Like it or not, network administrators these days must take on the added task of playing Big Brother, monitoring employees' use of the computers and network. Here are 10 of the most effective ways to keep an eye on what your users are doing.
Even if the company's management philosophy allows for some private use of company equipment, you often need to know what Web sites employees are visiting, what files they're sending and receiving, and even what they're saying in their e-mail. That's because employee actions can subject the company to monetary loss, civil lawsuits, and even criminal charges if they involve deliberate or accidental disclosure of confidential company information, transmission of pornography, or exposure to malicious code. According to the July 2005 issue of HR Focus, more than 60 percent of employers monitor all workers' Internet usage. This list covers 10 ways you can keep tabs on what your users are doing with the company's computers.
1. Use auditing to monitor access to files
On a Windows network, you can keep tabs on which files employees open -- or even failed attempts to access files -- by using the audit policy feature that's built into the operating systems. In Windows 2000 and above, auditing is enabled via Group Policy. Setting up auditing of access to files and folders is a two-step process: First, you must enable auditing in the Group Policy interface; then, you must set auditing in the properties of the particular network objects (files or folders) you want to audit. For detailed instructions on how to set up auditing of access to files, folders, and printers on a Windows XP computer, see KB article 310399.
2. Examine cached Web files
If you have only a few computers and want to find out what Web sites their users are visiting, you may be able to do it without buying any special software if you examine the Web browser's cache (called Temporary Internet Files in Internet Explorer). Copies of the pages and graphics that a user downloads are stored here so they can be more quickly displayed if the user wants to go back to the same page. However, savvy users who visit sites they don't want you to know about may clear the cache to prevent you from seeing these files.
You can make this circumvention more difficult on Windows XP computers by using the User Restrictions Tool in Microsoft's free Shared Computer Toolkit to deny users access to the Internet Options selection on the Tools menu, which is the interface for accessing and clearing the History and Temporary Internet Files.
3. Monitor Web access at the firewall
Another way to monitor which Internet Web sites users are visiting is to configure your firewall to report on Web sites accessed according to user name and/or computer name. Enterprise-level perimeter firewalls, such as Microsoft's ISA Server, Cisco PIX, and CheckPoint Firewall-1, either have built-in reporting features or have addons available that can provide reports of all Web sites accessed through the firewall and from what account and computer they were accessed.
See your firewall's documentation on how to set up reporting or check out these add-on products:
4. Filter Web access by URL
You can go a step further. Rather than just monitoring which Web sites employees visit, actually block
undesirable sites. This is an especially good tactic in the case of pornographic sites that could subject your company to sexual harassment lawsuits or sites that are known to contain malicious software downloads, such as some hacker sites. You might also want to block certain "recreational" sites (entertainment topics, chat sites, etc.) to prevent employees from wasting time when they should be working.
There are hundreds of blocking programs available, ranging from those intended for home users (NetNanny, Cybersitter) to powerful enterprise-level packages such as those made by SurfControl, Websense, and GFI referenced above.
5. Filter Web access by keywords
The problem with URL or domain name filtering is that you have to know the URLs of the sites you want to monitor or block. Many companies maintain blacklists of Web sites that have been determined to be undesirable according to particular criteria (including the vendors of most Web-blocking software). However, even if these lists are updated frequently, it's doubtful they'll contain all undesirable Web sites.
Instead of blocking sites just by address, some application filtering firewalls and add-on Web-blocking programs can filter sites by keywords.
Admins are not programers there is no need to keep monitoring the company computers. It only took one programer to see the need for a software product to be produced that stops employees miss useing the companys computers dead in there tracks. Its a GUI that replaces MS window, and only allows software that is related to the business use of the company, the days are over for the emloyee to able to run a forbiden program.
The program is tailored to the user's computer system, and only access to the system is through the Admin. The GUI program has been under strict secretcy untill now.It's a admin secert weapon.