InspectSystem: Data Security Guide

InspectSystem Web service provides software as a service (SaaS), and besides, InspectSystem Local is provided as a boxed client-server software solution for use in secure local networks. We understand the importance of security and privacy of customer data and are constantly working on reliability and safety of the service. After reading the article, you will learn the principles of data transfer, storage and access in the Web service.

The structure and components of InspectSystem Web service

The Web service includes two elements:
Client app – a software agent that is installed on monitored PCs. The client app collects and transmits data to InspectSystem web server. It may run in hidden or visible mode.
Web-service – receives, processes and stores monitoring data, produces customizable reports and sends e-mail notifications. Server accounts are accessible only by users explicitly authorized by account owner.

InspectSystem Client App

The client app is installed on Windows desktop and laptop PCs, as well as Windows terminal servers. The client app is developed on standard C++ library. We do our best to ensure stability and quality of the software by bug fixing, updating, and adding new features, based on end-user feedbacks, as quick as possible.

In visible mode, InspectSystem client app menu allows users:

  • to view personal timesheet;
  • to analyze their own records of spending time;
  • pause and disable monitoring.

The pause and disable functions are designed for remote employees working on their own computers.

Application security

Our principal approaches to data collection, data transmission and programming of the app:

  • use of SSL for data transmission and reception;
  • developed on standard C++ libraries;
  • the software does not change file and folder structure, does not modify, move or copy files;
  • the client app does not affect health and performance of monitored PC;
  • the software does not interact with third party scripts, software or network resources;
  • the installation file is available for download only for registered users; the Access Key is unique for every account;
  • the app, when in visible mode, may only launch your default browser to show personal monitoring statistics to the user.

What information is recorded and transferred by InspectSystem client app?

The client app collects and transmits to the server the following information:

  • Mac address, local ip, network name, login. These are necessary to identify the user;
  • the software generates a custom ID to identify the connected device. It helps to recognize the computer after you reinstall your operating system;
  • a list of applications run, for counting working time;
  • titles of the windows opened;
  • working time intervals;
  • timeout intervals;
  • screenshots;
  • the software communicates with Active Directory using the stored information about the employee. It automates adding employees, you do not enter manually. The program will automatically fill in employee data fields: name, email.

Web-service

The collected data is controlled by you in your personal account. InspectSystem is not designed for deep surveillance of employee and personal data. The program does not record keyboard strokes, passwords, form fillings, copy files, extract data from browsers.

The purpose of the software is to count time of activity at the computer to see the exact workload of staff, to determine efficiency and to ensure employees’ presence and activity at the workplace.

Web service security 

InspectSystem processes data and stores information on servers located in secure  modern data centers. Access to servers is granted to authorized personnel only. Server maintenance is put under strict control and logged. Data center equipment has reliable degree of protection and fault tolerance. Besides, the Service features internal and external risk factor monitoring.

By registering in the web service, you create a company account and gain access to personal account, where you can configure InspectSystem client apps remotely and customize the following settings:

  • business hours of the company;
  • individual schedules;
  • screenshot parameters (on-off, quality, scale, time intervals);
  • hidden/visible monitoring mode;
  • configure e-mail notifications;
  • enable/disable tracking.

The service accumulates data that you manage: timesheet statistics, active window titles and screenshots. Users of the service are identified by password and e-mail address.

Please consider security of your account by ensuring quality and complexity of the password. Do not grant access to unauthorized and unreliable persons. As an account owner, please do not share your password with anybody. Make use of special built-in access levels (roles) to grant limited access to company officers in accordance with their positions and responsibilities.

Data transmission & communication with the web server is done through secure communication channel so you can access the system from public networks as well.

In response to customer requests, we developed InspectSystem Local to approach corporate data security policies which restrict the use of online services and cloud technology. With InspectSystem Local all monitoring data may be stored on your own local network equipment, offline.

If you have any additional questions, please don’t hesitate to ask us.