
	Home > Ask the Security Experts > Expert Archive: Information Security Threats Questions & Answers > Should keystroke loggers be used in enterprise investigations?

Ask The Security Expert: Questions & Answers

EMAIL THIS

Should keystroke loggers be used in enterprise investigations?

EXPERT RESPONSE FROM: Ed Skoudis, past SearchSecurity.com expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 11 October 2007
Should keystroke loggers be used in an enterprise setting?

This is a very good question, and one that should be considered carefully by all enterprise information security personnel engaged in investigations. Keystroke loggers can provide a great deal of insight into what a perpetrator may be up to inside an enterprise. Furthermore, if the perpetrator is using corporate assets, and you've got warning banners that clearly spell out that all computer use is subject to monitoring, you've got the groundwork laid for running a keystroke logger. But, hold on! There are two more hoops that you need to jump through before gathering your first keystroke.

I would never run a keystroke logger in an enterprise setting unless I first got a written approval from both an in-house lawyer and human resources personnel. The lawyer can check to make sure that your corporate policies, training and warning banners all limit an employee's presumption of privacy in the enterprise. The HR folks can similarly verify that reasonable suspicion of wrongdoing exists and warrants the use of a keystroke logger. In effect, the lawyer and HR review acts as a series of checks and balances on your actions. Don't view them as an annoying obstacle. Instead, realize that they are there to help you avoid a potential personal lawsuit from the target of your investigation!

More information:

Learn how unified threat management (UTM) products can be used against remote control Trojans and keystroke loggers.

Have you used a keystroke logger in your organization, or would you consider doing so? SearchSecurity.com wants to hear from you.

BROWSE BY TAG

Security Awareness Training and Internal Threats, Information Security Management, Expert Archive: Information Security Threats, Information Security Policies, Procedures and Guidelines, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Security Awareness Training and Internal Threats
	Health Net breach failure of security policy, technology
	Health Net healthcare data breach affects1.5 million
	Massive T-Mobile UK security breach involves insiders
	Secure your remote users in 2010
	Layoffs prompt insider threat fears, cybersecurity survey finds
	How to use Internet security threat reports
	Creating a HIPAA employee training program
	Successful rogue antivirus hinges on social engineering
	External attacks start with unintentional mistakes, survey finds
	Security technologies fail to address insider threat management

Expert Archive: Information Security Threats

The telltale signs of a network attack

Will Google Chrome enhance overall browser security?

Are there antivirus suites that pick up more than just run-of-the-mill viruses?

What tools can a hacker use to crack a laptop password?

Are social networking sites an easy target for malicious hackers?

What are the dangers of cross-site request forgery attacks (CSRF)?

Should social engineering tests be included in penetration testing?

What kind of data is compromised during a Google hack?

Best practices for using restriction policy whitelists

Defining mobile device security concerns

Information Security Policies, Procedures and Guidelines

Health Net breach failure of security policy, technology

How to protect distributed information flows

Essential guide: Pandemic planning for H1N1

Whitelists, SaaS modify traditional security, tackle flaws

Melissa Hathaway urges more cooperation, government attention to cybersecurity

Reuters: Obama ready to select cyber security czar

How a corporate Twitter policy can combat social network threats

Should enterprises be concerned with Twitter in the workplace?

Information security management hype: Debunking best practices

Data breach avoidance begins with security basics, panel says

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

dumpster diving (SearchSecurity.com)

Honeynet Project (SearchSecurity.com)

insider threat (SearchSecurity.com)

National Computer Security Center (SearchSecurity.com)

pretexting (SearchCIO.com)

shoulder surfing (SearchSecurity.com)

single-factor authentication (SFA) (SearchSecurity.com)

social engineering (SearchSecurity.com)

Total Information Awareness (SearchSecurity.com)

trusted computing (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy