This tends to be the most widespread and easiest to do, but there are different degrees and types of monitoring.
Almost every action on a computer connected to a network can be monitored. This can be done at multiple levels: at the network level, at the email level, or at the Internet request level. The other advantage of electronic monitoring is that different logs and pieces of data can be stored in a database for later use and can be correlated across multiple dates. Therefore, it is possible to run programs that can discern patterns of behavior that can lead to further investigation.
There are multiple places a user can be monitored with different types of information.
On the PC
Each PC has detailed information and logs about user activity. In some cases, an employer or someone else can place a keyboard logger, which as its name suggests, can record every keystroke a user makes on the keyboard. In many cases it is almost impossible for regular users to ever detect that it has been placed on their PCs. Therefore, it becomes especially important to make sure that your PC remains locked when you are away from it and also that it doesn't install software downloaded from unknown users or sites.
Invisible KeyLogger is an example of a piece of hardware that logs every keystroke in Windows.
Raytown Anti-keylogger promises to disable keylogging software.
A Web browser records temporary files (log files with a history of visited sites) as well as cookie files that also record personal information about a user and the sites they have visited. This information is stored on the PC and can also be used to track where a user has been.
Email servers
There are a couple of important reasons for employers to monitor their employees' email. The first is to prevent the leakage of confidential and proprietary information, and the second is to monitor employee productivity (such as how much times employees spend emailing friends), and the third is to protect against illegal or inappropriate use of the email system to spread content like inappropriate jokes that may create legal hazards for a business.
Once you send email from your PC, it goes to a mail server. There are a number of products being sold today that can intercept all email coming into a mail server and scan for all kinds of information -- confidential information being sent out, keywords, lewd jokes, and any information that an enterprise wishes to track. These systems are almost completely transparent to the user, and the information can be directly traced back to a named user. Therefore, every email that you send can be read and monitored, and specific keywords can alert administrators to look further into your behavior.
Many of these systems can detect email with various keywords, such as "confidential" or "acquisition" or inappropriate keywords (as in jokes), and can scan attachments and examine every part of the email.
SuperScout Email Filter is one example of a product that scans email.
Web surfing
Just like email, all traffic from your Web browser going over a corporate network typically goes through a set of servers connected to the internet. It's very easy to track all Internet requests coming from your PC and administrators can easily set up systems that track and analyze such traffic. They can then be alerted based on specific patterns of activity (how long you visited specific sites, for example) or match sites you are visiting to a database of known site characteristics (porn, for one).
Some users think that using sites with encryption means that all their information is secure. While the content that you get back from the site may be encrypted, the actual URL you are visiting is not! Therefore, your pattern of use can still be tracked.
Here are some links to products that can track Web traffic:
Web mail
It's harder for organizations to monitor personal email accounts separate from the corporate system because servers are outside the enterprise. Like instant messaging, the traffic between the browser and email system is not encrypted (you'll see "http" instead of "https" in the URL). However, your organization can still monitor the traffic using a network packet sniffer.
Another option is for the organization to install a keylogger or other software that can detect and track everything a user types on his or her computer. There are some very sophisticated programs now available that can also track Web-based email and instant messenger traffic. These include
WebMail Spy by ExploreAnywhere Software.
Instant messaging
Organizations are increasingly concerned about employees leaking confidential information and files over instant messengers. If you use a public instant messaging system such as AIM, Yahoo!, or MSN, the client running on your PC connects directly to an instant messenger server running outside of work. A network packet sniffer can still check the traffic between the instant messenger client and server because the connection is not encrypted.
This type of monitoring is harder to implement, but is often used when an organization wants to look deeper into the activity of a specific employee. Desktop keylogger systems such as
iSpyNow log instant messenger activity as well as other PC activity.
A Wall Street firm was recently fined for not storing instant messaging traffic between traders. Many enterprises are implementing internal instant messaging systems for these types of regulatory reasons. Remember, just like corporate email systems, everything you type into your company's instant messenger system can be logged, archived, and viewed by the corporation.
