SpectorSoft Simplifies Snooping

If the administrator is only interested in one aspect of behavior, it’s easy to focus on the required details, but all the information is available if the administrator chooses to look at it. The key is that, with the exception of e-mail alerts of keyword activity, the reports are not automatically sent to administrator; instead, an admin must retrieve them.

Spector Pro has its limitations. The most significant are on the chat clients it supports. If your organization uses Yahoo Messenger or AIM, then you’re in luck. However, the solution does not recognize Microsoft Messenger, Trillian, and many other messenger clients. It won't capture data that is sent or received on unsupported clients. Another important limitation concerns the Web browsers it supports. Internet Explorer will be captured with full URL information. We found that Mozilla surfing was also captured accurately, although the browser wasn’t recognized. But Opera, for example, was a stealth browser to Spector Pro.

The mail-capture facility works with Outlook, Eudora, and most POP3/SMTP clients. This takes care of recording most enterprise e-mail, but it can't do a great deal to help you know what an employee is doing with a Web-mail account.

Even with unsupported clients and software, however, Spector Professional captures the keystrokes entered. You lose context when looking at one side of a chat, but there will be evidence if someone is sending organization secrets out past the firewall.

Checks in the e-mail

There are many similarities between the e-Blaster and Spector Pro. As with Spector Pro, e-Blaster can be installed in stealth mode. Actually, the e-Blaster .EXE file can even be sent to the client via the network. Both record e-mail, chat, Web browsing, and application keystrokes.

Although e-Blaster does not have the snapshot feature, it does have better facilities for monitoring Web-based e-mail, with complete reporting of e-mail sent and received in the major Web-based e-mail systems. Administrators can choose whether complete e-mail contents, summaries, or simply headers are reported.

The major difference between the two solutions lies in the way each one creates and delivers reports. Whereas Spector Pro will notify an administrator only if certain keywords appear, the e-Blaster automatically creates a report and delivers it via e-mail using SpectorSoft’s SMTP mail server. It sends report e-mails on a regular basis, ranging from hourly to daily, providing detailed information on activity across the preselected applications.

Administrators configure report type (text or HTML), applications, reporting frequency, and other variables in a configuration screen that, like Spector Pro’s, is invoked with a hotkey sequence. Configuration of both products is easy, with simple check boxes and straightforward options for every application type.

Although Spector Professional and e-Blaster 3.0 have their similarities, but their differing capabilities and reporting styles make them complementary rather than redundant. e-Blaster is the tool for daily monitoring of users, the security camera in the hall that provides assurance to both employees and administrators. Spector Pro is better for in-depth monitoring of a suspect workstation, delivering minute-by-minute snapshots of a display.

It would be nice to think that solutions such as Spector Professional and e-Blaster 3.0 would never be needed. In today’s business environment, though, each could turn out to be an investment with a high rate of return.