you were trying to prevent these things from happening. Then get the hell out of there. I work for a big US company at one of their UK sites and they push ethics, security, etc, down our throats on a regular basis and make us do online courses all of the time. They have global (influenced by American laws, perhaps) policies we all have to adhere to. Their courses and policies give me the impression that the person who breached the security, laws, etc, is accountable. We are always encouraged to follow correct processes, notify relevant departments and competent authorities of any issues. It could all be a load of junk they have to do to cover themselves and be compliant with x, y and z security certification, business standards, etc. Keep notifying your manager(s) of any illegal or any unethical activities, shut down and block what you can, keep a journal of it all and copies of all correspondence (electronic and paper copies). Find a proper job with a sane company. I'm not sure they exist, though.
It sounds like if $%^ hits the fan, then you are going to be the fall guy.... companies are always doing backdoor stuff, then lay the blame on others....