SpectorSoft Spector 360 6.2 Offers New Features to Monitor Employee Internet Use

By Frank Ohlhorst  |  Print this article Print

With the release of SpectorSoft Spector 360 6.2, employers can monitor employee Internet use with new features to help with compliance issues.

Although SpectorSoft likes to use the innocuous word "monitor" when it comes to Internet access, there are many who would substitute "monitor" with "spy," and believe that watching another user’s PC activities amounts to an "invasion of privacy." But let’s be realistic here. Unless that employee owns that PC and the connectivity associated with it, then the employer has justification to watch or control PC use, whether we like it or not.

When it comes to Internet usage policy, most companies have three choices before them – to block access using filtering, to monitor access for policy violations or to turn a blind eye and hope for the best.

Further complicating the block/monitor/ignore dilemma is the fact that employee productivity can be greatly impacted by which path is chosen. What’s more, unfettered access to the Internet, e-mail, IM and other technologies could be a legal nightmare in the making, either from an HR point of view or intellectual property point of view. Solution providers may want to consider using another term to characterize monitoring – compliance. Many companies are being forced into the role of Big Brother simply because of current or pending legislation relating to compliance, such as PCI, SOX, HIPPA and so on.

Ethical arguments aside, a PC usage monitoring company’s real goal is to provide the best tools available for whatever path an employer may choose to follow, which is what SpectorSoft has been doing all along with their Spector 360 product, now in release 6.2.

The latest version of Spector 360 adds some new features that most employers will find appealing. For example, the product’s data handling capacity has been increased to meet the needs of large, multi-site organizations, such as school districts or government agencies. SpectorSoft leverages a SQL database to store the massive amounts of data collected by Spector 360, which includes all Internet activity, all e-mail, all instant messaging, and even all system activity – including screen activity.

Spector 360 performs monitoring by using a client monitoring application called the "client recorder," which can operate in stealth mode to capture any and all activity data from the subject PC. That application then reports all activity back to the Spector 360 server, for later retrieval and reporting. Simply put, Spector 360 is a client server application that runs in the background on the subject PC and integrates with a Windows Server running SQL Server.

Spector 360 uses three server components, a primary server application, a SQL Database, and the 360 Control Center, which works as a Microsoft Management Console snap-in. Along with the prerequisite client software, the product provides software updates and license compliance and configuration and management of the client agents. Storage requirements can grow exponentially, if administrators choose to store complete screenshot and e-mail attachment history. SpectorSoft suggests that administrators set aside as much as 400MB per user monitored per month. That requirement can lead to add-on sales of NAS or storage solutions for savvy solution providers.

Solution providers will find installing the server components straightforward and should be able to accomplish the chore in under an hour. We tested the product on a Windows 2003 Server that was configured as the domain controller and already had SQL server installed and running. With the server installation accomplished, the next step was to push the client software out to the windows PCs on the network. Luckily, that step is also very simple – Spector 360 offers wizards that help to deploy the clients to groups of PCs on the network, all via the Spector 360 Control Center application.

Clients can be deployed with or without employee notification and in stealth or visable mode. For most installations, it is probably best to inform the end user that the application is being installed on the subject PC and that it is active. That should eliminate many misunderstandings and will lend itself to better employee communications. In some cases, such as for an investigation, administrators can go with a silent install and stealth mode, which eliminates any clues that the employee is under surveillance. That may prove handy in cases of corporate espionage or malicious activity.

Administrators will use a deployment utility to launch the deployment wizard. The wizard allows administrators to choose from dozens of settings, including capturing all Web browsing, chat or IM conversations and so on. Administrators can further fine tune the capture settings by defining triggers based upon text strings. For example, an administrator could define a text string, such as "social security number" and then have that text trigger an information gathering event. That proves handy for capturing e-mail or forms data that may violate company policy or compliance requirements.

Trimming down the data captured helps to conserve database space and makes it much easier to search through the information captured. For example, administrators can define that the product only captures IM and e-mail conversations and not Web browsing, drastically reducing the storage space needed. On the other hand, the only way to truly guarantee adherence to company policies may be to capture and review all activity; the choice will ultimately be up to company management to decide.

Administrators can set up the software to capture passwords, look for keyword triggers and schedule when access should be monitored or blocked. The scheduling feature comes in handy for allowing employees to access shopping sites or other sites during lunch breaks or off hours as an employee perk. The trigger alerts can be used to instantly inform an administrator of an event that should be monitored. For example, a trigger could be set to identify a phrase such as "the password is" or "sneaking out" and then inform the administrator.

The software can be configured to capture screens by interval (every 15 seconds) or by event (keystroke, application launch or trigger phrase). Combining screen capturing with logging and trigger events helps management to effectively monitor an employee’s PC use and insure that corporate policies are being adhered to and that compliance requirements are met.

Once installed and configured, Spector 360 proves to be a very powerful tool, thanks in part to the product’s comprehensive reports. Administrators can generate reports for each machine monitored or roll those reports up into a department level report. Charts, graphs and detailed information are readily available in many of the reports, making it easy to identify trends or identify areas that may need additional focus. For example, if the finance department is playing online poker together, it should trigger a red flag to management that more investigation may be needed. Reports are customizable and the product offers a "quick view" feature, which eases access to the most common reports needed by many businesses.

SpectorSoft Spector 360 V6.2 starts at $1,995 for 25 users, with additional seats costing approximately $75 each. The company offers excellent margins via a dedicated channel program or an affiliate program. Margins can be as high as 40 percent for partners underneath the company’s affiliate or partner programs, each of which offer several levels and require some sales commitments.

For solution providers, SpectorSoft’s Spector 360 offers an excellent path to get involved with the growing computer surveillance market, and products such as this can only become more important over time due to renewed security concerns and forthcoming compliance requirements.

Frank Ohlhorst Frank J. Ohlhorst is the Executive Technology Editor for eWeek Channel Insider and brings with him over 20 years of experience in the Information Technology field.He began his career as a network administrator and applications program in the private sector for two years before joining a computer consulting firm as a programmer analyst. In 1988 Frank founded a computer consulting company, which specialized in network design, implementation, and support, along with custom accounting applications developed in a variety of programming languages.In 1991, Frank took a position with the United States Department of Energy as a Network Manager for multiple DOE Area Offices with locations at Brookhaven National Laboratory (BNL), Princeton Plasma Physics Laboratory (PPL), Argonne National Laboratory (ANL), FermiLAB and the Ames Area Office (AMESAO). Frank's duties included managing the site networks, associated staff and the inter-network links between the area offices. He also served at the Computer Security Officer (CSO) for multiple DOE sites. Frank joined CMP Technology's Channel group in 1999 as a Technical Editor assigned to the CRN Test Center, within a year, Frank became the Senior Technical Editor, and was responsible for designing product testing methodologies, assigning product reviews, roundups and bakeoffs to the CRN Test Center staff.In 2003, Frank was named Technology Editor of CRN. In that capacity, he ensured that CRN maintained a clearer focus on technology and increased the integration of the Test Center's review content into both CRN's print and web properties. He also contributed to Netseminar's, hosted sessions at CMP's Xchange Channel trade shows and helped to develop new methods of content delivery, Such as CRN-TV.In September of 2004, Frank became the Director of the CRN Test Center and was charged with increasing the Test Center's contributions to CMP's Channel Web online presence and CMP's latest monthly publication, Digital Connect, a magazine geared towards the home integrator. He also continued to contribute to CMP's Netseminar series, Xchange events, industry conferences and CRN-TV.In January of 2007, CMP Launched CRNtech, a monthly publication focused on technology for the channel, with a mailed audience of 70,000 qualified readers. Frank was instrumental in the development and design of CRNTech and was the editorial director of the publication as well as its primary contributor. He also maintained the edit calendar, and hosted quarterly CRNTech Live events.In June 2007, Frank was named Senior Technology Analyst and became responsible for the technical focus and edit calendars of all the Channel Group's publications, including CRN, CRNTech, and VARBusiness, along with the Channel Group's specialized publications Solutions Inc., Government VAR, TechBuilder and various custom publications. Frank joined Ziff Davis Enterprise in September of 2007 and focuses on creating editorial content geared towards the purveyors of Information Technology products and services. Frank writes comparative reviews, channel analysis pieces and participates in many of Ziff Davis Enterprise's tradeshows and webinars. He has received several awards for his writing and editing, including back to back best review of the year awards, and a president's award for CRN-TV. Frank speaks at many industry conferences, is a contributor to several IT Books, holds several records for online hits and has several industry certifications, including Novell's CNE, Microsoft's MCP.Frank can be reached at frank.ohlhorst@ziffdavisenterprise.com

Submit a Comment

Loading Comments...