What is key logger?
Software and hardware intended to secretly track the activities of PC users have become widely spread recently.
Administrators (information security departments in enterprises and organizations) use approved monitoring software products (key loggers) to control the security of their local area networks. They make it possible to record users' activities, processes, the use of passive objects, and also undoubtedly identify users and processes that are related to certain events in order to prevent security violations or ensure unavoidable responsibility for certain actions. It is this feature (depending on the level of its implementation) that makes it possible to control that users follow the rules of secure work with computers and security policy accepted in organizations.
There is a very subtle difference between security monitoring products and spyware products - the difference is between security management and security violation.
The presence of the following special features turns a monitoring product (key logger) into a spyware one:
- the prior configuration of the monitoring module (client, agent, etc.) and getting a «ready-made» executable file that neither displays any messages nor creates any windows on the screen during its installation;
- built-in tools for the delivery and installation of the configured module onto the user's computer.
For the product to be of little use for spy purposes and unauthorized use, the following conditions are to be observed:
- installing and configuring the monitoring module only during a direct physical contact with the user's computer;
- obligatory administrator rights for installing and configuring the program.
Exceptions here are cases when the plotter is the administrator for instance.
It should be mentioned that the legality or illegality of using monitoring (and spyware and key logger) programs depends on the legislation of each particular country (or administrative unit, i.e. state, autonomous republic, etc.) and also on following the rules of using these programs prescribed by the law.
What key logger software is used for.
Their use gives quite wide opportunities to a specialist responsible for the information security of an enterprise. He can do the following:
- detect all attempts of unauthorized access to confidential information with the exact time and network workplace this attempt was made from;
- detect unauthorized software installation;
- control the use of personal computers in non-working time and find out the aim of this use;
- detect all cases of the unauthorized modem use in the local area network by analyzing the facts of launching special applications installed without authorization;
- detect all cases of typing crucial words and word combinations, preparing any crucial documents handling which to some third parties will * lead to material damage;
- detect facts of unsuitable PC use;
- get reliable information according to which the information security policy of an enterprise will be developed;
- control access to servers and personal computers;
- control his own children when they are surfing the Net;
- perform information audit;
- research and investigate computer incidents;
- perform scientific research related to the accuracy, quickness and adequacy of the staff's responds to external influence;
- determine how loaded computer workplaces are in the enterprise;
- restore crucial information after failures in computer systems, etc.