Join Us!

Activities monitori...
 
Notifications
Clear all

Activities monitoring during data retrieving  

  RSS
rsvihalek
(@rsvihalek)
New Member

Hello to all,
I would like to know your opinions abouth the product we are currently thinking about to offer to forensics.

I'll start the product description from end the output of the product should be a report with all activities the operator performed to dump the data. Resulting report should be sign using the RSA including the dumped data with possibility to burn the DVD.

The goal should be to present to anybody that on computer used for data dumping there was no activities and no software running which can result in report data being modified.

Our vision is the following
arrow forensic would like to start dump of data. He/she will right-click the tray icon and selects the appropriate command
arrow dialog will appear with possibility to enter information aout the case, dumped data, examier, etc.
arrow product will start activities monitoring
arrow forensic will dump all the needed data and do all the needed action
arrow when he/she is done right-click the tray icon and selects the command to stop monitoring and create activities report, specify private key, etc.
arrow product will store activities, sign them and signs resulting data of the dump

I would like to know your opinions and comments, thank you

Quote
Posted : 13/12/2009 8:06 pm
ba2llb
(@ba2llb)
Junior Member

Perhaps once people download the software and try out the features to see if it offers more extensive or enhanced activity logging than existing forensic products you will get some feedback. I will be trying it out this coming week just to familiarizr myself with the features.

ReplyQuote
Posted : 14/12/2009 3:35 am
rsvihalek
(@rsvihalek)
New Member

And you know some product which allows to store all the activities of the forensic during the data retrieving?

ReplyQuote
Posted : 14/12/2009 3:42 am
jaclaz
(@jaclaz)
Community Legend

Probably it would be useful to somehow "certify" (evedently on a volunteer basis) the activityies performed.

But if I may, the "overall idea" of your current apps

ActivityMon Products

Welcome to ActivityMon products family, the products helping you to lower expenses, informing about the activities occured on your computers and about the idle time of your employees. Such information can increase your data security and your company productivity.

appears to me as means to potentially illegally "spying" on employees, something that is usally NOT allowed in most European countries, as it would breach privacy and employment laws.

jaclaz

ReplyQuote
Posted : 14/12/2009 2:42 pm
rsvihalek
(@rsvihalek)
New Member

The idea of the product for forensic is different from the general ActivityMon products
arrow forensic detective should control the start and the end of monitoring
arrow the reason of monitoring is not to check if forensic is doing anything, he/she would start the monitoring because he/she wants to declare to court or anybody else he/she does just the forensic examination and nothing else (no data modification), no web site with potentially dangerous content were visited, no application that may modify the data was running, etc.

appears to me as means to potentially illegally "spying" on employees, something that is usally NOT allowed in most European countries, as it would breach privacy and employment laws.

ActivityMon by default is visibible application, it even informs the user about the monitoring after he/she logs in. We do not see nothing illegal on, the person who installs it should be the owner of the computer (we require it in the EULA). It is true that it can be installed in the invisible mode (we have implement it because of customer requests) but there is a warning that monitoring without the user knowing it is illegal.

ReplyQuote
Posted : 14/12/2009 3:16 pm
rsvihalek
(@rsvihalek)
New Member

Probably it would be useful to somehow "certify" (evedently on a volunteer basis) the activityies performed.

We would like to allow to sign resulting activities report with RSA. Resulting data of the forensic work should be also signed so the forensic will be able to say here is the DVD with the signed forensic report and there are also activities I made to obtain them. Because of RSA sign everyone will be able to check its authenticity and validity.

ReplyQuote
Posted : 14/12/2009 3:28 pm
Share: