Law Offices of Southern California
Monitoring Software Helps Law Office Conform to Standards

---

The Setting

Excellent weather, sandy beaches, and noted attractions make San Diego an enjoyable place to live as well as a popular tourist destination. Inside a business office, however, there's as much inclement Internet and PC activity as just about any place on earth.

Just ask John Sibley, IT Manager at a San Diego, California legal firm specializing in insurance claims for a range of national and regional clients, including several from the Fortune 500. Sibley tends a 50-seat PC network in a Windows 2000 Server single workgroup configuration. All desktops run Windows 2000.

The Challenge

“It's a business casual environment,” said Sibley. There are 43 employees: one attorney, with the rest of the staff a mix of claims examiners, call brokers, administrative assistants, and clerical assistants. “There's a pretty good revolving door. Lots of twenty-somethings … might be their first job out of college … many in a transitional period. Probably three-quarters of our workforce is dynamic.”

While it might be tempting to dub the “twenty-somethings” as the group most likely to goof off on the Internet, Sibley said his experience suggests that isn't necessarily so.

“For us, inappropriate behavior ran across the whole work force,” said Sibley. “It wasn't just one segment. That's what prompted the search for a monitoring solution.

“We had lots of online shopping, banking, and recreational surfing. They were looking for Paris Hilton and Brittany Spears … visiting sites more likely to be risky when it comes to malicious code. You go to these sites and you pick up so much junk … never-ending popups … browser changes … lots of activity to threaten the security of a network.

“I would have to go to the machines and clean them. It was dangerous, bothersome, time-consuming, and costly.”

	“The office network was infected with the Bugbear virus, and it brought the network down for a day,” said Sibley. “We suspected two downloads of carrying malicious code. I assume it was peer-to-peer activity … you usually don't get this type of thing unless you are going to a substandard site, opening emails with .exe attachments, or doing other things like that, things that haven't been thoroughly thought through.”
	“Our biggest concern was potential loss of data,” said Sibley. “The most feared was a virus that eats data. It could cost thousands and thousands of dollars in damage and recovery.”

“In addition,” said Sibley, “the owner wanted the Internet and PC activity of his employees to conform.”

Search for a Solution

Neither the company nor Sibley had experience with Internet and PC activity monitoring software. But the law firm's owner knew he wanted to minimize risk and to bring some order - conformity, he called it -- to the workplace.

“First I asked myself, 'What can I do to minimize exposure to malicious code?'” said Sibley. “Having a routing background, immediately I thought of access lists (filtering), but that's a very lengthy and expensive way to go. I began searching the web and the first thing I found was another expensive solution … software with additional costs for appliances and subscriptions.

“Then I found the same kind of security but without having to spend loads of dollars to build it. That was the second option I looked at … that was Spector CNE.”

	“I wanted the solution to be easy to manage,” said Sibley. “That was at the top of the list … a product anyone could manage, even if I was gone … something with easy-to-find information. Then it was overall cost. Ease and cost, those were the main considerations.”
	“I looked at Websense and others in comparison,” said Sibley. “For some, we would have needed an additional server and hardware. We felt it was overkill, and the solution was still just ‘access lists.’”

Sibley benefited from a Spector CNE evaluation after describing the challenge to a courteous and knowledgeable SpectorSoft sales representative.

“We wanted to see what it offered,” said Sibley. “And believe me, I spent a bunch of time really looking at what it could do.

“I became especially comfortable with several features … the screenshots, keystrokes typed, and web sites visited. The owner wanted visual proof … to be able to sit the employee down and say ‘Look, this is what we see.’”

“During the evaluation, we had an idea of where the problem areas were,” said Sibley. “We targeted several machines.”

Discoveries

“An employee suspected of downloading spyware denied any such activity,” said Sibley. “But we knew the back door was left open, and we were really frustrated.

“This was during our evaluation period, and it so happened that this person was one of the people we had chosen to monitor. The screen snapshots showed she was going to inappropriate sites. I pulled the owner aside and hit the playback button for him to see what I had seen, and I watched his face go limp.

“He thought it was the most incredible piece of software he had ever seen.

“I told him Spector CNE held a wealth of resources. I went through the list of features and he was pretty impressed. At that point the product was sold; it was just a matter of time working out the purchase.”

	“The first week, the office manager would come in for at least an hour each morning and review employee activities,” said Sibley. “She found plenty of inappropriate activity … websites visited with names like Nordstrom.com and Guess.com … she said it was unacceptable and gave the employees ‘the full package’ … told them what was up.”
	“We were more surprised by which employees were involved with certain activities as opposed to the type of activities themselves,” said Sibley. “The activities were not unexpected, but in a few instances, those responsible presented us with a bit of a shock.”
	“During the evaluation period, I found MSN Messenger on a few machines,” said Sibley. “We also found some emails with personal content. In our environment, email can be a gossip vehicle … and if that gets out of control, it can become a legal liability.”

Awareness

“From monitoring Spector CNE reports I know there’s a definite change in activity,” said Sibley.

“I hear about the software from the staff. They ask if it’s ok to go here or there,” said Sibley. “This is not necessarily a goal … what we ultimately set out to do … but if that’s what it takes to get the security, so be it.”

Working With Employees

“Without Spector CNE, our Acceptable Use Policy just didn’t hold water,” said Sibley. “Once we implemented Spector CNE, we changed it to include a sentence about monitoring.

“We have pretty restrictive guidelines. We have those who would adhere, but many who would not. If certain activities are noted, employees are told the behavior is unacceptable, and if continued, will be dealt with … up to termination.”

	“We ran Spector CNE in the background during the evaluation period,” said Sibley. “Once we purchased, we sent out an official memo, and then about a week later we began using the software’s Logon Notice … one of Spector CNE’s little nuggets.”
	“I don’t think we’re doing anything here that isn’t being done anywhere else,” said Sibley. “It’s been long overdue.”

Spector CNE: The Software of Choice

“On a scale of 1 to 10, I give Spector CNE a 9 … because that’s as high as I will go,” said Sibley. “After downloading Spector CNE I had the program installed and I was pushing data … actively monitoring … within an hour.

“SpectorSoft’s technical support was great, especially at the outset when I had a couple of questions. It was nice to have live people to walk you through.”

Added Sibley:

	“Was Spector CNE worth it? BY FAR. We got the conformity we were looking for without revamping our whole network.”
	“For me, Spector CNE is worth its weight in gold. It minimizes my time away from what can be more productive work. Prior to having Spector CNE, I spent countless hours cleaning up PCs after work at night. That has not occurred since we’ve had the software.”
	“With Spector CNE, we’re able to meet our challenges and we feel secure. To compare what it’s like now to a year without the product, the cost was NOTHING!”

“I don’t see how activity monitoring software couldn’t become a standard,” said Sibley. “It’s imperative to know all you can … it’s just common sense. If you don’t exercise the control, it’s like giving the employees the keys to the city. You can’t afford that risk.”

For more information about Spector CNE, please visit www.spectorcne.com … or for more information about SpectorSoft and its other dependable, full-featured PC and Internet Activity Monitoring Software products, please visit www.spectorsoft.com.

-- -- -- -- -- --