For the last year, cyber-criminals succeeded in a few significant cyber attacks by using weaknesses in Windows operating system, and so-called “supply chain” attack approaches. As a response, since September 2021, for the latest Windows 10 version (20H2), Microsoft turned ON by default protection against potentially unwanted apps (PUA) by blocking them when a user is downloading a setup file. Windows defender incorrectly flagged Staffcounter Setup as PUA due to functionality like screenshots, screen reading, and keylogging. At the same time, Symantec EndPoint protection also labeled the SafeJKA code signature as the “WS.Reputation” flag. We have submitted an application of False-Positive detection to both organizations.  To change the StaffCounter reputation level in Windows Defender cloud-based Threat intelligence, we also have released an extra update. 

For now, we assure you it is absolutely safe to install the StaffCounter Setup file. If you encounter difficulties downloading the setup file

• use the “Allow on this Device” option in the Windows Threat protection dialog.
• add 2 folders to the list of exclusions of the Windows Security Service – Program files (x86) and Downloads

Or add exception via command line: 

powershell -inputformat none -outputformat none -NonInteractive -Command “Add-MpPreference -ExclusionPath ‘C:\Program Files (x86)\StaffCounter'”

scroll down and click on “Add or Remove exclusion”

Now verify that folder “C:\Program Files (x86)\StaffCounter\”  is listed in the list below – 

Continue reading article →

This material will be useful for directors and HR managers.

Introduction

All of us have ever been deceived. And even betrayed. Unfortunately, we are often surrounded by people who put their personal interests above honor and conscience. In our case, we will talk about subordinates – employees. The prosperity and development of any business depend on them. Perhaps they are not to blame, perhaps their life forces them to act as they do. Perhaps they can still be re-educated? Let’s try! After all, their professional skills are very important for us!

We start with control

Continue reading article →

Today StaffCounter is the first solution in the world that offers End-2-End Encryption (E2EE). All of the data captured from employee’s computers will be encrypted and decrypted only for the account owner. Since this update, we hope to start an innovation for the entire industry of computer surveillance. The employee’s productivity data captured from end-point devices will be encrypted before transfer to our cloud service. The main difference with SSL encryption is that data is still kept encrypted when it reaches StaffCounter cloud storage and further, it is kept encrypted even in all types of running instances of the database, execution contexts, and processing algorithms within our cloud servers. When you login into your account the data is delivered to the web browser in initial encrypted form and being decrypted on-the-fly right on the Web Browser page by using the Java-Script program and encryption features of the browser. This feature allows adhering to GDPR compliance by design. Here we explain how to update or install new StaffCounter agent software and set up the E2EE encryption feature. 

Continue reading article →

We have implemented the ability to provide guest access to the department for managers. The task of the manager is to help the director to control the work of departments and assign productivity to programs and sites.

The manager has to register on the server and provide his email address to the director. The director logs in to his account, Settings page, and finds the Managers tab. Selects a department and enters the manager’s email address.
Continue reading article →

We have published a new version of the StaffCounter application for Linux. This version is compatible with Ubuntu 20 and Mint 20. The 18th version of Ubuntu is also supported. For Mint 18 and Ubuntu 16 and older use previous versions of the Staffcounter application.

In the new version:

• Added support of Ubuntu 20, improved installation in Ubuntu 18;
• Added silent installation and auto-connection. Now you can install the application remotely without any external manifestations;
• Improved the auto-connection to the local StaffCounter Server;
• The deb package was improved. Now you can launch it from the File Manager, which makes the automatic computer restart. After the restart, the Staffcounter application will be automatically launched.

Download the Staffcounter agent for Linux >>

We are glad to announce that the StaffCounter app for Android has been published again in the Play Market. In accordance with the requirements of Google, SMS recording and telephone call logging have been removed from the program. However, monitoring of applications and user coordinates remains.

Download the application from Google Play Market >>

The full version of the StaffCounter for Android can be downloaded from our website >>

If you need advanced features like invisibility, call recording (both GSM and VoIP), photos from the camera, SMS, then you can use the PRO version for Android, which is available for all the users to test. 

The users with Professional subscriptions can use it without restrictions.

Download the Staffcounter PRO for Android >>

Because of Pandemic and remote work, User Activity Monitoring and Time-Tracking solutions start being used more intensively by the corporate customers to manage a remote workforce. As a result, the most popular Time-Tracking SaaS solutions may be targeted by Malware, Cybercriminals, or Insider threats. As a response, we would like to announce the end-to-end encryption feature soon will become available for all StaffCounter customers. With “end to end” Encryption enabled, the data will be encrypted by StaffCounter Agents before upload to the staffcounter.net cloud and then decrypted in your web browser right in a moment when you are looking at the reports or employee productivity data. This provides the highest privacy level since data delivered to the cloud storage in encrypted form.  By using this principle employed in our cloud storage, technically we will not be able to read and understand productivity data received from computers by any means, on any level. This will enable safe usage of Employee Monitoring (User Behavior Analysis) solutions in any environment, even with the most strict compliance and security policies and requirements. After this feature will be enabled by the customer, StaffCounter.net or StaffCounter On-premise server will store only encrypted data blocks for each computer or employee.
Further details will be added to this announcement soon.      

Continue reading article →

Working from home (WFH) or remote-work has been known only as exceptional practice in the workplace until the COVID-19 pandemic shifted the attitude significantly. From the point of view of employees, remote work is often associated with the perceived increase of job satisfaction, for example by working from any location around the world (freelancers), by having an individual work environment, or by having more trustful relationships inside the company. From the point of view of management, remote employees bring great managerial issues like loss of control. Today top management is still skeptical about remote workers because they question the ability of their staff to handle remote infrastructure, take responsibility for confidential data, solve any situation independently and manage their time or work properly without supervision. But the latest developments in the Surveillance economy bring fresh solutions. Properly selected “Security as a Service” tools (SECaaS or SaaS) are able to cover distributed end-points into a single virtual dashboard, capture new kinds of productivity data, and thus allows better control and decision-making over a remote workforce. 

Continue reading article →

Recently StaffCounter had a number of False-Positive cases with different AVs software like Kaspersky, Bitdefender, McAfee, Malwarebytes, Windows Defender, etc. Kaspersky Antivirus (AV) protects your computer from various threats such as viruses, spyware, ransomware, banners, and others. But AV vendors are not supposed to know all existing enterprise monitoring software, so they started to add software behavior patterns as a criterion for detection. For example, keyboard monitoring behavior, screenshots, or screen-reader behavior is now considered as possibly dangerous. Therefore, in some cases, you need to add the StaffCounter program to the list of exceptions. StaffCounter also has an integrated file system filter driver for the DLP component and a big part of networking code for data upload, so by the behavior, it may look like Remote Access Trojan (RAT) but it is not so of course. As a part of transparency, we offer StaffCounter prior versions as open source.

Currently, we are working with each vendor to add a StaffCounter exception for each false-positive case. In this article, we will describe in detail the entire process of adding Staffcounter to the exception list of the Kaspersky Small Office Security 8. But the same principle may work for other AVs. 

Continue reading article →