Big bill revealed for Saanich spying software

Saanich The installation and use of employee monitoring software at Saanich municipal hall could cost the municipality at least $30,000 in 2015, thanks to licensing and maintenance agreements that were confirmed before B.C.’s privacy commissioner launched an investigation into the District’s practices earlier this year.

Emails released Monday through a freedom of information request show Saanich’s Information Technology department underwent training on Nov. 24, 2014 and installed Spector 360 – which is capable of capturing keystrokes as well as continuous screen images of employee activity – on an unknown number of computers at a cost of $1,992.

Two invoices dated Jan. 14, 2015 reveal Saanich was given the option of paying another $29,250 for further licencing and one year of maintenance, or $43,992 for licencing and three years of maintenance by SpectorSoft Corporation, which sells Spector 360. The software had been monitoring activity on several municipal computers until Jan. 20, when the B.C. Privacy Commissioner Elizabeth Denham launched an investigation into its use.

The FOI response also reveals Laura Ciarniello, Saanich’s director of corporate services, sent an email on Dec. 2 to IT manager Forrest Kvemshagen approving the software installation. Mayor Richard Atwell and council were sworn in on Dec. 1.

“I approve of this program and the machines that it has been installed on,” Ciarniello wrote in the email to Kvemshagen. “I have spoken with the Directors and Paul about this and I left it with (former CAO) Paul (Murray) to discuss with [redacted] and [redacted] or not.”

Murray was on vacation leave on Dec. 2 and left the municipality on Dec. 16 with a $468,000 payout. Ciarniello was on vacation Monday and was unavailable for comment.

Mayor Richard Atwell went public about his concerns over the “spyware” on Jan. 12 and said Spector 360 had been installed on his computer and several other computers without his knowledge or consent.

Atwell told the News on Monday that he will wait for the privacy commissioner’s report before commenting on the FOI revelations.

“I will be more than happy to comment when the OIPC releases its findings,” Atwell said.

Interim CAO Andy Laidlaw said the District provided all necessary information to Denham on its use of Spector 360 and will wait to respond to the recommendations in her report.


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

 

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://www.saanichnews.com/

Free Computer Monitoring Program Might Carry Risks

A national nonprofit focusing on digital privacy rights has raised questions about computer software distributed to families by the Pinellas County Sheriff’s Office.

ComputerCOP, a program designed to monitor children’s Internet use, has claimed endorsements that are questionable at best, according to the Electronic Frontier Foundation. Among them: the U.S. Treasury.

“This is all false accusations,” said Stephen DelGiorno, ComputerCOP president.

Marketing materials obtained by the EFF show ComputerCOP also claimed endorsements from the American Civil Liberties Union and the National Center for Missing & Exploited Children.

An ACLU spokesman told the Tampa Bay Times that the nonprofit never endorsed ComputerCOP. DelGiorno explained that in a 2004 newspaper article about the software, an ACLU spokesperson said the organization encouraged parents to monitor their children online.

A spokeswoman with the missing children center said the agency had an agreement with ComputerCOP in 1998, but it expired years ago.

The marketing materials also include a letter from the U.S. Treasury to a sheriff’s department granting permission to use forfeiture funds to buy ComputerCOP. A letter by DelGiorno stated that the product was “approved” by the Treasury, which has listed ComputerCOP on its fraud alert Web page.

DelGiorno said he contacted the Treasury to have the alert removed. He sent a Times reporter a copy of what he said were ComputerCOP’s current marketing materials, which did not include any of the endorsements. It was unclear when they were removed.

Pinellas Sheriff Bob Gual­tieri said the U.S. Treasury does not evaluate products purchased with forfeiture funds. “That’s misleading,” he said of ComputerCOP, “and they shouldn’t be doing that.”

According to the EFF, ComputerCOP has been sold to about 250 agencies nationwide in the past decade. Among them are several in Florida, including the Hillsborough County Sheriff’s Office, which stopped distributing the program last year after encountering “virus-related issues,” a spokeswoman said.

Gualtieri said he based his decision to purchase ComputerCOP on referrals from other agencies and did not know at the time about the endorsements.

The EFF report, released in October, also claims that one of the software’s features can make it easier for hackers to access personal informa­tion.

“This is a major issue and we verified it many times over,” said Dave Maass, the EFF researcher who completed the report.

DelGiorno said the EFF’s claims are not true, but some agencies have notified parents about the potential privacy concerns.

The Pinellas Sheriff’s Office vetted the nonprofit’s report and agreed the hacking concerns had “some merit,” Gualtieri said.

After buying 5,000 copies for $26,500, the Sheriff’s Office began distributing the software for free last month with a letter explaining the possible risks.

Roughly 1,000 copies have been picked upm and the sheriff said he has received only positive feedback.

“We let people know in full disclosure what the potential issue was,” Gualtieri said.


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://www.theledger.com/

How to Monitor Your Employees’ PCs Without Going Too Far

Do you know what your employees are doing on the Web? At a minimum, they’re probably goofing off watching YouTube videos. At worst, they could be steering your company toward financial ruin. In this quick guide, I’ll show you how to keep an eye on employee Internet use and monitor just about everything else they do with their PCs.

I can already hear the groans of disgruntled readers as I type these words (and if you’re worried about privacy at work, you have ways to stop your boss from spying on you). But gone are the days when PC monitoring was an optional, draconian security measure practiced only by especially vigilant organizations. Today, more than three-quarters of U.S. companies monitor employee Internet use. If your business is in the remaining quarter that doesn’t do so, you’re probably overdue for a policy change.

Why You Should Monitor

Everything your team does on company time–and on company resources–matters. Time spent on frivolous Websites can seriously hamper productivity, and visiting objectionable sites on company PCs can subject your business to serious legal risks, including costly harassment suits from staffers who may be exposed to offensive content.

take real time screen snapshot

 SurveilStar can give you a real-time look at employees’ screens.

Other consequences may be far worse than mere productivity loss or a little legal hot water. Either unintentionally or maliciously, employees can reveal proprietary information, jeopardizing business strategy, customer co
nfidentiality, data integrity, and more.

And, of course, unchecked Web activity can expose your network and systems to dangers from malware and other intrusions. Even something as simple as a worker’s failure to keep up with Windows patches can be a threat to your business, so don’t think of monitoring as merely snooping.

Monitoring Software

Employee monitoring is just one facet of a larger discipline known as endpoint security, which includes everything from malware protection to policy enforcement and asset tracking. Large enterprise computing environments demand comprehensive endpoint-security systems, consisting of server software coupled with client software on each user’s machine, that can handle many of these functions at once. These systems tend to be complex enough to require the expertise of a trained IT pro. But in this guide, I’ll be looking primarily at simpler tools designed for smaller organizations.

For a small business, you have several good ways to achieve endpoint security. You can install a Web-hosted system that combines software on the PC with remote monitoring services to protect your computers and enforce compliance with company policies. You can combine a few complementary tools, such as a desktop security suite and professional tracking software. Or, if your company is very small and your budget is tight, you can adopt free tools à la carte.

The most secure way to monitor PC use is to deploy a system that consists of a host, server, or appliance together with client-installed software. Unless you have a dedicated IT staff or the budget to bring someone in on a regular basis to check on things, such as SurveilStarSymantec.cloud or Trend Micro Worry-Free Business Security–is probably the best choice. These services are relatively inexpensive and easy to set up compared with server offerings, and they give you the flexibility to set and monitor compliance with acceptable-use policies from a single management interface. They also deploy system security updates automatically, block malware, and protect sensitive files to prevent data from leaking out of your company.

The cost for a hosted endpoint-security service is generally very low: A five-client license for Trend Micro Worry-Free will set you back less than $300 for two years.

If you’re not up for a total security overhaul and you just want to track user activity on a few systems, you have several affordable ways to go about it. Packages such asInterguard Sonar can monitor all e-mail and IM sessions, track and filter Web usage, log users’ keystrokes and program use, and capture screenshots on command for as little as $87 per user.

If you’re really on a shoestring budget, plenty of free and open-source tools can log PC and Web use. A freebie called ActivTrak, for instance, can keep tabs on which applications your staffers are using and which sites they’re visiting, complete with simple reports that give you a pretty clear idea as to how employees are spending their time on their PCs. A word of caution on stand-alone tools, though: Some antimalware utilities can quickly identify and disable stand-alone monitoring tools, so you may need to create an exception in your malware protection settings to ensure that ActivTrak can work properly on your systems.

Best Practices

It should go without saying that employee monitoring ought to be just one small component in a comprehensive strategy to protect your business and maintain productivity. Once you’ve made the choice to monitor, you should follow these general guidelines to ensure your success.

Be forthright: Nobody likes being spied on unwittingly. Unless you think someone on your team poses a serious threat that requires covert monitoring, it’s best to be up front with staffers about what you track and why. Many companies accomplish this with a simple statement in the employee handbook telling workers plainly that everything they do on company computers can and will be tracked. Letting employees know that their behavior is being monitored can serve as a powerful deterrent against unwanted online activity.

Filter proactively: Most good endpoint-security tools include Web and e-mail content filters that can block inappropriate sites and prevent users from sending or receiving files that can jeopardize your business. Use them. By limiting the ways your staffers can get into trouble, you can prevent problems up front.

Check reports regularly: There’s little point in generating usage reports if you’re not going to look at them. Take the time to at least spot-check the reports that your monitoring software generates so that you can identify potential problems early and take remedial action. Whatever you discover–whether it’s a time-wasting Website that everyone is watching this week or a single person who is addicted to solitaire–you can often fix problems with a simple e-mail that tells your team you know what’s up: “Just a reminder, people: Chatroulette is not an appropriate use of company time.”


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download
Reference: http://www.pcworld.com/

Sony hack: sacked employees could be to blame, researchers claim

Exchanges in secretive web forums point to former employees with a grudge, researchers claim, and could explain how hackers knew how to navigate Sony’s systems.

Sony billboard

Sony cancelled the release of the Interview in major cinemas, believing it had been hacked by North Korea in retaliation for the film’s depiction of its leader Kim Jong-un being assasinated Photograph: Veronique Dupont/Getty

Security experts investigating the devastating hack against Sony Pictures appear to be moving away from the theory that the attack was carried out by North Korea, focusing instead on disgruntled former employees of the firm.

Researchers at Norse cybersecurity claim that six former employees could have compromised the company’s networks, arguing that accessing and navigating selective information would take a detailed knowledge of Sony’s systems.

Norse is not part of the official FBI investigation, but did brief the government on Monday, the company said. Though noting that the findings are “hardly conclusive”, Norse senior vice president Kurt Stammberger told the Security Ledger that nine researchers had begun to explore the theory that an insider with motive against Sony would be best placed to execute a hack.

The team had started by examining a leaked database of employees made redundant during a a restructuring in May.

Of six people Norse claim had involvement with the hack, one was a former staffer made redundant in May after 10 years at the firm. She had a very technical background and had used social media to berate the company after losing her job, it is claimed.

Working with pro-piracy activists in the US, Asia and Europe, she may have used secretive discussion forums and IRC (chat) to coordinate the attack, researchers claim.

“We see evidence for those two groups of people getting together,” Stammberger said.

Meanwhile, FBI investigators are exploring whether hackers outside North Korea were hired for the attack, a source told Reuters on Monday. North Korea lacks some of the capability required to carry out the attack, the agency believes, so may have contracted out some of the work.

The development indicates that the FBI may be shifting from its previous official position, which stated that “the FBI now has enough information to conclude that the North Korean government is responsible for these actions”, while US president Barack Obama described it as “an act of cybervandalism”. North Korea has denied any involvement.

However, the FBI’s statement has been met with scepticism by the security community who have pointed to inconsistencies and conflicting evidence in the case against North Korea.

Marc Rogers, head of security for Defcon, said that the malware used in the hack would have required extensive knowledge of Sony’s systems. “While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider, “ he wrote. “It also fits with the pure revenge tact that this started out as.” Read More

How to use employee monitoring software and remain a great company

employee monitoringEmployee monitoring software has become commonplace. Many apps take monitor screenshots, capture online chat history, monitor active applications and visited sites and, in extreme cases, can even take pictures using webcam. It seems to be fair to track what your employees do when they are being paid for their time. After all, if they exchange their time for money, it seems fair for the employer to know what they are paying for. So, why does it still feel morally inappropriate in some cases? The question is far from being just theoretical. If a wrong decision is made, a company may suffer from lawsuits, experience a backlash and overall productivity drop (opposite from what was intended) from their employees or suffer damage to the company’s image.

Read More: Is Employee Monitoring Legal?

Silent vs Transparent employee monitoring

Silent employee monitoring is when information from employee’s computer is shared with company management without the user knowing it’s being shared. Transparent employee monitoring is when an employee has access to all his monitoring data. If you would like to improve the work efficiency, it’s good idea to inform your employees that they are being monitored and need to put their heart into work.

Silent monitoring without consent

Silent monitoring without consent is a simple case in which it is easy to distinguish between right and wrong. It happens when employee monitoring software is being used without a clear consent from the employee. If an employee is being quietly monitored and this fact is not stated in his contract with the employer, he has a full legal and moral right to sue his employer. But, even if mentioning it in the contract may make silent monitoring legal, does it make it morally right, if it was not brought to the employee’s attention and he is not aware that he is being monitored? The majority of employees would see it as wrong and rightfully classify it as spying. And, if you are a manager responsible for company policies in that respect, it would be prudent at least to make sure that every employee knows if he is being monitored and what the monitoring includes.

Summary

The days when a big corporation could spy on their employees without their consent is over. Certainly, companies have the legal right to monitor their employees, but in order to win their support, smart companies give their employees control over the monitoring process. Only then would they see happy employees and increased productivity.

Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help you record and track all computer activities. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

Is Employee Monitoring Legal?

Is Employee Monitoring LegalNowadays, more and more companies are recognizing the need for an employee monitoring program. However, since this is not as common of a practice as security from outside attacks, it raises many new questions including legality and best practices.

Different countries have different laws regarding computer monitoring. Generally speaking, it is legal for employers to monitor employees by tracking company-owned vehicles or smartphones. According to incomplete statistics, laws in most countries allow the monitoring of employees in the course of their work day. Most countries believe that employers have the right to monitor employee performance and use of company resources for they pay for their work and they own the property.

Not only is it legal to monitor employees on their computers and online, there is no federal US law that requires employers to notify workers they are being monitored. So while it is a best practice to inform employees of the company’s right to monitor all activity on employee computers and disclose it in the employee handbook, companies are NOT required to do so in the US.

The US courts have tried to balance an employee’s “reasonable expectation of privacy” against the employer’s business justification for monitoring. According to Santa Clara University Professor of Law Dorothy Glancy, “There aren’t many cases, and they tend to go against the employee. Often, court opinions take the point of view that when the employees are using employers’ property–the employers’ computers and networks–the employees’ expectation of privacy is minimal. Glancy continues, “When courts take this view, if employees want to have private communications, they can enjoy them on their own time and equipment.”

A greater number of companies are monitoring their employees electronically. Active monitoring of employees has risen recently from 35% in 2001 to 80% in 2014 due largely to the increased awareness. However, the costs of data breaches, internal threats and theft, as well as inappropriate workplace behavior cases such as sexual harassment have been large contributors. Employee monitoring provides important data and information that can be used as forensic evidence in a court of law:

Legal Liability: With workplaces often being designed as shared spaces with open floor plans and cubicles, it is easy for employees to be exposed to materials viewed by their colleagues online. Employees who are unwittingly exposed to offensive graphic material on their office neighbor’s computer screen can result in a hostile workplace environment. This is in addition to any harassment that can occur both via work email and chats.

Legal Compliance: In regulated industries, electronic recording and storage may be considered part of a company’s “due diligence” in keeping adequate records and files. This can provide them with some degree of legal protection. It is similar to a company’s need to tape telemarketing activities and customer calls in order to protect the company.

Security Concerns: Protecting the value of intellectual property and electronic assets is a growing concern for companies. Data threat and data breaches can result in millions of dollars as well as damage to a company’s reputation both with its customers and in some cases with investors.

We provide you with impartial material to show you employee monitoring is legal.

United States

According to the 18 U.S.C § 2511 (2)(a)(i) “It shall not be unlawful under this chapter for an operator of a switchboard, or an officer, employee, or agent of a provider of wire or electronic communication service, whose facilities are used in the transmission of a wire or electronic communication, to intercept, disclose, or use that communication in the normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service, except that a provider of wire communication service to the public shall not utilize service observing or random monitoring except for mechanical or service quality control checks”, employee monitoring is legal in the United States.

United Kingdom

According to the Part 3 Monitoring at work of The Employment Practices Code, employee monitoring is legal. For more details, please refer to the related articles.

France

According to the Franck L. v. Enterprise Martine, employee monitoring is legal in France. For specific articles, please look it up on the Franck L. v. Enterprise Martine.

Canada

According to the Personal Information Protection and Electronic Data Act (PIPEDA) of 2000 (Bill C-6), employers can conduct employee monitoring. For specific articles, please refer to related materials.

Australia

According to the Commonwealth Interception Act and the Privacy Act of 1988, Australian employers legally can conduct employee surveillance. For more details, please refer to related materials.

More companies are instituting employee monitoring to improve their internal security against insider threats, ensure adherence to company policies, and improve overall awareness about what is happening within the company. Utilizing the information above will at least get you started on the right legal footing.

To be safe, employers should always check with the local laws and maybe consult a lawyer before implementing a tracking system. This way, you have all your bases covered and you can properly notify employees of the new system.

*Please consult the laws in your local jurisdiction as they can vary in other countries. The information provided in this document does not constitute legal advice. You should consult an attorney that is familiar with the law of the state or locale involved regarding your particular concerns.


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help you record and track all computer activities. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download