They can definitely log the websites that you visit, because the HTTP requests will be sent in cleartext to their proxy server. Whether they are doing this or not is another question, because it is somewhat of a chore.



At a basic level, they will only be able to link your computer's MAC address to the sites that are being visited. So unless your surfing pattern clearly identifies you, these requests are somewhat anonymous but repeatedly linked to a specific machine.



Now on to the question of email. Unless you are viewing an email website such a gmail or hotmail over a secure connection (such as TLS, "https:\\"), yes the emails are plain and clear for all to see. If you are connecting via an email client such as Mail or Outlook, make sure that in your connections settings you have set up the encryption scheme that your mail provider offers. Either of these methods will disguise the mail packets being sent to the mail server.



However, there is one more gotcha. If the company is decoding security certificates at their proxy server. They can still read your emails even on an encrypted website. To see if they are doing this, click on the website's favicon (little icon) while you are on the website (in firefox) or the key symbol in IE. Look for who the certificate is issued to as well as the originating server. If you see your company's name anywhere there, it means they are attempting to decrypt employee traffic.



The best way to protect yourself is to run your own VPN server and actually connect to your own internet connection at home.



If you can't run your own VPN server, I recommend hotspotVPN, it costs $8.88 per month and encrypts all of your traffic at a software level.

http://hotspotvpn.com/

If you're accessing your work's internet connection with your computer, then yes, there is the possibility that they may have something in place to monitor all activity that goes through their connection.



I guess you can always ask who ever is in charge of that in your workplace and hope they give you a truthful answer.



But when you're at work, you should be working right? Not doing personal things on your computer. Unless it's like during your lunchbreak time or something like that.

Yes I believe so because you will be using their internet to access these files. However, if you're using a personal laptop on personal time (i.e. your break), it shouldn't be a problem because I think even if they do know that you accessed ebay or email, they will also be able to look at the times too. Just make sure it's nothing inappropriate of course ;-). Hope this helps!