SpectorSoft Spector 360 6.2 Offers New Features to Monitor Employee Internet UseBy Frank Ohlhorst | Posted 2008-11-24 Email Print
With the release of SpectorSoft Spector 360 6.2, employers can monitor employee Internet use with new features to help with compliance issues.
Although SpectorSoft likes to use the innocuous word "monitor" when it comes to Internet access, there are many who would substitute "monitor" with "spy," and believe that watching another user’s PC activities amounts to an "invasion of privacy." But let’s be realistic here. Unless that employee owns that PC and the connectivity associated with it, then the employer has justification to watch or control PC use, whether we like it or not.
When it comes to Internet usage policy, most companies have three
choices before them – to block access using filtering, to monitor
access for policy violations or to turn a blind eye and hope for the
Further complicating the block/monitor/ignore dilemma is the fact that employee productivity can be greatly impacted by which path is chosen. What’s more, unfettered access to the Internet, e-mail, IM and other technologies could be a legal nightmare in the making, either from an HR point of view or intellectual property point of view. Solution providers may want to consider using another term to characterize monitoring – compliance. Many companies are being forced into the role of Big Brother simply because of current or pending legislation relating to compliance, such as PCI, SOX, HIPPA and so on.
Ethical arguments aside, a PC usage monitoring company’s real goal is to provide the best tools available for whatever path an employer may choose to follow, which is what SpectorSoft has been doing all along with their Spector 360 product, now in release 6.2.
The latest version of Spector 360 adds some new features that most employers will find appealing. For example, the product’s data handling capacity has been increased to meet the needs of large, multi-site organizations, such as school districts or government agencies. SpectorSoft leverages a SQL database to store the massive amounts of data collected by Spector 360, which includes all Internet activity, all e-mail, all instant messaging, and even all system activity – including screen activity.
Spector 360 performs monitoring by using a client monitoring application called the "client recorder," which can operate in stealth mode to capture any and all activity data from the subject PC. That application then reports all activity back to the Spector 360 server, for later retrieval and reporting. Simply put, Spector 360 is a client server application that runs in the background on the subject PC and integrates with a Windows Server running SQL Server.
Spector 360 uses three server components, a primary server application, a SQL Database, and the 360 Control Center, which works as a Microsoft Management Console snap-in. Along with the prerequisite client software, the product provides software updates and license compliance and configuration and management of the client agents. Storage requirements can grow exponentially, if administrators choose to store complete screenshot and e-mail attachment history. SpectorSoft suggests that administrators set aside as much as 400MB per user monitored per month. That requirement can lead to add-on sales of NAS or storage solutions for savvy solution providers.
Solution providers will find installing the server components straightforward and should be able to accomplish the chore in under an hour. We tested the product on a Windows 2003 Server that was configured as the domain controller and already had SQL server installed and running. With the server installation accomplished, the next step was to push the client software out to the windows PCs on the network. Luckily, that step is also very simple – Spector 360 offers wizards that help to deploy the clients to groups of PCs on the network, all via the Spector 360 Control Center application.
Clients can be deployed with or without employee notification and in stealth or visable mode. For most installations, it is probably best to inform the end user that the application is being installed on the subject PC and that it is active. That should eliminate many misunderstandings and will lend itself to better employee communications. In some cases, such as for an investigation, administrators can go with a silent install and stealth mode, which eliminates any clues that the employee is under surveillance. That may prove handy in cases of corporate espionage or malicious activity.
Administrators will use a deployment utility to launch the deployment wizard. The wizard allows administrators to choose from dozens of settings, including capturing all Web browsing, chat or IM conversations and so on. Administrators can further fine tune the capture settings by defining triggers based upon text strings. For example, an administrator could define a text string, such as "social security number" and then have that text trigger an information gathering event. That proves handy for capturing e-mail or forms data that may violate company policy or compliance requirements.
Trimming down the data captured helps to conserve database space and makes it much easier to search through the information captured. For example, administrators can define that the product only captures IM and e-mail conversations and not Web browsing, drastically reducing the storage space needed. On the other hand, the only way to truly guarantee adherence to company policies may be to capture and review all activity; the choice will ultimately be up to company management to decide.
Administrators can set up the software to capture passwords, look for keyword triggers and schedule when access should be monitored or blocked. The scheduling feature comes in handy for allowing employees to access shopping sites or other sites during lunch breaks or off hours as an employee perk. The trigger alerts can be used to instantly inform an administrator of an event that should be monitored. For example, a trigger could be set to identify a phrase such as "the password is" or "sneaking out" and then inform the administrator.
The software can be configured to capture screens by interval (every 15 seconds) or by event (keystroke, application launch or trigger phrase). Combining screen capturing with logging and trigger events helps management to effectively monitor an employee’s PC use and insure that corporate policies are being adhered to and that compliance requirements are met.
Once installed and configured, Spector 360 proves to be a very powerful tool, thanks in part to the product’s comprehensive reports. Administrators can generate reports for each machine monitored or roll those reports up into a department level report. Charts, graphs and detailed information are readily available in many of the reports, making it easy to identify trends or identify areas that may need additional focus. For example, if the finance department is playing online poker together, it should trigger a red flag to management that more investigation may be needed. Reports are customizable and the product offers a "quick view" feature, which eases access to the most common reports needed by many businesses.
SpectorSoft Spector 360 V6.2 starts at $1,995 for 25 users, with additional seats costing approximately $75 each. The company offers excellent margins via a dedicated channel program or an affiliate program. Margins can be as high as 40 percent for partners underneath the company’s affiliate or partner programs, each of which offer several levels and require some sales commitments.
For solution providers, SpectorSoft’s Spector 360 offers an excellent path to get involved with the growing computer surveillance market, and products such as this can only become more important over time due to renewed security concerns and forthcoming compliance requirements.