What do a majority of cyber breaches have in common? Humans, the human aspect is usually why something is compromised. Whether it be someone was lazy and forgot to update a server or an employee didn’t properly lock their computer at the end of a workday. Humans contribute to the bulk of mishaps when it comes to cyber incidents. There is a saying within the security industry, trust but verify. A great way to accomplish this guideline is to invest in a keylogger solution for your company.
What is a Keylogger?
Keylogger is a hardware device or a software application installed on a computer used to secretly capture keys pressed by users on the keyboard.
Hardware keyloggers are usually small USB dongles that plug into the computer you want keystrokes recorded on. One advantage to using hardware keystroke recorders over software ones are that they usually can capture text typed on the keyboard as soon as the computer is turned on, thus are able to capture things like computer sign in passwords. They are OS-independent. Although hardware loggers work only with external keyboards and will not record if a user types on a laptop keyboard, or if they type in a non-Latin alphabet.
Hardware loggers can also easily be used maliciously if the user is unaware that their keystrokes are being captured by an unknown device. Physical access is usually required to plug such a device into the computer’s USB or PS-2 port, and then connect a keyboard to the device. But one can later access logs even remotely over Wi-Fi, or the device can have an on board flash memory for storing logs.
- Sniffers exist that can intercept radio signal from a wireless keyboard.
- Simple video camera can be used for surveillance on the keyboard.
- An overlay can be applied to the keyboard, which as often used for ATM hacking for catapulting PIN codes.
- There is even advanced acoustic technology to remotely recognize which keys are being pressed.
At the enterprise level, a more manageable and practical solution would be using a software-based key logger for monitoring employees.
Keylogging software can drastically increase the visibility in your IT department. Key logger is a piece of software that has an invisible agent (client) installed on every machine in your company. In addition to just typed text, it can capture other user activity events and reports back in ether live or recorded feed. Types of events that are recorded include: inputs on the keyboard (either external or embedded, such in a laptop), mouse clicks, computer applications the user has interacted with.
Here are some of the features you can get with a keylogger software:
- Record keystroke activity
- Record any websites visited as well as snapshots of the website.
- Logs around instant messages and email sent or received
- Applications opened by the user in a certain period of time
- Install remotely by company’s admins
The above are just a few features that you can expect from a key logging tool. By having this visibility in your environment you are taking a proactive approach to information security and protecting your company’s digital assets. Below are couple use case examples what a keylogger would help prevent:
- A disgruntled employee copying source code or social security numbers and sending them out to their Google Drive.
- Malware/phishing investigations, being able to see truly what the user seen and compare it to the action taken on the site.
- Sending emails out of the company containing login credentials for an admin account on a management server.
How do I get a keylogger for my company?
There are several companies out there that provide keystroke recording software, one great example of a solution would be from SoftActivity. SoftActivity provides both a user activity monitor for workstations and a Terminal Server monitoring solution. SoftActivity provides an eagle eye view into user activities by using the following:
- Silent monitoring, not visible to users
- Visited websites recording
- User session and screen recording
- Keystrokes recording
Below is an example of what it looks like to monitor a user’s keystrokes activity in real time remotely with SoftActivity Monitor software:
(click the image to enlarge)
The Terminal Server monitoring solution from SoftActivity offers the ability to track user activity off premise as well as sessions recording, Internet monitoring and effective ways to set thresholds for things like time of day usage. The following features will allow for an easy transition into your company:
- Supports all Windows Operating Systems (as well as servers)
- Deploy Agent remotely and silently in your organization
- Data is securely stored on-premise
- Easy to understand GUI for viewing logs in a web browser
At the end of the day, Cyber-attacks are increasing and the weakest vector of compromise is the users in your network. Having a good monitoring solution in place will help you stay proactive for insider threat protection. A popular saying in the security industry is “It is not IF, but when you get breached”. There are a lot of cyber criminals out there looking at your every weakness, don’t make it easy for them, and invest in a employee monitoring solution today.
By SoftActivity Team