RE: User Activity Monitoring

From: David Gillett (gillettdavid_at_fhda.edu)
Date: 08/25/04

  • Next message: Oleksandr Darchuk: "Re: Blocking Access to Non-domain computers" 
    To: "'Edwin Rene'" <edwin@link.net.id>, "'Security-Basics'" <security-basics@securityfocus.com>
Date: Wed, 25 Aug 2004 08:12:13 -0700

      There's a certain security usefulness (which needs to be balanced
    against issues of morale and trust...) to letting users think you're
    monitoring them more than you can really afford to.
      But when you say

    > monitoring users activities off the the network

    AND

    > and we don't want them to think with this program we are monitoring
    > what they doing.

    well, that basically sounds like entrapment, or worse.

      Perhaps I (or you?) have misunderstood the purpose of this
    exercise?

    Dave Gillett

    > -----Original Message-----
    > From: Edwin Rene [mailto:edwin@link.net.id]
    > Sent: Monday, August 23, 2004 9:56 PM
    > To: Security-Basics
    > Subject: User Activity Monitoring
    >
    >
    > Hullo,
    >
    > I'm a new security officer of a small company with some
    > mobile users, I'd
    > like to know programs out there there could restrict users
    > from copying
    > files to another computer or monitoring users activities off
    > the the network
    > / at home that doesn't have a key logger because we can't set
    > restriction
    > for users since the need administrative rights to run certain
    > program and we
    > don't want them to think with this program we are monitoring what they
    > doing.
    >
    > Thanks in advance
    >
    > Regards
    >
    > Ed
    >
    >
    > --------------------------------------------------------------
    > -------------
    > Computer Forensics Training at the InfoSec Institute. All of
    > our class sizes
    > are guaranteed to be 12 students or less to facilitate one-on-one
    > interaction with one of our expert instructors. Gain the
    > in-demand skills of
    > a certified computer examiner, learn to recover trace data
    > left behind by
    > fraud, theft, and cybercrime perpetrators. Discover the
    > source of computer
    > crime and abuse so that it never happens again.
    >
    > http://www.infosecinstitute.com/courses/computer_forensics_tra
    ining.html
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Computer Forensics Training at the InfoSec Institute. All of our class sizes
    are guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Gain the in-demand skills of
    a certified computer examiner, learn to recover trace data left behind by
    fraud, theft, and cybercrime perpetrators. Discover the source of computer
    crime and abuse so that it never happens again.

    http://www.infosecinstitute.com/courses/computer_forensics_training.html
    ----------------------------------------------------------------------------

  • Next message: Oleksandr Darchuk: "Re: Blocking Access to Non-domain computers"