Although SpectorSoft likes to use the innocuous word “monitor” when
it comes to Internet access, there are many who would substitute
“monitor” with “spy,” and believe that watching another user’s PC
activities amounts to an “invasion of privacy.” But let’s be realistic
here. Unless that employee owns that PC and the connectivity associated
with it, then the employer has justification to watch or control PC
use, whether we like it or not.
When it comes to Internet usage policy, most companies have three
choices before them – to block access using filtering, to monitor
access for policy violations or to turn a blind eye and hope for the
best.
Further complicating the block/monitor/ignore dilemma is the fact that
employee productivity can be greatly impacted by which path is chosen.
What’s more, unfettered access to the Internet, e-mail, IM and other
technologies could be a legal nightmare in the making, either from an
HR point of view or intellectual property point of view. Solution
providers may want to consider using another term to characterize
monitoring – compliance. Many companies are being forced into the role
of Big Brother simply because of current or pending legislation
relating to compliance, such as PCI, SOX, HIPPA and so on.
Ethical arguments aside, a PC usage monitoring company’s real goal is
to provide the best tools available for whatever path an employer may
choose to follow, which is what SpectorSoft has been doing all along
with their Spector 360 product, now in release 6.2.
The latest version of Spector 360 adds some new features that most
employers will find appealing. For example, the product’s data handling
capacity has been increased to meet the needs of large, multi-site
organizations, such as school districts or government agencies.
SpectorSoft leverages a SQL database to store the massive amounts of
data collected by Spector 360, which includes all Internet activity,
all e-mail, all instant messaging, and even all system activity –
including screen activity.
Spector 360 performs monitoring by using a client monitoring
application called the “client recorder,” which can operate in stealth
mode to capture any and all activity data from the subject PC. That
application then reports all activity back to the Spector 360 server,
for later retrieval and reporting. Simply put, Spector 360 is a client
server application that runs in the background on the subject PC and
integrates with a Windows Server running SQL Server.
Spector 360 uses three server components, a primary server application,
a SQL Database, and the 360 Control Center, which works as a Microsoft
Management Console snap-in. Along with the prerequisite client
software, the product provides software updates and license compliance
and configuration and management of the client agents. Storage
requirements can grow exponentially, if administrators choose to store
complete screenshot and e-mail attachment history. SpectorSoft suggests
that administrators set aside as much as 400MB per user monitored per
month. That requirement can lead to add-on sales of NAS or storage
solutions for savvy solution providers.
Solution providers will find installing the server components
straightforward and should be able to accomplish the chore in under an
hour. We tested the product on a Windows 2003 Server that was
configured as the domain controller and already had SQL server
installed and running. With the server installation accomplished, the
next step was to push the client software out to the windows PCs on the
network. Luckily, that step is also very simple – Spector 360 offers
wizards that help to deploy the clients to groups of PCs on the
network, all via the Spector 360 Control Center application.
Clients can be deployed with or without employee notification and in
stealth or visable mode. For most installations, it is probably best to
inform the end user that the application is being installed on the
subject PC and that it is active. That should eliminate many
misunderstandings and will lend itself to better employee
communications. In some cases, such as for an investigation,
administrators can go with a silent install and stealth mode, which
eliminates any clues that the employee is under surveillance. That may
prove handy in cases of corporate espionage or malicious activity.
Administrators will use a deployment utility to launch the deployment
wizard. The wizard allows administrators to choose from dozens of
settings, including capturing all Web browsing, chat or IM
conversations and so on. Administrators can further fine tune the
capture settings by defining triggers based upon text strings. For
example, an administrator could define a text string, such as “social
security number” and then have that text trigger an information
gathering event. That proves handy for capturing e-mail or forms data
that may violate company policy or compliance requirements.
Trimming down the data captured helps to conserve database space and
makes it much easier to search through the information captured. For
example, administrators can define that the product only captures IM
and e-mail conversations and not Web browsing, drastically reducing the
storage space needed. On the other hand, the only way to truly
guarantee adherence to company policies may be to capture and review
all activity; the choice will ultimately be up to company management to
decide.
Administrators can set up the software to capture passwords, look for
keyword triggers and schedule when access should be monitored or
blocked. The scheduling feature comes in handy for allowing employees
to access shopping sites or other sites during lunch breaks or off
hours as an employee perk. The trigger alerts can be used to instantly
inform an administrator of an event that should be monitored. For
example, a trigger could be set to identify a phrase such as “the
password is” or “sneaking out” and then inform the administrator.
The software can be configured to capture screens by interval (every 15
seconds) or by event (keystroke, application launch or trigger phrase).
Combining screen capturing with logging and trigger events helps
management to effectively monitor an employee’s PC use and insure that
corporate policies are being adhered to and that compliance
requirements are met.
Once installed and configured, Spector 360 proves to be a very powerful
tool, thanks in part to the product’s comprehensive reports.
Administrators can generate reports for each machine monitored or roll
those reports up into a department level report. Charts, graphs and
detailed information are readily available in many of the reports,
making it easy to identify trends or identify areas that may need
additional focus. For example, if the finance department is playing
online poker together, it should trigger a red flag to management that
more investigation may be needed. Reports are customizable and the
product offers a “quick view” feature, which eases access to the most
common reports needed by many businesses.
SpectorSoft Spector 360 V6.2 starts at $1,995 for 25 users, with
additional seats costing approximately $75 each. The company offers
excellent margins via a dedicated channel program or an affiliate
program. Margins can be as high as 40 percent for partners underneath
the company’s affiliate or partner programs, each of which offer
several levels and require some sales commitments.
For solution providers, SpectorSoft’s Spector 360 offers an excellent
path to get involved with the growing computer surveillance market, and
products such as this can only become more important over time due to
renewed security concerns and forthcoming compliance requirements.