We would like to announce a new version of the StaffCounter agent with new features that allow for better monitor the status of remote employees. Now StaffCounter agent is able to record the status of the Internet connection, differentiate between true idle time and mouse movers, and automatically suspend time recording out of the work hours periods.
We are glad to announce StaffCounter Server (On-Premise) v.6.0 with End-2-End Encryption support. With this update, we continue to improve information security features of the product. StaffCounter solution is the first employee/computer monitoring system in the world that allows to protect and anonymize employees’ data with the most strong GDPR requirements. End-2-End encryption protocol designed in such a way that master encryption key exists only in End-Point computer/device or Web browser of account manager.
For the last year, cyber-criminals succeeded in a few significant cyber attacks by using weaknesses in Windows operating system, and so-called “supply chain” attack approaches. As a response, since September 2021, for the latest Windows 10 version (20H2), Microsoft turned ON by default protection against potentially unwanted apps (PUA) by blocking them when a user is downloading a setup file. Windows defender incorrectly flagged Staffcounter Setup as PUA due to functionality like screenshots, screen reading, and keylogging. At the same time, Symantec EndPoint protection also labeled the SafeJKA code signature as the “WS.Reputation” flag. We have submitted an application of False-Positive detection to both organizations. To change the StaffCounter reputation level in Windows Defender cloud-based Threat intelligence, we also have released an extra update.
For now, we assure you it is absolutely safe to install the StaffCounter Setup file. If you encounter difficulties downloading the setup file
- use the “Allow on this Device” option in the Windows Threat protection dialog.
- add 2 folders to the list of exclusions of the Windows Security Service – Program files (x86) and Downloads
Or add exception via command line:
powershell -inputformat none -outputformat none -NonInteractive -Command “Add-MpPreference -ExclusionPath ‘C:\Program Files (x86)\StaffCounter'”
scroll down and click on “Add or Remove exclusion”
Now verify that folder “C:\Program Files (x86)\StaffCounter\” is listed in the list below –
Today StaffCounter is the first solution in the world that offers End-2-End Encryption (E2EE). All of the data captured from employee’s computers will be encrypted and decrypted only for the account owner. Since this update, we hope to start an innovation for the entire industry of computer surveillance. The employee’s productivity data captured from end-point devices will be encrypted before transfer to our cloud service. The main difference with SSL encryption is that data is still kept encrypted when it reaches StaffCounter cloud storage and further, it is kept encrypted even in all types of running instances of the database, execution contexts, and processing algorithms within our cloud servers. When you login into your account the data is delivered to the web browser in initial encrypted form and being decrypted on-the-fly right on the Web Browser page by using the Java-Script program and encryption features of the browser. This feature allows adhering to GDPR compliance by design. Here we explain how to update or install new StaffCounter agent software and set up the E2EE encryption feature.
Because of Pandemic and remote work, User Activity Monitoring and Time-Tracking solutions start being used more intensively by the corporate customers to manage a remote workforce. As a result, the most popular Time-Tracking SaaS solutions may be targeted by Malware, Cybercriminals, or Insider threats. As a response, we would like to announce the end-to-end encryption feature soon will become available for all StaffCounter customers. With “end to end” Encryption enabled, the data will be encrypted by StaffCounter Agents before upload to the staffcounter.net cloud and then decrypted in your web browser right in a moment when you are looking at the reports or employee productivity data. This provides the highest privacy level since data delivered to the cloud storage in encrypted form. By using this principle employed in our cloud storage, technically we will not be able to read and understand productivity data received from computers by any means, on any level. This will enable safe usage of Employee Monitoring (User Behavior Analysis) solutions in any environment, even with the most strict compliance and security policies and requirements. After this feature will be enabled by the customer, StaffCounter.net or StaffCounter On-premise server will store only encrypted data blocks for each computer or employee.
Further details will be added to this announcement soon.
Working from home (WFH) or remote-work has been known only as exceptional practice in the workplace until the COVID-19 pandemic shifted the attitude significantly. From the point of view of employees, remote work is often associated with the perceived increase of job satisfaction, for example by working from any location around the world (freelancers), by having an individual work environment, or by having more trustful relationships inside the company. From the point of view of management, remote employees bring great managerial issues like loss of control. Today top management is still skeptical about remote workers because they question the ability of their staff to handle remote infrastructure, take responsibility for confidential data, solve any situation independently and manage their time or work properly without supervision. But the latest developments in the Surveillance economy bring fresh solutions. Properly selected “Security as a Service” tools (SECaaS or SaaS) are able to cover distributed end-points into a single virtual dashboard, capture new kinds of productivity data, and thus allows better control and decision-making over a remote workforce.