Re: centrally monitored "keylogger"

["tito.basa" <mochafrap () mix ph>]

i started this thread so just want to defend my requirements aside from
those privately sent to me.

i didn't say all PCs are gonna be monitored. I value my own privacy
but sometimes the company has the right to protect itself from the 
employees.

a few select PCs with special privileges and access to sensitive systems
are the only target of this. Even if I get their password, i can't use 
it since
it's one time, two factor (assuming identity theft). No personal or private
information would be stored nor done there (to all those privacy advocates)
There are separate PCs for them to do other things even personal
stuff tolerated but not excessive as always.

I have a high sense of privacy and ethics that even if
an email message is right in front of me I won't read it unless the 
owner wants me to.
I don't meddle with other people's affairs unless it affects their work 
performance
but just give advice if welcome. And the ones auditing the audited will 
also be audited
themselves.

now what what would you do if management told you to do those things?
we're not going to invade on our peoples privacy. Just protecting something
we have the right to protect and not anything beyond that or else i might as
well leave since it'll be against my own principles.

anyway, thanks to all those who replied to give comments
or suggestions off-list  :)

regards


Andrew Shore wrote:

> I agree that as a sys admin ensuring that systems are secure should be a high priority.
>
> However, I feel that monitoring every key stoke goes beyond the pale.
>
> Just because we can, morally and ethically, should we. If staff were followed to the rest room or escorted out to the car park 
> every night there would be a justified outcry. Yet when every action they perform during their normal daily job on a computer is 
> scrutinised users don't appear to care, or is it that they don't know.
>
> Don't get me wrong, I'm not bleeding heart liberal but ask your MD one question; are you going to monitor him? Or the other 
> directors? I'll bet my house, car and cat on the answer.
>
> When there is reasonable grounds to monitor some one then fine do it but not until. I've seen this type of monitoring turn to 
> abuse. I'm not for 1 second suggestion that is your intent but I've been in this game 25 years and seen a lot abuse of power.
>
> Try tapping someone phone line, see where that get you.  
>
> Anti virus and web content filters are one thing and should be encouraged. 
>
> Let me put one last question to you. Who monitors the monitors? What's to stop you logging my password to bank then 
> transferring money form my account? At that point what is the company's liability? (Legally and morally)
>
> It's a can of worms I wouldn't want to open.
>
> Just My 2cents and hey what do I know :) I'm just stirring the pot.
>
> -----Original Message-----
> From: Jantz, EJ [mailto:EJantz () bswintl com] 
> Sent: 14 October 2004 15:59
> To: Andrew Shore
> Subject: RE: centrally monitored "keylogger"
>
> Andy, while I am sensitive to the privacy concerns, I am in a position, as a sysadmin, of being somewhat responsible to make sure that our 
> employees don't steal the company blind. While I don't 'own' any of the company, I do get to share when it losses 
> business or has it stolen out from under it.
>
> We try very hard to trust our employees, they are mostly on the honor system. Occasionally, HR will get a request from a manager or VP and trigger some intense scrutiny of a users' activity. Some times it's just the workstation that's monitored, sometimes it's the activity across the domain. 
>
> It would be nice to have a handful of tools that do the job correctly and efficiently. Currently it takes resources we 
> need for routine production offline, and leaves the rest of us to take up the slack until the chore is done. (I just 
> love that when we are having a virus storm.)
>
> Email--The Privacy of a Postcard,
> The Half Life of Styrofoam.
>
> 'EJ' Jantz, IST Dept.
> BSW International
> One West Third St, Suite 800
> Tulsa, OK 74103-3520
> 918-582-8771
>
> ejantz () bswintl com
> 918.295.4166
> 918.587.3594 FAX
>
> -----Original Message-----
> From: Andrew Shore [mailto:andrew.shore () holistecs com] 
> Sent: Wednesday, October 13, 2004 3:22 AM
> To: tito.basa; security-basics () securityfocus com
> Subject: RE: centrally monitored "keylogger"
>
> You know, some time we go too far.
>
> Just my 2 cents. 1984?
>
> Andy
>
> -----Original Message-----
> From: tito.basa [mailto:mochafrap () mix ph] 
> Sent: 11 October 2004 08:30
> To: security-basics () securityfocus com
> Subject: centrally monitored "keylogger"
>
> guys,
>
> I'm looking for a monitoring tool sort of a keylogger
> installed on every PC (but logs not just keystrokes
> but screenshots as in some advanced "keyloggers")
>
> deploying keyloggers on every PC is easy but
> monitoring them is not due to the volume of records
> we have to parse and keep. This is in conjunction with
> strong authentication we'll also implement.
>
> anybody here with experience in Verint Systems
> ULTRA solutions for contact centers?
>
> http://www.verintsystems.com/contact_center/
>
> this seems to be something I need although their
> agent still has to contact me for details.
>
> other similar suggestions/recommendtions are welcome
>
> thanks
>
> tito
>
>
> --- CONFIDENTIALITY NOTICE ---
> The information in this email may be privileged, confidential,
> proprietary and exempt from disclosure. This email is intended to be
> reviewed by only the individual or organization named above. If you are
> not the intended recipient or an authorized representative of the
> intended recipient, you are hereby notified that any review,
> dissemination or copying of this email and its attachments, if any, or
> the information contained herein is prohibited. If you have received
> this email in error, please immediately notify the sender by return
> email and delete this email from your system.