Feeds

Is this the end of corporate porn?

Internet Saviour - or Big Brother?

  • alert
  • submit to reddit

Designing a Defense for Mobile Applications

Actis Technology reckons it has the answer to the employee Internet abuse - and that means porn, viruses, password cracking and gambling.

Its Net Intelligence software promises to "treat employees as adults" while protecting corporates from abuse of its networks.

Basically, a program (2Mb) is installed on every employee's PC which gives sys admins complete access to their PC through the network. Meanwhile a database (currently 2Gb) - licensed from Actis - is contained on a server somewhere in the building.

A search is run on employees' machines which searches all disks, runs every file through a well-known algorithm and sends them back as a "fingerprint" (83 bytes long) to a central machine. The fingerprints are then matched with the database of fingerprints of "inappropriate" material. Any match and away you go. The database is updated automatically every day from Actis' Web site.

Net Intelligence, the company claims, will pick up any files (pics and executables) which are not deemed suitable while removing the nannying system of filters and blocks that most companies currently use - hence the "treating employees as adults" catchline.

A nice little feature is one where a sys admin can monitor everything a particular employee is doing / has done. It can even pick up on deleted files, say the company.

The software raises some privacy questions. Actis claims it has no competitors as yet - but that is only on the automatic recognition of files aspect. System tools which enable companies to monitor everything an employee does have been around for ages. They have not proved too popular with employees and there is a question mark over their legal status, in light of
the Human Rights and Data Protection Acts.

Colin Rose, Actis CEO, doesn't see anything ethically wrong with the product. While the software is clearly open to abuse, it is the duty of companies to inform employees of their monitoring policies. Actis recommends that they do this when selling them the software.

But since Actis has an ongoing relationship with its customers(through a constant updating of the database), doesn't it have a duty to insist that companies inform employees of what they plan to do with the software? We bat this question about a bit before Colin not unreasonably points out that trying to tell a company like Coca-Cola what it is to do with its software is akin to "commercial suicide".

And he's right of course. We're back to the question of whether ISPs should be responsible for content or whether authors of script kiddie code are to blame for its use. We can argue about the ethics of it all day but the fact is that while corporates are worried about what the Internet enables employees to do (we'll ignore Actis' scaremongering presentation this time), they will pay someone to give them software that prevents abuse. The law is still far behind and unclear on all of this and prohibition is no solution - despite what the government thinks.

Trust the Judges

To our mind, the proper solution to the issue lies in employment law. If law puts constraints on what an employer is entitled to put into a contract regarding monitoring, and what it can do with assembled data, including the possible sacking of staff, then companies can make software that fits in with the law - instead of the catch-all programmes currently on the market.

Employment specialist David Von Hagen of DJ Freeman, the City law firm, confirms the confusion that exists in this area.

"Well, there are three laws that currently apply to employee rights. The RIP Act gives employees quite extensive rights, but then there is the Human Rights Act - although it can't be brought against private companies. And then there is the Data Protection Act - which shouldn't be underestimated in the power that it gives to employees. But then we are still waiting on the code of practice, due this month, to clarify the situation."

The problem lies in the fact that employees currently do not have to inform employees of their monitoring policies to justify reprimanding or sacking staff - because any "abuse" will be covered under the RIP Act.

Back to Net Intelligence. Is it actually technically feasible? Yes, we reckon it is. As the CTO Bill Strain explained, there is a limited number of cracker, number generator and gambling programmes. Get the "fingerprint" for these programmes and keep them updated and you can be pretty sure of picking up any incidence of it on your company's computers. Porn is tougher. Despite their claims, there is no way Actis can cover the number of porn pictures on the Internet.

However, most employees are not super tech-literate folk or secretive paedophiles - they will go to sex.com or playboy.com to get hold of pics. These pictures are easily fingerprinted. Also, if someone downloads hundreds of pics, there is a good likelihood there one or two will crop up on the database. This at least put a question mark over that employee's behaviour.

With regard to paedophilic pictures, Bill tells us that they are recognised from the fingerprints that the police send them (but only when asked for) - thereby avoiding the illegality of looking at the pictures themselves.

While Actis won't like this, if a common standard is made with regard to fingerprinting programmes and pictures, a worldwide, constantly updated database of programmes could be created and we could get back to the original idea of the Internet as a self-regulating medium. Not as much money and control there though.

The database was two years in the making and can be licensed for around £35 per PC per year (half-price from the second year on). Actis is built on £4 million funding from a consortium led by the Royal Bank of Scotland. ®

Using blade systems to cut costs and sharpen efficiencies

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
Grim diversity numbers dumped alongside Facebook earnings
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.