Tracking Gmail and Skype activity

T

TheGuy

Expert Member
Joined
Sep 14, 2009
Messages
2,971
Hi Guys

Wondering if there is a way to track Gmail and Skype activity? We have a couple of staff members that are doing stuff against company policy. I've managed to catch the one user red handed but the rest have since moved all communication to Gmail and Skype.

They have signed our IT policy so it within our right to monitor them.
 
ponder

ponder

Honorary Master
Joined
Jan 22, 2005
Messages
92,823
TheGuy said:
Hi Guys

Wondering if there is a way to track Gmail and Skype activity? We have a couple of staff members that are doing stuff against company policy. I've managed to catch the one user red handed but the rest have since moved all communication to Gmail and Skype.

They have signed our IT policy so it within our right to monitor them.
Click to expand...

Skype is encrypted so no go there. Gmail if not using SSL should be able to be monitored with a sniffer etc.

Another option might be to install an application that tracks all usage on the desktop itself logging keystrokes etc. They exist but for the hell of me I cannot remember any names.

Is Skype an allowed application within the company? Are your desktops locked down so users cannot install anything or make changes?
 
T

TheGuy

Expert Member
Joined
Sep 14, 2009
Messages
2,971
ponder said:
Skype is encrypted so no go there. Gmail if not using SSL should be able to be monitored with a sniffer etc.

Another option might be to install an application that tracks all usage on the desktop itself logging keystrokes etc. They exist but for the hell of me I cannot remember any names.

Is Skype an allowed application within the company? Are your desktops locked down so users cannot install anything or make changes?
Click to expand...

I think it will use SSL as that's the default now. Keylogger is my last resort the only thing I'm trying to achieve now is to track that not too much of our company data gets copied from our fileserver to gmail.
 
H

HavocXphere

Honorary Master
Joined
Oct 19, 2007
Messages
33,155
Install something like VNC and just do spot checks every 2 hrs. That should keep them on their toes.

Or something like fraps & just record the entire session to hdd.

Keylogger won't fly. All you'll see is CTRL-C & CTRL-V. Monitoring the clipboard on the other hand combined with a video of activities will provide solid evidence.
 
E

eagle_za

Member
Joined
Mar 19, 2007
Messages
18
Install ManageEngine Firewall Analyzer
support@fwanalyzer.com
then do what we do, you monitor usage and nail them on usage. its easier to control.
also, why dont you look at Web Marshal, its dirt cheap and you can assign quotas per user group, once thats done, apply a GPO for the proxy server and block access so users cannot remove the proxy settings, thereby forcing everyone through the proxy for monitoring and reporting.
 
M

Mantis

Senior Member
Joined
Nov 2, 2005
Messages
883
HavocXphere said:
Install something like VNC and just do spot checks every 2 hrs. That should keep them on their toes.

Or something like fraps & just record the entire session to hdd.

Keylogger won't fly. All you'll see is CTRL-C & CTRL-V. Monitoring the clipboard on the other hand combined with a video of activities will provide solid evidence.
Click to expand...

Refog keylogger.
Monitors clipboard, can do screenshots, records key entries, etc etc
 
ChilliGirl

ChilliGirl

PopCornPeddler
Joined
Aug 28, 2009
Messages
34,747
Remember that Skype DOES save history....

If it is on the company PC or Laptop, it is company property, if they wanted to keep it pwersonal they sould have used their own hardware.
The PC could always be removed without warning & the content of the HDD looked at. This IS legal & they cant stop it from happening.

Also remember that any info that has been deleted is still there if the HDD was not formated. you will just need the right program to retrieve it ;)
 
T

TheGuy

Expert Member
Joined
Sep 14, 2009
Messages
2,971
ChillGirl said:
Remember that Skype DOES save history....

If it is on the company PC or Laptop, it is company property, if they wanted to keep it pwersonal they sould have used their own hardware.
The PC could always be removed without warning & the content of the HDD looked at. This IS legal & they cant stop it from happening.

Also remember that any info that has been deleted is still there if the HDD was not formated. you will just need the right program to retrieve it ;)
Click to expand...

Thanks for all the replies I checked there Skype history using Skypelogview and found enough evidence to implicate the whole group. Just show you nothing on computers is safe.
 
ChilliGirl

ChilliGirl

PopCornPeddler
Joined
Aug 28, 2009
Messages
34,747
TheGuy said:
Thanks for all the replies I checked there Skype history using Skypelogview and found enough evidence to implicate the whole group. Just show you nothing on computers is safe.
Click to expand...


As I said..... :)
MSN is even easier there are txt Doc's that gets auto saved under my Documents.


Do remember that if the PC are company property they have no grounds & their private stuff does not belong on there. Even if they used a company laptop at home after hours you are permitted the same rights to access equipment that belongs to you(company) If they wanted to keep it private they should have used their own PC's.

At least you can now look at stopping the whole dissaster that they are xausing for you.
I would advice chatting to a legal consultant/lawyer before approaching the offending staff members , to ensure that the process of "punishment"/dismissal is done correctly to prevent it from haunting you later.
 
ChilliGirl

ChilliGirl

PopCornPeddler
Joined
Aug 28, 2009
Messages
34,747
Mike Hoxbig

Mike Hoxbig

Honorary Master
Joined
Apr 25, 2010
Messages
43,328
ChillGirl said:
depending on the circumstances of use that could cause legal problems, but it is legal to back-up all mail comming through your mail server. That includes in & out going mail.

It is also legal for you to shedule regular back ups from individuals PC to either a server or mass storage device.
Click to expand...
He seems to have it covered, hence the recommendation:
TheGuy said:
They have signed our IT policy so it within our right to monitor them.
Click to expand...
 
T

TheGuy

Expert Member
Joined
Sep 14, 2009
Messages
2,971
ChillGirl said:
As I said..... :)
MSN is even easier there are txt Doc's that gets auto saved under my Documents.


Do remember that if the PC are company property they have no grounds & their private stuff does not belong on there. Even if they used a company laptop at home after hours you are permitted the same rights to access equipment that belongs to you(company) If they wanted to keep it private they should have used their own PC's.

At least you can now look at stopping the whole dissaster that they are xausing for you.
I would advice chatting to a legal consultant/lawyer before approaching the offending staff members , to ensure that the process of "punishment"/dismissal is done correctly to prevent it from haunting you later.
Click to expand...

Lawyers were contacted at the beginning when HR suspected something so they were just waiting for evidence. It's strange reading all the crap people talk about when on Skype, never really tracked people before.
 
ChilliGirl

ChilliGirl

PopCornPeddler
Joined
Aug 28, 2009
Messages
34,747
TheGuy said:
Lawyers were contacted at the beginning when HR suspected something so they were just waiting for evidence. It's strange reading all the crap people talk about when on Skype, never really tracked people before.
Click to expand...

:( If it's taking long to read..... then they probably were not working much :( either, OUCH. I'm sure you reading a few funny's they would have prefered keeping quite :eek: , LOL.

Glad you getting it sorted out :), even if it's not a pleasant process...
 
gregmcc

gregmcc

Honorary Master
Joined
Jun 29, 2006
Messages
25,513
Although Skype uses SSL its more like a fudged SSL where strings can be identified. Snort and other commercial IPS systems can and do block skype.

We've also setup skype.exe as a unwanted application in our antivirus policies so its deleted upon access.

If you are using a proxy (and you should be to track usage) then you can just the gmail and skype web pages so they cannot sign in.
 
N

news24

Expert Member
Joined
May 31, 2008
Messages
1,853
OP give them a break, don't start the China great firewall $hit, if they want to steal company info then they can do it through thumb drives.
 
ChilliGirl

ChilliGirl

PopCornPeddler
Joined
Aug 28, 2009
Messages
34,747
news24 said:
OP give them a break, don't start the China great firewall $hit, if they want to steal company info then they can do it through thumb drives.
Click to expand...

But what if their activities are having a negative impact on the company ( I get the feeling that is the case if you read #1)
Should the compnay be badly harmed it could result in the dismissal of more people,
 
You must log in or register to reply here.
Top