David,
Sorry to confuse you. What I meant was, that basically we would only like to
monitor what program they use offline and restrict copying files from their
lap top to another media/ computer. And there are concerns from the IT
manager that if there's a keylogging ability on the program the officers
that would do log/results checking would abuse or misuse the logs/results.
Therefore the program should be able to monitor what they do but shouldn't
have any keylogging ability. I know it's a wierd but that's what we're
dealing with now.
Thanks ^__^
Ed
----- Original Message -----
From: "David Gillett" <gillettdavid@fhda.edu>
To: "'Edwin Rene'" <edwin@link.net.id>; "'Security-Basics'"
<security-basics@securityfocus.com>
Sent: Wednesday, August 25, 2004 10:12 PM
Subject: RE: User Activity Monitoring
There's a certain security usefulness (which needs to be balanced
against issues of morale and trust...) to letting users think you're
monitoring them more than you can really afford to.
But when you say
monitoring users activities off the the network
AND
and we don't want them to think with this program we are monitoring
what they doing.
well, that basically sounds like entrapment, or worse.
Perhaps I (or you?) have misunderstood the purpose of this
exercise?
Dave Gillett
-----Original Message-----
From: Edwin Rene [mailto:edwin@link.net.id]
Sent: Monday, August 23, 2004 9:56 PM
To: Security-Basics
Subject: User Activity Monitoring
Hullo,
I'm a new security officer of a small company with some
mobile users, I'd
like to know programs out there there could restrict users
from copying
files to another computer or monitoring users activities off
the the network
/ at home that doesn't have a key logger because we can't set
restriction
for users since the need administrative rights to run certain
program and we
don't want them to think with this program we are monitoring what they
doing.
Thanks in advance
Regards
Ed
--------------------------------------------------------------
-------------
Computer Forensics Training at the InfoSec Institute. All of
our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the
in-demand skills of
a certified computer examiner, learn to recover trace data
left behind by
fraud, theft, and cybercrime perpetrators. Discover the
source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_tra
ining.html
--------------------------------------------------------------------------
--
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
