Is Spyware really the best way to ensure legal compliance at work?
Some time ago I lambasted SpectorSoft for offering me a deal on eBlaster home spyware (Targeted advertising has got a long way to go). The very concept of spying on your own family appalls me. But I have also talked about the genuine tension between security and liberty (or in this instance, privacy). I believe that you have to weight the balance strongly in favour of liberty at home, but need to take security more seriously at work (The tension between security and liberty makes me a political blogger).
Well SpectorSoft has now announced strong sales in Europe, courtesy of its distributor Snapguard, for its commercial spyware product, Spector 360.
SpectorSoft continues to accelerate its global footprint, and strong adoption throughout Europe is a major driving force in that growth. Our goal is to continue expanding our international presence and Snapguard has proven to be a great partner for SpectorSoft prospects and customers in the UK and Ireland.
Jason Judge, CEO, SpectorSoft Corporation
Monitoring computer use at work is essential. You must be very clear to users that it is happening, and should have its use specified in both staff employment contracts and the company’s security policy document. You need it for compliance with legal regulations; to ensure, for example, that you don’t fall foul of the Data Protection Act. And it doesn’t offend me so long as you are monitoring company computers for company reasons, and being open about it.
But I am really not sure that SpectorSoft is the right way to go. I am intensely disturbed by the sensationalist way in which it advertises its products: it belongs more to the sneaky secretive style of the last Big Government parliament in the UK than with the promised Open Society view of the current parliament.
UK Law Enforcement Agency deploys Spector 360 across 9,000 client computers at nearly 200 locations throughout Great Britain. Network analysts and administrators credit Spector 360 for detecting any data leakage that could compromise people’s whereabouts. “Given the highly sensitive nature of our data, if we’re preventing information leakage with Spector 360, we could be preventing loss of life…”
SpectorSoft keeps shtum about the identity of this law enforcement agency, but does note it was formed in 1974 – so I leave it to the detectives among us to work out what it is.
But I do repeat that this is not the right way to do things. Security Event Management and real-time log analysis is a far more wholesome and open way to solve the problem (see Log Management: a necessary part of information security).