Enterprise Forensics

Abstract

Corporations have become quite large and networks can be found in just any organization. The size of the corporation makes it difficult for the administration to keep track of what their employees are doing. This can result in loss of resources and employee inefficiency. There is a need for centralized control from where the individual computers can be monitored and different employees can be held accountable for their actions. Information security is also a big concern for the organizations. Data theft and information leakage can be controlled if not stopped by following employee activities. Our software, Enterprise Forensics, is an employee monitoring tool which provides computer surveillance services. The administrator has the luxury to analyze activities like internet history, most recently used items, open windows, active processes, open ports, disk usage, registry values, etc without leaving his/her seat. These are encompassed in Enterprise Forensics which not only takes into account the above-mentioned features but is also responsive to incidents occurring over the network like external device insertion and removal, file creation, deletion and renaming on removable storage devices, printer(s) usage, keys pressed and the windows titles in which they are pressed. The information collected doesn’t just focus on the security concerns for which the employees are responsible. A great deal of information also helps the administrator to analyze the health of the computer. He/she can detect the presence of viruses, spyware programs, outside connections to corporate network and any harmful changes to the registry the user may have involuntarily hosted. In this way the computers can also be audited to check if any of them has been compromised.