Liberty73
(Liberty73)
1
Our General Manager has tasked me with finding a way to track activity on end user’s PCs throughout the day. The end users in question are remote employees that log in to machines located in our office.
I know that I can use Event Viewer to see when a person logs on or off but the manager wants to see actual activity on the PC for each end user. He isn’t really concerned with what these users are doing on their PCs - just wants a way to be accountable to the owner of the company for the time the end users are logging in remotely.
5 Spice ups
DELL KACE or Keylogger if you want to see every time they type
If someone does not trust an EU to that point. Fire the EU. End of story. If you feel you need a keylogger, you already dont trust the FTE…if they are on their own devices, you are on a VERY slippery slope of legal issues.
1 Spice up
psophos
(M Boyle)
4
So what systems do you want to monitor? Their systems or what they do on your systems when they remote in?
If he means their own personal systems then have they agreed to that monitoring and is the agreement even legal? Contract under duress type stuff.
Cause surely the latter is what matters. And they are your systems so If they are logged on remotely but not working then that’s a legitimate concern and should be monitored for fraudulent activity.
The question is: you just want to know that they did something…anything? Is that the question? You just want to be sure that they didn’t just log on to make it look like they’re working, and then go to the movies?
Maybe set up auditing on some basic elements, like documents folder…shared network folders…anything which they use as a part of their business activity.
Liberty73
(Liberty73)
6
I agree 100% with you on this. I was very hesitant about even exploring any of this. My other reaction was to just stop people from working remotely at all and have them come into the office.
We used to just use the VPN log to get an idea of when they log in, out and how many times a day. The VPN would also disconnect after 15 minutes of inactivity.
When we can see them log in, and log out for the day, and if it disconnects constantly, they likely aren’t in front of that machine much.
1 Spice up
Liberty73
(Liberty73)
8
General Manager wants to see activity on company machines when users log in remotely to said machines. Like I mentioned, he doesn’t really care “what” they are doing it is more he wants to know that they are “working” on something and can then show this to the owner and say hey, they are logged in to their machines and are working. They can be at Starbucks as long as they are logged in remotely to their machine at Starbucks. He wants to be sure that they are not logging in first thing in the morning and then taking off to the mall for the day and then come back at the end of the day an d logging off of their PCs.
As mentioned above by someone else though - my stance is you either trust that they are working remotely or you don’t.
Liberty73
(Liberty73)
9
Our remote users utilize RWW (Remote Web Workplace) on SBS2008. I need to check from tracking on that I suppose. Yeah, the VPN idea would be awesome if they all used that like I do.
What are they logging into? If you have a VPN client and then going to an RDP or VM…easiest way is to just kill the session on activity. If he wants keylogging…well…fire the EU
psophos
(M Boyle)
11
General Manager wants to see activity on company machines when users log in remotely to said machines. Like I mentioned, he doesn’t really care “what” they are doing it is more he wants to know that they are “working” on something and can then show this to the owner and say hey, they are logged in to their machines and are working.
What does “working” look like? If it is easy to show “working” then this task is pretty feasible, you can get software that will take screenshots every minute as an example.
But this is the managers job. They manage. Part of that is ensuring that the work is getting done. A person can be avoiding work sitting at their desk just as easily as they can at home.
Though some people just don’t have the self-discipline to work at home. It’s not the easiest thing to do and some people do it better than others.
If the GM really wants to know, you could go all out and install something like Veriato Spector360.
1 Spice up
UserLock will allow you to accurately monitor and audit all user logon , logoff events across all session types - Interactive, WiFi, IIS, VPN. You can run reports to see total time activity etc. You can also limit all user logons to control how, when and where each user can access the system.
Hope this helps.
I am sticking with “FIRE THE EU”…If I had an employer running that, I would not work there. Plus, I will just use my BYOD to do what I want when I want. I can just take an iphone pick of a screen and have at it (I have seen this done more than a time or two).
Corp network…I can do all that at the edge with WatchGuard=WebSense…and get UTM.
@jackdoyle
Many employers feel that they have the right to know what’s being done on the computers they own, by the people they pay. You certainly have the right to not work for someone that tracks things that way.
As for your phone, well, that again depends on your employer. Here, for instance, you can use your phone in an emergency or while on break. If you use it at other times you’ll get written up.
Taking pictures of the screen isn’t a concern here. The tracking is to confirm that people aren’t wasting time surfing the 'net or doing other non-work related things on their computer.
That lets you limit Internet and do some basic tracking, yes. It doesn’t tell you if someone is sitting at their desk writing personal emails or creating Excel files for personal use, for example.
The amount of tracking desired by the employer determines which method makes the most sense.
It has been proven over and over again that you have to give some leeway. We have no issues what so ever if a person prints their kids book report on a fancy color lazer printer and or deals with family issues. Cell phones in many areas you are asked to leave for the day on the spot (PHI and telemetry and on and on). Strike two - your out with cell phones. But, people in billing and back office can have cell phones at their desks (as is their coat where as medical staff do not carry their coats all day)
Internet traffic. You want to shop on Amazon at lunch or after hours - have at it (blocked based on group during normal hours). If an MD wants to shop for a Porsche on eBay during hours? Who the heck is IT to tell him no?
Unless someone is in a call center or paid for production environment, most good people will leave because there is a presumption of guilt (and monitoring).
@larryg-profile
Oh, and WatchGuard w/Websense and Dimension lets you do 100% granular tracking of every site allowed and not.
I’m not sure what that means. Proven by who in what industry, regarding what? In any case, you can point out ‘proven’ things to many people, repeatedly, and get nowhere. Some people believe they are right and that’s the end of it.
Oh, I completely agree that IT has nothing to do with these decisions. It’s 100% up to HR / business owners.
If the owners don’t want their employees doing these things on business owned equipment, who the heck is IT to tell them no?
Sorry, my ‘basic tracking’ wasn’t clear. I didn’t mean you couldn’t see where people were going. I meant that you can’t see what they do when they get there, only where they’ve been. I should have been more clear on that point.
