|
Software and hardware intended to secretly track the activities of
PC users have become widely spread recently.
Administrators (information security departments in enterprises and
organizations) use approved monitoring software products
(key loggers) to control the security of their local
area networks. They make it possible to record users' activities,
processes, the use of passive objects, and also undoubtedly identify
users and processes that are related to certain events in order to
prevent security violations or ensure unavoidable responsibility for
certain actions. It is this feature (depending on the level of its
implementation) that makes it possible to control that users follow
the rules of secure work with computers and security policy accepted
in organizations.
There is a very subtle difference between security monitoring
products and spyware products - the difference is
between security management and security violation.
The presence of the following special features turns a monitoring
product (key logger) into a spyware one:
-
the prior configuration of the monitoring module
(client, agent, etc.) and getting a «ready-made» executable
file that neither displays any messages nor creates any windows
on the screen during its installation;
-
built-in tools for the delivery and installation
of the configured module onto the user's computer.
For the product to be of little use for spy purposes and unauthorized
use, the following conditions are to be observed:
Exceptions here are cases when the plotter is the administrator for
instance.
It should be mentioned that the legality or illegality of using monitoring
(and spyware and key logger) programs depends on the legislation of
each particular country (or administrative unit, i.e. state, autonomous
republic, etc.) and also on following the rules of using these programs
prescribed by the law.
What key logger software is used for.
Their use gives quite wide opportunities to a specialist responsible
for the information security of an enterprise. He can do the following:
-
detect all attempts of unauthorized access to confidential
information with the exact time and network workplace this attempt
was made from;
-
detect unauthorized software installation;
-
control the use of personal computers in non-working
time and find out the aim of this use;
-
detect all cases of the unauthorized modem use
in the local area network by analyzing the facts of launching special
applications installed without authorization;
-
detect all cases of typing crucial words and word
combinations, preparing any crucial documents handling which to
some third parties will lead to material damage;
-
detect facts of unsuitable PC use;
-
get reliable information according to which the
information security policy of an enterprise will be developed;
-
control access to servers and personal computers;
-
control his own children when they are surfing
the Net;
-
perform information audit;
-
research and investigate computer incidents;
-
perform scientific research related to the accuracy,
quickness and adequacy of the staff's responds to external influence;
-
determine how loaded computer workplaces are in
the enterprise;
-
restore crucial information after failures in computer
systems, etc.
Version Comparison |
Child Monitor |
Personal Monitor |
Employee Monitor |
|
|
|
|
|
|
|
Delivery via FTP |
|
|
|
Files Transferred |
|
|
|
Application Filters |
|
|
|
Real-Time Remote Monitoring |
|
|
|
|
|
|
