Closed

Key Logging Software

Hello all,

I am looking to see if there is a professional key logger out there that is legal. I have created a template in our employee handbook to notify all employees that we log everything. I have seen a couple companies require we notify our employees in their EULA. Can anyone with more experience shed some light on this for me? Thank you.
13 answers Last reply
More about logging software
  1. kuthedude said:
    Hello all,

    I am looking to see if there is a professional key logger out there that is legal. I have created a template in our employee handbook to notify all employees that we log everything. I have seen a couple companies require we notify our employees in their EULA. Can anyone with more experience shed some light on this for me? Thank you.



    Hi :)

    I would check with your lawyers FIRST....

    There are some VERY strict laws against this in a lot of countries....

    All the best Brett :)
  2. To add to what Brett said, if you are in the US, laws can also vary from state to state.
  3. I agree with Brett. Just because you have a policy to monitor employees computer use doesn't actually mean you have to use a key logger. There are many other monitoring tools.
  4. Quote:
    Love my job, since I've been bringing in $74/hr… I sit at home, music playing while I work in front of my new iMac that I got now that I'm making it online.. http://twlr.me/Facts



    spam reported....ban coming in 3...2...1...
  5. If you are asked to install a keylogger by your company, get the request in writing and store it offsite. It is not unlawful to have and install a keylogger. What the keylogger captures may infringe on peoples rights and you may get sued later depending on how you use the information. Pretty much, the company can use a keylogger to watch its own assets. Issues come up when people log into a personal email and you log the name and password. Don't be dumb and log into the external account.

    That being said, there are lots of software keyloggers and some hardware ones that you can use. I would just start looking at the reviews and pick one.

    To be nice, I would remind people that a key logger is running when they logon.
  6. Agreed with all of the above. I would simply remove the temptation.. IE: Facebook etc.. block it so they can't get themselves in trouble. Most if not all things employees shouldn't be doing can be restricted or monitored in some form or fashion.
  7. I am currently blocking most personal sites. I do want to see if someone is looking for another job on the clock etc. Obviously I wouldn't be using any personal info. If someone were to login to their bank account for instance, I wouldn't want to get into any trouble.
  8. i would check the law of your country to avoid been prosecuted for privacy infrigement
  9. kuthedude said:
    I am currently blocking most personal sites. I do want to see if someone is looking for another job on the clock etc. Obviously I wouldn't be using any personal info. If someone were to login to their bank account for instance, I wouldn't want to get into any trouble.

    Then instead of a keylogger, you really want a proxy server to keep detailed web logs that you can pull up and search by employee. There's a lot of these around (MS Forefront used to be isa server, Ironport, Zscaler i think even barracuda does this).
  10. I would argue that you could look at any info on the company side of the network connection. For example, any info that could be captured in a network sniffer trace would be fair game, and you see a lot more than what a keylogger would show.

    You just really can not use that info to access sites outside of your infrastructure. It is one reason some companies don't want external cloud access and have set up their own internal cloud.

    Key question: does the employee have a reasonable expectation of privacy?
    you want that to be 'NO" if you are running keyloggers. Employees can also claim that you keylogged and entered their private accounts and used that info to fire them. Even if you did not do that, it is opens a window for legal problems later.

    Also, keylogs can be faked, and modified. I once looked into a problem where a real hacking attempt was made and a manager modified the log to look like another person had did the hacking. The only thing that saved that persons butt was the manager did not know the file had been backed up before she made the change. What a mess
  11. scout_03 said:
    i would check the law of your country to avoid been prosecuted for privacy infrigement



    Hi :)

    I TOTALLY agree, this is a legal minefield where you could EASILY be sued later if you USE the information...

    I repeat, check with your companies lawyers FIRST...

    All the best Brett :)
  12. one solution that you could make a list on your server to block acces on the site you dont want your employees to connect to at work
Ask a new question

Read More

Security Software Business Computing