Struggling to maintain accountability when your employees work from home?
In this article you will learn how to track web activity, application usage, bandwidth consumption, and more with our remote employee monitoring software solutions.
Before monitoring employees that work from home you should consult with your legal counsel regarding employee monitoring laws in your jurisdiction.
To learn more about the best practices for monitoring employees you can download our free white paper or consult our article on recommendations for monitoring remote employees.
Free White Paper
Employee Monitoring: Best Practices for Balancing Productivity, Security, and Privacy
In today's privacy-conscious world employers need to monitor employees in a way that is transparent, minimally invasive, and respectful of employee privacy. Read this white paper to learn the best practices for monitoring employees in the workplace.
Before monitoring the activity of your remote employees you should disclose your intention to monitor their computer activity within a formal work from home policy and/or an acceptable use policy. These policies are critical tools for explaining your company’s expectations when employees work remotely.
Monitoring employee computer activity can be potentially perceived as invasive. Follow these best practices to monitor employees that work from home while respecting their privacy.
In this configuration you will monitor your employee’s computer activity exclusively on the company-owned workstation that they remotely connect to.
This process can be completed using any remote access tool that allows your employee to remotely connect to and control a company-owned workstation.
By monitoring in this way your employee can use their own personal computer for work purposes without having their personal computer activity monitored. If they would like to browse the internet privately they simply need to disconnect from the company-owned workstation and perform their browsing on their own unmonitored device/network.
Note: You should notify your users that their activities will be monitored while they are connected to the company network. They should be provided with instructions for disconnecting from the company network when they wish to resume unmonitored use of their personal computers.
Note: If the laws of your jurisdiction allow it and you have the explicit consent of your remote employee these steps can also be performed on an employee-owned computer, however you must be mindful of any privacy concerns your employees may have when monitoring their personal devices.
No matter which method you choose, all of these configurations are ultimately about connecting the CurrentWare Client that is collecting your employee’s computer activity data to the CurrentWare Server that stores that data so that authorized personnel can generate reports with that data from the CurrentWare Console.
Note: To simplify explanations in the next section I will be referring to the local device that your employee uses from their home as the “local machine” and the workstation they connect in the office to as the “remote machine”.
One option is to monitor your employee’s computer activity exclusively on the local machine and have them periodically sync their activity data to your company’s network using a VPN.
If you opt for this option your employee will not need to remain connected to the VPN to be monitored. All computer monitoring data and last synced device restrictions will be cached on their local machine by the CurrentWare Client agent.
The next time that your employee connects to a remote machine on your company’s network, their activity data and any CurrentWare policy updates will sync between the CurrentWare Server on the company network and the CurrentWare Client on the local machine.
The advantage of this setup is that your remote employee’s computer activity data will be stored locally on the local machine without the need to remain constantly connected to the VPN. By monitoring in this way you will reduce bandwidth consumption on your VPN and internal network.
The disadvantage of this setup is that you will not be monitoring employee activity on the remote machine that your employee connects to unless you install a CurrentWare Client on that device. You will only collect the activity that takes place on their local machine. You will also not be able to enforce any CurrentWare policy restrictions on the remote machine as you need a CurrentWare Client on each device you would like to control.
Another option is to monitor your employee’s computer activity on BOTH the remote machine AND the local machine.
With this setup you will have complete control and visibility over how your remote employees spend their time on both their local machine and the remote machine.
To do this you will install the CurrentWare Client agent on the remote machine that the VPN connects to and the local machine that they work from.
In this configuration you will monitor your employee’s computer activity directly on the local machine that they work from and sync their activity data directly to the CurrentWare Server that is installed in your company’s internal network.
The CurrentWare Client that is installed on your employee’s local machine will be configured to send data to the CurrentWare Server that is installed in your company’s internal network. To accomplish this you will need to configure your router’s port forwarding rules to accept the incoming traffic from the CurrentWare Client.
The advantage of this setup is that you will not require a VPN or remote desktop solution. This helps reduce the bandwidth consumption going through your VPN, making it particularly desirable for newly remote teams that are experiencing bandwidth overload when all of their employees connect to the VPN simultaneously. The employee’s computer monitoring data and device restrictions are kept up-to-date no matter what internet connection they use. Your employee will also not need to be on a specific internet connection to be monitored.
The disadvantage of this setup is that it is more difficult than other installation methods. This method requires setting up a Public Static IP address and making network-level changes, which may be difficult if the installer is not comfortable with configuring a network. Fortunately, all CurrentWare subscription plans include access to assistance with our technical support team.
In this configuration you will monitor your employee’s computer activity directly on the local machine and store all of their user activity data locally on that device. Your employee’s local machine will remain restricted by the last known CurrentWare policies.
The advantage of this setup is that CurrentWare continues to monitor and manage your remote workers, no matter where they work from. By monitoring in this way your employee does not need to be connected to the internet to be monitored.
The disadvantage of this setup is that you will not be able to sync any updates to your CurrentWare policies or retrieve updated user activity data until the CurrentWare Client reestablishes a connection to the CurrentWare Server.
Note: “Offsite Mode” is less of a specific configuration and more of a feature of CurrentWare. Each installation of CurrentWare will have the CurrentWare Client save your employee’s user activity data and CurrentWare policies to their local machine.
In a standalone installation of CurrentWare the CurrentWare Server, Console, and Client are installed on the same computer. You will monitor your employee’s local computer activity and store all of their user activity data on that device.
The advantage of this setup is that the device can be entirely monitored, managed, and configured from a single endpoint. This is convenient for standalone kiosks and allowing your employees to self-monitor as they can be given full control and visibility over their monitoring data.
The disadvantage of this setup is that you will have to set up these computers’ CurrentWare policies exactly as you want them to be before the device leaves the network. You will not be able to update their CurrentWare policies after they leave your network without the use of a third-party remote access tool.
Note: If you would like to prevent your remote employees from deleting their user activity data or modifying their CurrentWare device policies you can password protect the CurrentWare Console.
* Note: Email reports and alerts will only work when the remote worker has access to an outgoing email server or has internet access to send emails.
In this configuration you will expand your CurrentWare setup beyond your office and start running CurrentWare on your own private self-managed cloud servers. Once deployed, the CurrentWare Client will connect using the static IP address or public DNS of your virtual machine on the cloud.
This configuration is a Bring your Own License (BYOL) Instance. You will need to purchase your instance directly from Microsoft Azure, Google Cloud Platform (GCP) or Amazon Web Services (AWS) to install CurrentWare on these cloud platforms.
CurrentWare’s web-based administrative console can be accessed by any device with internet access and a connection to the CurrentWare Server.
By default, the Web Console is limited to internal access only. To allow remote access you can configure port forwarding in your network.
We’ve had many requests from new and existing customers for a cloud-based version of CurrentWare. This is in our development pipeline and we’re looking to fulfill these requests soon. CurrentWare Cloud is projected to be released in 2022.
* Note: For the latest updates on the CurrentWare Managed Cloud, please visit this article in the CurrentWare knowledge base
Thanks to remote employee monitoring software managing the productivity and security of a remote workforce has never been easier. If you’d like to start monitoring employees that work from home, reach out to our sales team for a demo or download a free trial of CurrentWare to get started right away.