Saturday, February 20, 2010


IM was one of the toughest applications to monitor for a long time. The nature of IM messages could be likened to “fire and forget,” as they behave almost as random packets through a network. The problem was exacerbated because the employers generally did not control the IM servers or the clients.
It was in 2002 that applications were created which successfully monitor IM applications and content. These applications were implemented largely to comply with certain U.S. Securities and Exchange Commission (SEC) requirements about keeping logs of all transactions between brokerage houses and their customers. As IM is generally not a big bandwidth hog, it is usually not monitored to conserve bandwidth. IM can become a productivity drain if a
person is spending a considerable amount of time each day chatting with friends and colleagues.
Facetime is probably the leader in monitoring IM communications within an organization. The Facetime product allows records to be kept of all IM activity, important not only in SEC-regulated businesses, but also in government agencies which are obliged to keep copies and archives of all communications
as public records. Vericept is another product with all-purpose monitoring capabilities, but focuses largely on its ability to monitor, block, and record IM activity. For organizations looking to not only block and monitor but also have a secure IM tool for internal communications, Communicator Hub is a proprietary IM tool that uses encryption to keep the contents of the IM secure from prying eyes.
General Monitoring (Sniffing at the Client) Tools So far, the tools mentioned have largely been for an organization to monitor one particular type of personal Internet abuse. In general, these tools have been installed at a server on the network where it is able to snoop on traffic as it passes points in the network. However, there are a series of more powerful tools available for almost total user computer monitoring, classified under the heading of general monitoring tools. These tools are installed at the client and can create a record of almost everything a user does with the computer.
Keystrokes are monitored and recorded, as are mouse movements. Snapshots of the screen can be taken frequently, in some cases as often as every second. The records can be written to a central database on a server, or they can even
be e-mailed to another account. These tools are often the subject of unsolicited commercial e-mail messages, targeted at people who suspect a spouse of infidelity or want to keep a close eye on children. However, these products are also targeted at businesses where complete records need to be kept before disciplining or terminating an employee, such as in cases where there is strong union support for worker rights.
Winwhatwhere is probably the original instantiation of this type of program. It has gone through several iterations and is marketed largely to businesses that need to do certain types of monitoring. There are a plethora of programs targeted at individuals suspecting family problems over the computer, including Spy Agent and eBlaster. Managers are often surprised at the sheer amount of data these programs provide. They can tell every program that is run, and for how long it was used. They can also tell every key that was pushed (and subsequently erased). This is often more information than a manager really wanted to know, so one should carefully consider the implications before implementing a general monitoring tool. Depending on the organization, employees may react strongly to such total monitoring, as discussed in the following section.

No comments:

Post a Comment