Access to someone else's computer without using theit comput

Networking/Security Forums -> General Chat

Author: thebayman PostPosted: Wed Dec 15, 2010 5:07 pm    Post subject: Access to someone else's computer without using theit comput
    ----
Not sure where to post this

Is there a program or application that lets me see what someone is doing on their computer without accessing their computer?

We are in a new office and want to monitor our employees - specifically 3 people before we can proceed with HR matters so we have proof

They bring in their own laptops

I need to monitor what they are doing - emails/facebook etc

Is there a program I can buy that let's me do this from my computer?

I'm willing to pay someone to help me out if need be - thanks

Thanks

Author: Fire AntLocation: London PostPosted: Thu Dec 16, 2010 2:14 pm    Post subject:
    ----
thebayman,

I don't want to rain on your parade but this is legally questionable.

From a technical standpoint there are methods of monitoring traffic from the computer. There are lots of DLP, Content Scanners and Proxies which will do the task to varying degrees.

Depending on your country this could be grounds for a civil lawsuit or even a criminal prosecution!

First point, since they are allowed to bring in their own laptops (don't get me started on that point) I assume that you do not have a HR policy stating the AUP for computer and Internet usage. Since you don't own the hardware you can't legally set an expectation of acceptable usage with their own hardware. You could for Internet access though. Without one of these you don't have a leg to stand on.

Second point, it is questionable to spy on an employee because you suspect them of some sort of subversive. Business should operate in an open environment with proper controls and auditing. Spying should not reveal any abuse, normal/documented/known procedures should.

Third point, any control to detect abuse should be visible to the employees. They should know they exists and how they work. This is no 1950 Stasi era environment. You cant just turn up at their desk and fire them because you put a rootkit on their computer without their knowledge to spy on them.

Fourth point, in some countries you are invading the employees right to privacy especially with things like email if you snoop.

If you are serious about putting in better controls to prevent employee abuse you need to do the following:

1 - Prevent all non-company approved devices from connecting to the network. This does not have to be a technical control but could be in the form of a policy from the CEO/CTO etc.
2 - Have legal dept draw up an acceptable usage policy
3 - Have all employees read and sign said AUP
4 - Investigate and deploy controls to monitor/prevent/detect abuse or some sort (DLP, Proxy etc)
5 - Notify all staff of said controls and how they work, what the implications are for them and what they can expect from you (the employer)

My final point is that you must always engage with HR, Legal and Senior Management with things like this. Without the input/guidance of all of these you are opening yourself up for a lawsuit!

Fire Ant

Author: rusty_theron11Location: Toba PostPosted: Fri Jan 14, 2011 6:31 am    Post subject:
    ----
well i personally believe that Ethical hacking is best
like using computer with Team viewer



Networking/Security Forums -> General Chat


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group