Use CurrentWare’s remote desktop monitoring software to audit logons, internet activity, application usage, and USB activities of your remote users.
Remote desktop solutions are becoming increasingly common with the prevalence of distributed workforces. With employees working from home now more than ever your organization needs to ensure that remote desktop activities are monitored for security, productivity, and compliance purposes.
In this article you will learn how to use CurrentWare’s remote PC monitoring software solutions to audit the activity of users that are using remote desktop, virtual machines, Citrix, and other Windows-based remote access and virtualization technologies.
Want to learn more about monitoring user activity in a Citrix environment? Check out this article on Citrix user activity monitoring with CurrentWare
Table of ContentsThanks for checking out the latest CurrentWare Video. In this video, we’re going to cover the reasons why you should monitor employee computer activity.
If you like this or other videos we’ve produced, hit the subscribe button below. Stay tuned to the end to learn how to get a free trial of all of the software I demo today.
Employee monitoring involves understanding how your employees are using company provided technology during work hours. There are five main benefits and considerations to employee monitoring that we will cover today:
So let’s start off with how monitoring can help employee productivity.
44% of employees admit to being distracted by the internet at work, and employees in the US have admitted to wasting 1-2 hours a day browsing the internet.
Employees that know they’re being monitored will avoid excessive personal usage of the internet and computer applications. In addition, in the event an employee is underperforming, employee monitoring reports on their computer activity can be used to help the employee understand their actions and enhance their productivity.
The second important reason to monitor activity is to address inappropriate internet usage & avoid legal liability.
As compliance requirements increase for various businesses, industries & jurisdictions, employers have a responsibility to ensure their employees are complying with regulations such as HIPAA, CCPA, CIPAA and GDPR.
By enabling computer monitoring, you can ensure that your staff are complying with these requirements. In addition, by monitoring & setting alerts, you can instantly be notified if employees are visiting inappropriate websites such as pornography, adult or other websites.
The third reason to monitor computer activity is for cybersecurity purposes & to prevent data loss.
By knowing which websites an employee is visiting, which files are being downloaded or shared, and which external devices and endpoints are being used, company administrators can manage cyber security risks and data loss prevention efforts.
Data breaches and associated risks can cost businesses millions of dollars in damages along with reputational risk, so being aware of these risks and monitoring them can provide significant benefits for every organization. In addition, by using alerts, and setting up risk profiles for users, you can audit activities and groups for questionable employee behavior.
Due to Covid-19, the year 2020 has seen a significant shift to remote work for various companies and organizations. This brings us to our 4th reason to monitor an employee’s computer usage: remote workforce management.
52% of CIOs surveyed suspect that one or more of their mobile workers have been hacked or caused a mobile security issue in the last 12 months. Employee monitoring software can be used to monitor for high-risk activity and verify that employee activity on company networks is legitimate.
The final reason to monitor employees is for bandwidth management purposes. With CurrentWare’s BrowseReporter tool, you can determine who is hogging bandwidth by streaming videos and uploading/downloading excessively large files.
Employees who are hogging bandwidth can slow down the entire network, negatively affecting the productivity of other employees and reducing the performance of business critical operations.
That’s it for this video. If you have any thoughts on this video or other reasons why computers should be monitored, feel free to comment below.
If you’d like to give any of CurrentWare’s computer and device monitoring solutions a try, please check out our free trial at currentware.com/download or get in touch with us and we’d be happy to help!
Note: The above video showcases a legacy user interface for BrowseReporter. To see the most up-to-date features and interface please visit the BrowseReporter product page
Remote desktop monitoring software keeps a detailed history of users who have connected to the corporate network, along with their usage details. These reports are valuable security tools for compliance and auditing purposes. In the event of a data breach the activity of users can be audited for high-risk, anomalous, and suspicious activity.
CurrentWare’s central console ensures that you have the most important user activity data accessible from one place, allowing you to generate user activity reports easily. Reports can be generated on-demand, at a set schedule, or when specific activities occur.
User activity monitoring is an essential part of mitigating insider threat risks. This is especially true when users are allowed to access internal resources from outside of the network.
By auditing remote user activity you can detect high-risk and anomalous activities such as large file transfers to USB storage devices, inappropriate internet usage, and the use of unsanctioned applications.
With CurrentWare’s monitoring software you can leverage detailed user activity monitoring reports to enhance your insider threat detection strategy.
When employees work from home (or other remote locations) there is far less visibility into their work habits than when they work in the office.
Remote desktop monitoring software tracks the activity of these employees to ensure that working hours are being used efficiently. Depending on the needs of your environment you can monitor employee productivity while they are connected to a Windows terminal server, a remote workstation, or their local device.
Dedicated monitoring software keeps all internet browsing data intact so that users cannot hide their internet usage by deleting their history.
If excessive unproductive web browsing and application usage is detected, you can address this productivity concern before it escalates.
Company policies are valuable tools for communicating security, decency, and productivity standards to end-users. Monitoring computer activity with remote desktop monitoring software ensures that these policies are being followed.
With the monitoring software in place you will be alerted to any instances of misuse, allowing you to provide remote employees with appropriate corrective actions.
Did you know that underutilized software cost businesses a staggering $34 billion per year? Monitoring employee application usage allows you to track the utilization rate of software so you can avoid paying for software that isn’t being used.
CurrentWare audits user activity on local or cloud-based desktop computers, virtual machines (VMs), and servers running the Windows operating system.
When monitoring and managing your end-users in Citrix with CurrentWare you can track and control computer activities with PC Mode to manage the individual virtual machine or with User Mode to track and control the activities of specific users across multiple devices and/or virtual machines.
Monitoring and managing your end-users with CurrentWare in a Terminal Services environment works similarly. The exception is that in a Terminal Server/Terminal Services environment the server will be registered as an individual endpoint; when you run a report from PC mode it will give you a report on all the users’ profiles in a single report.
For monitoring RDP sessions CurrentWare meets your company’s monitoring and auditing needs for Windows desktop and Windows Server by tracking both local and RDP user sessions on all endpoints.
The CurrentWare Suite provides dozens of remote desktop activity reports for auditing how end-users interact with endpoint devices.
These reports include
Many of these reports can be configured as alerts to notify you when specific actions occur on monitored endpoints.
In addition to remote user activity reports, the CurrentWare Suite includes solutions for peripheral device control, web content filtering, and remote PC power management
Tracking user activity on a daily and weekly basis allows you to correlate time spent working remotely with the hours that employees self-report.
Using enPowerManager’s User Logon History report you can audit logon events on remote computers.
This report shows you
enPowerManager also includes a Startup and Shutdown History report to track each time a remote user alters the power state of their computer or the computer that they remotely connect to.
This report shows you
Using these reports you can track how long users have been connected to their local computers, remote workstations, and/or virtual machines.
This allows you to
To prevent users from simply logging into their workstation via remote desktop, leaving for the day, and logging in at the end of the workday, you can track idle time with BrowseReporter. BrowseReporter’s time tracking features will show you whether the employee was actively using their computer during the day.
Using BrowseReporter’s user activity reports you can monitor RDP sessions of your employees to track their productivity levels. BrowseReporter audits the internet and application usage of users that connect to remote computers using remote desktop and similar technologies.
If you have employees who work from home you can use the activity reports to verify that they were productive during work hours.
BrowseReporter even includes a pre-built employee productivity report that provides a high-level overview of how much time your remote employees spend on websites that are productive, unproductive, or neutral. These classifications can be customized to match what is considered productive for your employees.
You can even use the productivity by location report to compare productivity levels between time spent in-office vs time spent working remotely. This report tracks how much time was spent working from IP addresses that are associated with your local network and how much time was spent working from other IP addresses.
Monitoring internet and application usage is essential for ensuring that your remote users are in compliance with acceptable use policies.
When your remote users browse the internet or use Windows applications, their activity data will be collected by the CurrentWare client.
Samples of BrowseReporter’s computer activity reports
Reducing bandwidth consumption is critical if you have several remote users connecting to your network over a VPN. Excessive bandwidth use will severely impact latency and reduce the reliability of the remote session.
BrowseReporter’s bandwidth usage reports identify the websites that consume the most bandwidth. If unproductive websites are becoming a bandwidth hog in your network you can use BrowseControl’s web filtering features to block them.
BrowseReporter measures the Idle Time of remote users to see how long they are away from their computers. Using the email alerts feature you can get notified when an employee is away from their computer for a predetermined period of time.
The distinction between Active Time and Idle Time is based on the end-user’s mouse and keyboard activity. When there is no input from their mouse or keyboard for a designated period of time, BrowseReporter will shift tracking from Active Time to Idle Time.
By default, the amount of time that the end-user must be inactive before BrowseReporter switches from Active Time to Idle Time is 20 minutes. This threshold can be customized to better suit your environment.
BrowseReporter’s integrated system idle time tracker sorts remote user activity into three categories based on their usage:
Learn More: Track the Idle Time of Employees
With AccessPatrol’s device control features you can prevent data exfiltration when employees work from home.
With the CurrentWare Client installed on the devices you would like to monitor you can detect when USB devices are plugged into domain controllers, servers, or workstations.
You can also configure alerts that notify you when files are transferred to portable storage devices or when certain peripheral devices are inserted into monitored endpoints.
File Operations
Allowed vs Denied USB Devices History
CurrentWare’s remote desktop monitoring software is supported on local or cloud based desktop computers, virtual machines (VMs) and servers running the Windows operating system.
So long as the underlying operating system is a version of Windows that is supported by CurrentWare, your remote users can be monitored.
This means that you can audit user activity on Desktop as a Service (DaaS) providers such as Amazon Workspaces and Citrix, self-hosted Virtual Desktop Infrastructure (VDI), or standard endpoints that are being accessed through remote desktop, DirectAccess, or a VPN.
All CurrentWare components are compatible with Remote Desktop Services (RDS) or Terminal Servers (TS). If you have users remotely connecting to a terminal server or a Remote Desktop service, you can use CurrentWare’s remote desktop monitoring software to control and track their computer activity.
Learn more about monitoring user activity in Citrix with CurrentWare
CurrentWare is known to be compatible with the following virtual machines:
CurrentWare’s remote desktop monitoring software tracks the computer activity of remote users using a software agent that is installed on each endpoint that you would like to monitor. The CurrentWare client agent is responsible for receiving the policies from your CurrentWare server and triggering them locally on the remote computer.
The client agent is able to differentiate between each user that is logged into the remote desktop servers. This allows you to apply unique security policies for different groups of endpoints or users. You can separate your users/endpoints into logical groupings and run reports on their computer activities.
How you will deploy CurrentWare’s remote desktop monitoring software depends entirely on the needs of your environment.
If you would like to monitor the desktops that the end-users remotely connect to, you will install the CurrentWare client on that endpoint/virtual machine, or use terminal services to provide the remote employee with a desktop that has the CurrentWare client installed.
If you would like to remotely monitor the end-user’s computer, you will need to install the CurrentWare Client on their computer. To reduce potential privacy concerns the best practice is to provide the remote user with a company-owned device and have them sign a written notice that alerts them of the monitoring.
Learn More:
Yes. Using CurrentWare’s remote desktop monitoring software you can monitor the computer activities of your end-users. This includes logon/logoff events, internet history, and application usage. Alongside monitoring remote desktop protocol (RDP) sessions the monitoring software can also track activities on local sessions.
You can start monitoring remote desktop activity by downloading a free trial of CurrentWare’s remote desktop monitoring software and following these installation instructions.
Remote users can be monitored with a few different methods
So long as the monitoring software agent is installed on the device you would like to monitor and the agent has a connection to a database, you can monitor your remote users.
The types of data that you collect when monitoring remote users depends on the remote employee monitoring software that you use. CurrentWare’s monitoring software solutions allow you to track websites visited, applications used, productivity levels, logon/logoff times, and more.
Yes, CurrentWare is supported on Citrix. You can install the CurrentWare Clients on your Citrix Workspace so long as they are running compatible versions of Windows. | Learn More
Ready to start monitoring remote desktop sessions? Get started today with a FREE trial of CurrentWare’s remote desktop monitoring software solutions.
Need help getting started? Our technical support team is here to assist you through your evaluation over phone, live chat, or email.
Cookie | Duration | Description |
---|---|---|
__cfruid | session | Cloudflare sets this cookie to identify trusted web traffic. |
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
JSESSIONID | session | The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application. |
LS_CSRF_TOKEN | session | Cloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed. |
OptanonConsent | 1 year | OneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
_zcsr_tmp | session | Zoho sets this cookie for the login function on the website. |
Cookie | Duration | Description |
---|---|---|
_calendly_session | 21 days | Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar. |
_gaexp | 2 months 11 days 7 hours 3 minutes | Google Analytics installs this cookie to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_GY6RPLBZG0 | 2 years | This cookie is installed by Google Analytics. |
_gcl_au | 3 months | Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services. |
_gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
Cookie | Duration | Description |
---|---|---|
_opt_expid | past | Set by Google Analytics, this cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that is being redirected. |
IDE | 1 year 24 days | Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile. |
NID | 6 months | NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads. |
test_cookie | 15 minutes | The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies. |
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
_dc_gtm_UA-6494714-6 | 1 minute | No description |
_gaexp_rc | past | No description available. |
34f6831605 | session | No description |
383aeadb58 | session | No description available. |
663a60c55d | session | No description available. |
6e4b8efee4 | session | No description available. |
c72887300d | session | No description available. |
cookielawinfo-checkbox-tracking | 1 year | No description |
crmcsr | session | No description available. |
currentware-_zldp | 2 years | No description |
currentware-_zldt | 1 day | No description |
et_pb_ab_view_page_26104 | session | No description |
gaclientid | 1 month | No description |
gclid | 1 month | No description |
handl_ip | 1 month | No description available. |
handl_landing_page | 1 month | No description available. |
handl_original_ref | 1 month | No description available. |
handl_ref | 1 month | No description available. |
handl_ref_domain | 1 month | No description |
handl_url | 1 month | No description available. |
handl_url_base | 1 month | No description |
handlID | 1 month | No description |
HandLtestDomainName | session | No description |
HandLtestDomainNameServer | 1 day | No description |
isiframeenabled | 1 day | No description available. |
m | 2 years | No description available. |
nitroCachedPage | session | No description |
organic_source | 1 month | No description |
organic_source_str | 1 month | No description |
traffic_source | 1 month | No description available. |
uesign | 1 month | No description |
user_agent | 1 month | No description available. |
ZCAMPAIGN_CSRF_TOKEN | session | No description available. |
zld685336000000002056state | 5 minutes | No description |