Looking for a program to secretly monitor employees Internet borwsing

[BlueScreen123]

Hello,
I am helping a friend with his small business. He has a company using approx 10 Windows XP desktops in a workgroup. He thinks there is a lot of goofing around going on and wants to know how to secretly monitor what his employees are looking at on the web without them knowing. Does anyone know of a good program to do this?
Thanks

[Midknyte]

You need to be very careful about how you approach employee monitoring. Depending on where you live, he may be required to notify the employees that he is monitoring their computers. He should research privacy laws in your State.

monitor what his employees are looking at on the web

It would probably be easier to use a proxy to block unwanted content versus monitoring their work. OpenDNS is free. Of course, he has to make sure that the router is secure also.

http://www.opendns.com/

[jerryctx]

Create a policy statement describing the appropriate use of company computers. Possible issues might include

1. Printing personal documents, photos, etc
2. Storing personal data
3. Personal business (personal email, for example)
4. List the types of Internet sites that are inappropriate. Explain why a type of site is forbidden (source of malware, legal issues, etc).

Call a staff meeting and hand out copies of the policy. Don't make threats. Just the opposite. You know they act professionally and you need their help in creating a safe and efficient office environment.

Then practice "management by walking around". Much more effective than spyware.

New hires get a copy of the policy and discussion of its meaning.

BTW - It may not be wise to completely forbid all personal use of the system. Would you object if an employee used the company phone to call a repair shop to ask if his car was ready to be picked up? I see no difference in using the computer for a few minutes.

[e-zoon]

We use ActyMac DutyWatch. It's exactly what you are looking for - the app's features are recording web-history, keylogger, making screenshots, etc.

[jdc2000]

I agree with jerryctx on this one. It is one thing to know that your company computer usage can be monitored, it is quite another to know that everyting you are doing is being recorded and reviewed. Most of us would not want to work somewhere with someone watching over our shoulder the entire time.

[jerryctx]

Employers - I stand by my advice.

Employees - Always assume I am wrong. Secret monitoring is common.

[jseidel]

My employer uses this:
http://www.etelemetry.com/products/m...FQoMDQoduVswAg
As for it's effectiveness I don't really know because I am a user, not one that monitors, but I do know it works and there is no evidence to the user that it is there. It is clearly stated to all employees that Internet usage is for business purposes only. Think about it. You are on their time and using their equipment so they should be able to monitor what you do with their time and equipment. I work for a large hospital group and with over 6,000 PC's in the system they have to have some control over this. Not everyone will be honest and limit their usage voluntarily.
I have to add our entire hospital network is going to computers with Wyse technology installed:
http://www.wyse.com/
With these, the owner (i.e. the employer) has total control of what can and cannot be accessed or done on the PC. Because there are thousands of PC's to replace the changeover will take a long time but in the end the users can access and use only what the employer deems necessary and relevant to the job.
J.

[jerryctx]

JSeidel - Thanks. You have convinced me to modify my advice.

My background is with organizations employing professionals who would have walked out the door when they discovered (and they would) the use of monitoring software. For that environment I stand by my advice.

The situation you describe is probably closer to the norm today and spyware may be justified. I do have a few issues:

there is no evidence to the user that it is there

So the users are not told they are being monitored? Is the objective to entrap users or to prevent misuse?

they should be able to monitor what you do with their time and equipment

There is no question employers have the legal right to monitor. That doesn't mean they should.

Not everyone will be honest

But most people are. You need to weigh the cost (offense to good employees) against the gain.

Most of the suggestions I made in my first post can still be useful. Treat people with honesty and respect and most will react in kind.

[jseidel]

In response to you, jerryctx, everyone in our organization is made aware that all Internet activity is tracked when they are hired and/or when they are given computer access and that any unauthorized use may lead to disciplinary action up to and including termination. We sign a statement to this effect at hire or when given access. It is clearly stated, no secret to anyone and as an employee I respect this as a fact of today's workplace.
With the implementation of Wyse PC's soon this will no longer be an issue because the computers are "locked down" and can only be used for what the employer intends.
J.

[jerryctx]

Perhaps I'm reading too much into your post but I may have offended you. If so I apologize.

From Wyse's website:

Thin Computing replaces the PC with a Thin or Zero Client, making it easier for IT to manage user desktops by moving their complexity to the datacenter

Sure sounds like the bad old days when dumb terminals were connected to an IBM mainframe. An architecture the whole world rejected decades ago.

Perhaps Wyse has found a better way. I hope so. I wish your organization complete success. The more alternatives the better for all of us.

[jseidel]

. . . but I may have offended you.

You have not offended me and I mostly agree with everything you have said. Perhaps, I am mostly trying to tell things the way they are, not the way they should be. Last year our network was infected with one the many worm viruses that was making it's way around the web. Literally thousands of PC's were infected and the organization had to hire an outside firm to come in and clean them all because there was no way our IT department could do it. The crew went from PC to PC with their USB thumb drives (the removal program was on there) and spent 10 -15 minutes removing the infection from each PC. It cost thousands of $$. At the time, our IT department notified everyone that they were particularly targeting (i.e. forbidding the use of) instant messaging programs because they are known to be rampant with viruses, Trojan horses, spyware and malware. It is not the employee occasionally checking on their bank account to see if a charge has cleared that is causing the problems, it is the frequent use of instant messaging programs by dozens of employees that is really the concern and has prompted the move to Wyse. The worm may or may not have come from indescriminate use of the Internet, certainly it may have come from an E-mail attachment which is probably more likely, but it is Face Book, My Space, and of course the notorious AIM that has led my employer and others to take control of their network and equipment. They simply have no choice.

He thinks there is a lot of goofing around going on

To go back to the original post, instant messaging and similar sites is the "goofing around" he is talking about and that concerns him and most other employers.
J.

[jerryctx]

Well said.

I just posted a sign above my computer that reads "One Size Does NOT Fit All" as a reminder that there is more than one environment in the wonderful world of computers.

To be fair I should also mention that I used Wyse dumb terminals back in the old days and they were a reputable company, It is just that when I see a new name applied to old technology I smell snake oil.

Once enough terminals have been converted to be meaningful please let us know the results. At best you are trading one set of problems for another. Hopefully the new problems will be fewer and less critical.