http://www.surveilstar.com/

Leaked employee passwords open up Fortune 500 companies to hackers

Leaked employee passwords

 

It’s one thing when your iCloud account with personal photos gets hacked. It’s another when your Fortune 500 company has a data breach because your office credentials were leaked online.

At 221 of the Fortune 500 companies, Fortune magazine’s list of the the top 500 U.S. public corporations ranked by gross revenue, employees’ credentials are posted publicly online for hackers to steal and reuse in cyberattacks, according to new research from the web intelligence firm Recorded Future.

Corporations, especially highly sensitive targets like Fortune 500 companies, spend a great deal on securing their networks against hackers, but that could be for naught if an employee carelessly uses his office credentials to sign up for, say, a gaming forum.

The sensitive information can be found on forums and text repositories like Pastebin, which are fertile ground for username and password dumps. Researchers at Recorded Future scoured approximately 600,000 websites for credentials posted between Jan. 1 and Oct. 8, 2014. During their analysis, they found at least one username/password combination at 44% of the Fortune 500 companies, leaving those companies vulnerable to hackers who could use the data to break into networks or mount phishing and social engineering attacks, Recorded Future CEO and cofounder Christopher Ahlberg told Mashable.

These credential dumps are outside the companies’ control, Ahlberg said. The data likely come from third party sites — not from breaches of companies’ servers — where an employee used a corporate email to sign up for something. In the past few years, for example, hackers have breached websites and services like Adobe and Forbes.

One caveat is that there is no way to know whether the password used on a third-party site matches the employee’s password used on his corporate account. In other words, Fortune 500 employees’ information may be posted online — but it doesn’t necessarily that information will lead to a successful compromise.

“It’s a coin flip whether or not these credentials taken from third party sites are valid,” Scott Donnelly, the lead researcher on the report, told Mashable. “But when there’s 10 or 20 from a particular company, then odds are you’ve got one that’s valid.”

Below, the breakdown of the 221 companies listed in the report:

Leaked employee passwords open up Fortune 500 companies to hackers

companies

But having an employee’s username and password isn’t necessarily enough — hackers need to know where to use them. In some cases, Recorded Future also found that the webmail login pages of some utility companies are easily searchable on Google, which makes those companies even more vulnerable if an employee’s credentials are compromised.

The report doesn’t name names — either of companies or individuals — and Recorded Future has not notified any of the companies yet, according to Ahlberg and Donnelly. The goal of their research, they said, is to show that big companies are not immune to huge password leaks.

We’ve seen evidence of that lately.

Two weeks ago, a hacker claimed to have dumped 7 million Dropbox usernames and credentials. In a separate instance in early September, 5 million usernames and passwords appeared on a Russian forum (that information likely came from various earlier hacks, though). And in August, a security firm claimed to have found $1.2 billion credentials stolen by Russian hackers, though the firm’s report has been contested.

The issue with these dumps, even when they don’t involve services like Gmail or Dropbox, is the same: the danger of password reuse. If you always reuse the same password, a hacker doesn’t need to breach Google to obtain your Gmail password; instead, he can get it from your Fantasy Football forum. That’s why Facebook announced last week that it has been actively scouring sites that host dumped credentials to notify users if their password had been compromised.

Ahlberg and Donnelly warn that even more companies have probably been compromised, but those employees’ credentials have not been posted publicly.

“We have a pretty good coverage of the underbelly of the web, but these are just the public posts,” Donnelly said. “We’re highlighting how easy it is for somebody to just open the door and exploit a company because the information is sitting out there. But most certainly, there’s information that’s yet to be published.”


SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

 

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://mashable.com/

Is It Time to Review Your Data Monitoring Policy?

computer data monitoringThe relationship between workers, their devices and company material can be hazardous if left unmonitored.

Did your employer review their BYOD or employee monitoring policies with you during your onboarding process? Or, has your company’s leadership team made any changes to their policy as cellphones and other mobile devices have been allowed access to company email and files?

As more mobile devices enter the workplace, employers have started extending their data monitoring policies to worker’s personal technology. Although employee monitoring is not a new concept and is often expected in the office, there is a strong aversion to cellphone monitoring, especially among millennials.

Need for Education

According to a nationwide study by TechnologyAdvice Research, more than a third of office workers don’t know their employers’ data monitoring policies.

“The responses suggest a need for greater transparency or education efforts among company management about monitoring policies in order to keep employees engaged and maintain trust in company policies and values,” said TechnologyAdvice Managing Editor Cameron Graham, the study’s author. About 20 percent of respondents were unaware of whether their activity was monitored, while 15.6 percent were aware that their computer use was monitored somehow, but were unsure of the specifics.

Employee Sentiment on Being Monitored

There is a major split in how employees feel about computer monitoring as opposed to mobile device monitoring in the workplace. “Employees seem fairly comfortable in general with employers tracking their computer use at work, considering only 19 percent of respondents said they often or sometimes worry about their employer viewing their Internet history,” said Graham.

But 64.3 percent of office employees stated they would be at least somewhat uncomfortable with their cellphone being monitored during work hours. This is especially true for millennial respondents, who reported being more uncomfortable with cellphone monitoring, but were also found to be less likely to know how they were being monitored.

“There is a clear concern when it comes to employers tracking cellphone use, which respondents viewed as a greater concern than keylogging software or video surveillance,” Graham said. “That fear of cellphone monitoring doesn’t seem to be based on negative experiences, though, with roughly just 1 in 20 employees saying they’ve been questioned about such use.”

BYOD Policy Concerns

Millennials are poised to make up 44 percent of the work population by 2025, yet are the least likely to know the details of employee monitoring policies, despite expressing more concern about mobile device privacy than other age group. As this younger demographic moves into the workforce, employers will likely face growing challenges over Bring Your Own Device (BYOD) policies and mobile device monitoring.

“Involving all relevant parties in policy creation could help ease concerns over monitoring, and strike a balance in maintaining control over company information while discouraging insecure device use,” said Graham.


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

 

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://www.datamation.com/

Computer Email Monitoring

  • Do you want to regulate the use of email to send commercial messages in your corporation?
  • Do you have a desire to restrict sender by only allowing employees to use specific mailbox to send emails and prohibiting using other mailbox?

As the importance of electronic mail has grown both for internal communications with co-workers and for external communications with customers, suppliers and business partners, so has the need to ensure that your email servers are working properly. Monitoring and maintaining the health of your email servers has become vital in your business’ communication and even in its very existence.

SurveilStar Email Monitoring is the all-in-one network monitoring solution, which covers the complete range of monitoring needs from availability monitoring to bandwidth and usage monitoring, as well as application, instant message and email monitoring.

  • Record incoming and outgoing SMTP/POP3 emails and Exchange emails
  • Record outgoing webmails and Lotus Notes emails
  • Record all contents of outgoing and incoming attachments
  • Record email subjects, senders, recipients, time, size, etc.

If you need to prevent one or multiple spammers, block some emails addresses, restrict the employees to send emails only to permitted email addresses, prohibit sending attachments or limit email size, you can set an Email policy to achieve the goals easily. Setting up a proper email policy for your business situation is just a breeze.

  • Block specified sender accounts
  • Block specified recipients
  • Block specified outgoing email domains
  • Block users from sending emails with any attachments
  • Block emails with specific subjects
  • Block users sending files with specific file names
  • Block users sending emails over limited size

How to Monitor Emails?

1. Download and install SurveilStar to your PC and PCs you would like to monitor. How to

2. Login SurveilStar Console, select the target computer (group) that you want to monitor email activity. Navigate to Monitoring >Email.

Monitor Emails

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

 

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

Stare at Facebook all day? Watch out: Your boss could be monitoring you.

Merial Currer runs Patriot Scuba, an Occoquan, Va., shop that takes adventurous Washingtonians diving in one of two quarries within a short drive of the District. Two years ago, her son Will, an Army employee who studied cybersecurity in college, told her about ­ActivTrak, new software that would allow her to monitor her employees’ desktops, and she thought it would be a nice way to manage the office when she was away.

employee monitoring
Merial Currer, seen in a mirror at Patriot Scuba in Occoquan, Va., uses software to monitor her employees’ Internet use.
“We’re a family-oriented business, so we want to make sure our employees are on family-oriented Web sites.” she says.
(Matt McClain/The Washington Post)

Merial has told her four full-time employees that she monitors their computers, and they don’t seem to mind — she says she has not received pushback and mainly considers her use of the software a precaution to ensure that her workers, many of whom interact with children in their daily routines, stay off inappropriate Web sites.

“We’re a family-oriented business, so we want to make sure our employees are on family-oriented Web sites.” she said.

Cheap monitoring tools such as ActivTrak, Spector 360 and Workexaminer.com have made snooping possible for even the tiniest enterprises, allowing managers to track employees’ desktop activity — covertly, if they choose.

The danger is that managers might rely too heavily on the technology, jump to conclusions and use it to avoid more meaningful conversations with their staffers.

“With any kind of performance management technology, in the absence of good managerial skill it can be really dangerous,” said Ken Oehler, global engagement practice leader at Aon Hewitt, a human capital consulting firm.

Developed by Dallas-based Birch Grove Software, ActivTrak gives managers up-to-the-minute screen shots of what employees are doing on their computers, displaying the images on a dashboard resembling a security guard’s camera display. Managers can send pop-up boxes that appear in the corner of an unwitting slacker’s screen, admonishing him or her to get back to work. Spector 360, a monitoring service offered by Florida-based Spectorsoft, allows employers to detect specific keystrokes, alerting an IT manager and capturing rapid-fire screen shots as “evidence” when an offending keyword is added to a text document or an e-mail.

Employers can get regular productivity reports showing what employees are doing with their time: breakdowns of which Web sites they spend the most time on and whether their browsers are open. And monitoring doesn’t have to stop when an employee leaves the office. Employers who want to track those working remotely can use ActivTrak’s “invisible remote installer” to install the service on any computer on the company network. As long as managers have a network connection and administrator rights to a given computer, they can access the machine without an employee’s knowledge.

This sort of employee monitoring is nothing new in the Internet age. A 2007 survey of 304 small and large businesses by the American Management Association and the ePolicy Institute found 45 percent of employers tracking content, keystrokes and time spent at the keyboard.

“Even if your boss says you’re not being monitored, everybody should just assume you’re being monitored.” said Nancy Flynn, founder and executive director of the ePolicy Institute, a consulting firm that trains businesses on electronic compliance issues.

The emergence of new technology means that employee monitoring is not just the purview of government agencies and large corporations — small businesses can monitor their employees at little or no cost. ActivTrak comes free for those who need only three “agents,” the company’s lingo for a monitor placed on a single desktop. It costs $34 a month to monitor five employees, and larger companies can pay $199 a month to monitor 50 workers. Most of the employers that use the service don’t pay for it: Of 31,203 companies around the world that use Activtrak, only 7 percent use one of the paid models.

But the way the software is used — whether to tell employees that they’re being watched and what to do with the data that ActivTrak generates — is up to the manager. ActivTrak encourages its users to tell their employees that they are being monitored, but the company says it is aware of clients who do not do so. For others, just the specter of being watched is enough to scare their employees off Facebook.

ActivTrak markets itself as a tool for increasing productivity, but its effect on company morale depends on how managers use it. Some employees, such as those in financial services, expect their activities to be under a microscope for regulatory reasons, but in other cases monitoring can drive a wedge between manager and employee.“Right at the heart of all of this is trust. Does the employer trust the employee? What sort of message does it send that they need to monitor their desktop?” said ­Oehler, the Aon Hewitt specialist.“The technology in the hands of a bad manager could be really devastating. In the hands of a good manager, it could be really useful.”


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

 

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://www.washingtonpost.com/

Employer Monitoring of Work Computers: What are the Privacy Rights of Employees?

Employers have an interest in ensuring that computer systems in the workplace are used for proper purposes and not for unlawful conduct, information theft, harassment of other employees, and other similar improper uses. In order to monitor workplace computer use, employers have access to third-party software programs that collect and analyze all activity on company computers. This is primarily done by recording and analyzing keystrokes, taking screenshots of employees’ computers (often taken every two or three minutes), and using keywords to search for possible violations of employer policies with respect to the use of workplace computers.

Monitoring software will normally include a review of emails, instant messages, websites visited, and online searches. The software can monitor and collect the information in real-time on an ongoing basis. Despite the availability of monitoring technology, employers must balance monitoring workplace computer use against the legally protected privacy rights of employees.

Is Personal Computer Use Allowed? Actual Reality of Workplace Governs Courts

Many employers establish written policies dealing with employee use of workplace computers, and employees are often required to sign these policies. In most cases, the written policies set out the guidelines for workplace computer use and also advise employees that their computer system use is subject to employer monitoring.

Such policies, however, would only remove the privacy rights of employees in limited circumstances. When the courts or other tribunals are considering the privacy rights of employees, they are guided by the actual reality in the workplace with respect to computer use.

It is very common that employers permit employees to use workplace computers for personal reasons provided the personal use is fairly minimal. For example, if employees are permitted to send personal emails, or to access their bank account online, then personal use by employees is permitted. Once that is the case, the employees have a reasonable expectation of privacy with respect to their personal use of the workplace computer. Except in unusual circumstances, the employer is not permitted to read or monitor their personal emails, take screenshots of their banking transactions, or engage in any other intrusion into their private information. In addition, the law is that an employee’s privacy rights include information about which websites the employee has visited. Monitoring software does not make any distinction between personal and business use. All emails are monitored. Screenshots are taken without regard to what is on the screen. All Internet browsing is tracked. The monitoring itself then becomes a violation of the privacy rights of employees.

In each case, the court will consider whether the employer permits employees to use the computers for personal use. If personal use is permitted, even to a limited extent, a policy that purports to remove the employee’s right to privacy will be unenforceable. Any breach of an employee’s privacy rights is an offence under the applicable privacy legislation.

If, however, an employer prohibited personal use of workplace computers by employees and actually enforced that policy, the reality in the workplace would be that no personal use of workplace computers is permitted in any circumstance. In this case, the written policy dealing with monitoring by the employer would likely be enforced. That, however, is not the normal scenario in the workplace.

If an employer is conducting an investigation into a specific complaint with respect to an employee, the employer would have more power to review computer records. This would still be subject to the test of whether or not the employer has any reasonable alternatives to carry out the investigation without infringing on the employee’s privacy rights. If the employer is not able to meet that test, then any evidence gathered through the computer system will not be admissible evidence against the employee in a hearing.

Can Employees Expect Digital Privacy in the Workplace?

If employers allow employees any personal use of workplace computers, employees have a reasonable expectation of privacy with respect to their personal use of the computer system. This must be respected by employers. A monitoring system that reviews the personal use of the computer system by employees in those circumstances is a violation of the privacy rights of the employees.


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://www.davis.ca/

Research Says Monitoring Employee Activities in Digital Environments Will Rise in 2015

Security surveillance and monitoring will rise greatly in 2015 to protect enterprise data and work procedures into whatever technical environments are utilized by employees to perform their job.

Goldcliff Circle Herndon, DC — (ReleaseWire) — 01/29/2015 — Monitoring employee activities in a digital environments are increasing, with 60% of companies likely to implement official PC monitoring software to keep track of external social networking websites for avoiding security breaches by 2015, according to EmpMonitor. Several businesses currently participate in social media monitoring included in brand marketing and management, but less than 10% of businesses currently utilize these same tactics as a part of their safety monitoring program.

To avoid, identify and remediate security cases, IT security companies have typically focused interest on the monitoring of inner infrastructure. The effect of IT consumerization, social media and cloud services renders this traditional strategy insufficient for leading choices concerning the safety of business info and work procedures.

Considering the fact that employees with valid access to company data assets are usually involved in security breaches, employee monitoring should focus on the activities and behavior wherever the employees follow a company-associated interactions with his/her computer systems. Quite simply, the growth of efficient security intelligence or control depends upon the capability to seize and evaluate user activities that happen outside and inside of the business IT environment.”

SurveilStar Employee Monitoring Software is a total solution for employer monitoring needs. This employee surveillance software with supervisory functions is like a remote monitoring camera which shows every activity on supervised computers in a network. Both computers have to be connected in same networking environment, domain or no-domain based with complete administrative privileges.
SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

 

Reference: http://www.digitaljournal.com/