Shipping & Logistics Company
- Securing sensitive corporate information
- Monitoring of social media and online chats
- Monitoring of unproductive Internet use
- Using company machines for storing personal images and video
The company’s sales staff used Skype and Facebook as a means of communicating with customers. However, managers had no way of monitoring their use as Trend Micro could not monitor activities over social media sites, chat applications, etc. or material being copied to thumb drives. It only served to protect the company from outside threats such as hacking, viruses and malware but failed to detect what people were actually doing in the office.
Due to the global nature of their business, the majority of their internal applications run over the Internet. However, they experienced bandwidth bottlenecks during peak trading hours. In the past, the company had consistently upgraded their bandwidth to address this problem but without any satisfactory results. To evaluate their desktop utilisation, the company decided to install e-Safe Compliance, initially on a field trial basis.
The Solution: e-Safe Compliance
The e-Safe Compliance proof of concept was installed in silent mode and produced surprising results:
- Nearly 60% of Internet usage during working hours was of a personal nature and the majority of the offenders were administration staff who were not required to use Facebook to perform their role.
- Some administration staff were detected watching movies or playing games for more than 50% of their PC usage time.
- For the sales staff, who were required to use Facebook, e-Safe Compliance helped to identify numerous instances of staff spending time playing Facebook games or just using it for personal purposes.
- e-Safe Compliance detected various instances of inappropriate chat and corporate email conversations with the customers, including the use of foul language, all of which could directly harm the reputation of the company.
- e-safe Compliance detected some staff copying emails containing customer information to thumb drives, which was unusual activity, considering that the majority of the business is run over email, and this led directly to an investigation by the management.
- There was a high incidence of staff accessing unauthorised documents from file servers.
- Some staff were detected accessing pornographic websites, images and videos. Trend Micro employed a lists-based, URL blocking system, which was unable to block all permutations of pornographic websites URL or detect offline pornographic images and videos. Employees had exploited this limitation but e-Safe Compliance was able to identify the activities which were a serious breach of company policy.
- e-safe Compliance’s Drive Audit facility detected huge numbers of personal videos and images being stored on company machines; the top violator had nearly 500GB of video files in his 750GB hard drive.
The company decided to proceed with e-Safe Compliance and announced to all employees that their machines will be monitored and that they should refrain from non-company related activities on company machines during working hours unless specifically authorised by their managers.
- e-safe Compliance provided the management with visibility of under-utilised staff across the entire organization, by department and by individual user. Senior managers could now verify the requests from department heads for more resources more accurately, and to solve the problem completely, they employed a process of sending department heads regular desktop and Internet usage reports for each of their staff. The department heads now had a clear idea about their staff utilisation and could take appropriate action to improve productivity. This process also dramatically helped in reducing unproductive use of the Internet, thereby minimizing the bandwidth issues at peak times.
- The department-level reports produced by e-Safe Compliance also identify potential information leaks, for example, via thumb drive etc, and enable managers to question the intent of the transfer of information. This has helped in eliminating the information leaks within the organisation.
- Personal use of Facebook and Skype by sales staff was drastically reduced as they know now they are being monitored. Furthermore, with the knowledge that e-Safe Compliance is monitoring keystroke activity, the incidences of inappropriate language between the staff and the company’s customers in email communication have been eliminated.
- The issue of pornography was completely solved as people know now they would be caught accessing such material whether from online or offline sources.
- Monitoring compliance with the company’s policies is now much more effective. Employees are only allowed to store personal files in a specific folder on the PCs desktop, which is verified using e-Safe Compliance’s Drive Audit features. The IT personnel can also manage and control the amount of personal content allowed per employee using e-Safe. The downloading of media using the company’s Internet is a breach of existing IT policy and employees are personally held liable in the case that any of the stored information is found to break any piracy laws. Through e-Safe Compliance’s ability to detect and identify the violators, the company has managed to drastically reduce the amount of personal media files has completely eliminated the use of company’s Internet for personal downloads and uploads.