|
The
employer has the right to require that employees do not
spend the company's resources on their personal
needs
LanAgent is a program
used to stealthily monitor computers on a local area
network and designed to control users' activities. Today
the director of the NetworkProfi company answers
questions about this
program.
Andrew, why did you
become interested in monitoring employees? Probably, it
was caused by your own personal experience, for
example?
The
term “monitoring” is not quite correct here because the
main purpose of our program is not monitoring, but
protection against internal threats. Actually, I got
interested in this issue quite accidentally. In the
course of my activities, I had a lot of business with
large companies and the heads of their departments often
asked me to choose or write a program that would allow
them to determine leaks of important information and
also increase the effectiveness of using business hours.
So, initially it was a custom product and only after
that we came up with an off-the-shelf product.
What categories of
users is LanAgent intended
for?
The
program is primarily intended for corporate customers.
It is intended for small and medium businesses, for
companies that have local area networks up to several
hundreds of computers. In companies, the program will be
interesting for information security specialists,
directors and system administrators. Besides, it will be
also useful for usual users that have a home network,
for example, for parents that have several computers in
their apartment. As a rule, they use it to control their
children.
How much time is it
needed to analyze log files when LanAgent is used in a
large company? How much space do log files occupy on
users' hard disks? Can users detect the program if they
find its logs?
The
amount of time needed to analyze obtained statistics
(logs) depends a lot on its amount and may take several
minutes. Space that logs occupy on users' hard disks
directly depends on how intensively the computer is
used. The following issue is also important here: the
program has client-server architecture. The server part
of the program (administrator part) is installed on the
administrator's computer while agents are installed on
users' computers. In the end, the entire information is
sent to the database on the administrator's computer and
logs are deleted from users' computers. It is up to the
administrator of the program how often it happens. He
can either manually make the program get logs from
agents or configure it to get logs automatically, for
example, each hour. In this case, logs will be
accumulated on users' computers for one hour and then
they will be sent to the database on the administrator's
computer. So, it will not be more than several megabytes
within an hours and this is true if we take into account
screenshots that they take more than half the size of
log files. Now as to whether users can detect the
program... Actually, I would like to point out right
away that there is no program that can be hidden with a
100% guarantee, there is always a chance that it will be
detected. But I can say for sure that it is very
difficult to do it with standard means. So, if users do
not know beforehand that there is an agent installed on
their computers, the chance that they find either the
program or its logs is very
little.
Does the program allow
you to set the priority for the events it monitors (for
example, operations with secret documents have a higher
priority)?
Currently, the program does not have such a
feature. All operations with any objects (applications,
files, visited sites) have the same priority. In future,
we plan to add the system of filtering events. For
example, the administrator will be able to specify which
applications, sites, etc. should be considered as
potentially dangerous. The program will filter the
contents of e-mail messages and websites and determine
the priority level. What if an employee sends company's
secret data by e-mail - the company's security
department should be informed about it in proper
time.
Does the program allow
you to divide users into groups and log different
activities for different groups of
users?
Yes, it is possible to divide user into groups in
the program. And it is possible to specify different
settings for different groups. For example, you have an
accounting department where the Internet is not used. In
this case, you can disable all types of monitoring
related to the Internet for this group. Actually, it is
possible to specify individual settings for each
user.
For what purposes can
the feature of sending message to users' computers by
the administrator be
used?
This feature can be used if the administrator
wants to warn a user. If the user knows that the program
is installed on the computer and he violates some
security policies, while the administrator sees his
activity and considers it dangerous, he can send a
warning to the user or some other text message that he
will find appropriate. Most probably, the administrator
has other means to contact the user as well, but we
decided to add this feature to the program just in
case.
Is there any data
concerning the effectiveness of using this program in
companies? What can a person who decides to control
their employees with LanAgent expect - do you have this
kind of statistics?
es,
we do. More than half of our customers have made sure
that their employees are only half-occupied with work
because they have enough time to play computer games,
chat, view entertainment sites while doing their jobs.
Our experience shows that persons in charge just give
additional tasks to such employees. Also, there were
some cases when the company's security policy has been
violated. It happened when employees sent sensitive
information by e-mail without having a clue what
consequences it may have for the company. As to the
effect expected from the deployment of LanAgent, in the
first place, it is increasing the effectiveness of using
business hours, preventing leaks of important
information, preventing attempts of unauthorized
negotiations with competitors. It should be kept in mind
that LanAgent is a tool and the rest is up to
you.
Do you think that
employers have the right to require that employees use
computers and the Internet only for business
purposes?
I think
that the answer to this question is obvious: yes, they
do. If an employer employs a person, gives this person
resources, he has the right to require that the employee
spends these resources not on his personal needs, but on
achieving the company's goals. But another question is
not less important: can an employer monitor an employee?
Employees and their bosses will always differ on this
question. Such issues as employees' carelessness and
information leaks are quite pressing in some companies
and their directors have to fight against them. As a
rule, the Internet, ICQ, etc. are needed for work so it
is impossible to just forbid using these things so the
only thing left is monitoring and explanatory
conversations with the staff. We do not suggest that our
customers hide the fact of monitoring their staff's
activities. As to the legal side of the problem, we
suggest that employers include information similar to
this (http://www.lanagent.com/rules.doc)
in their contracts with employees or give this
information as a separate
document.
Contents
|
