Avi Amos 88 298.
(photo credit: Courtesy)
There's an old saying about how life is like high school - that the same types who populate the hallways of your institution of secondary learning - like the nerd, the jock, the goody-good, etc. - are the same ones you will meet again and again throughout life.
I, however, think that life is more like third grade - the grade that TV's Bart Simpson has been in for the past 18 years. Like Bart, adults try to get away with all sorts of things without taking responsibility. In the immortal words of Bart Simpson, when confronted with a minor or major infraction, "I didn't do it!" It's all about personal responsibility.
It works the same at the office. A secretary in a hurry may forget to save a sensitive document - one that government inspectors may demand to see at some future date; a programmer may forget to file some important code that will set a project back by weeks; and a forgotten trace routine by a system administrator in a database could cause an e-commerce site's sales engine to slow to a crawl - costing the company much money in lost sales, as well as a loss valuable of goodwill among customers that will hurt future sales, as well.
And when the you-know-what hits the fan - what then? When the CEO seeks out the responsible party and confronts employees with the facts, what answer do you think s/he will get from anyone and everyone? That's right - "I didn't do it!"
Note that this isn't necessarily about blame. Employees who mess up are naturally afraid that they will be forced to pay the piper, sometimes in the coin of a promotion, or even their continued employment. But it's not always about employee error; sometimes it's about the system, and when an error is made it's important to find out ASAP what went wrong and why - and to perhaps institute a system change that will prevent similar problems from occurring in the future.
Either way, the boss has a right to know where the company's money and resources are going. Unfortunately, the vast majority of monitoring tools can only indicate where the problem is - not where it originated from. In the event of a major system meltdown, for example, caused by a breach in the firewall, system log files will give a clear picture of how the bad guys were able to exploit the system. But it won't necessarily indicate who it was that opened port 9600 to allow quick and easy downloading of X-rated movies, the same port the hackers exploited to compromise the system.
If all the tampering was done on the server, and the person responsible logged in as a superuser, and the superuser password is known to a dozen people - at least - who do you complain to? And what about the myriad events that don't get logged at all? How do you keep track of what - or who - the cause of the problem is?
Enter Observe-IT, a small Israeli start-up, which takes a completely different and unique approach to the problem of personal responsibility - and personnel supervision. The secret, says Observe-IT CEO Avi Amos, is in the desktop session. The server may be the vehicle whereby the damage is done, but the root of all evil is in the session - that's where the keystrokes are generated from, and that's where the screens displaying malfeasance, error intentional or otherwise, or plain old stupidity are on display. Keep track of the session, says Amos, and you'll be able to keep track of what happens on your company's servers - as well as who's behind it.
To that end, Observe-IT produces monitoring software that keeps an eye on who does what and what changes they institute. Say a user logs in from his or her desktop and accesses a server file - maybe a configuration file for some networking application. If a change was made in error - say an IP address was changed - the entire system that depends on that application will be in disarray. And why? Because of a rogue keystroke that the user made inadvertently. That's not something a log file will detect. But it is something a visual record of the user session, as it appeared on the desktop, will able to track down.
Each user's session activity is recorded - both textually, via keystrokes, and visually, via screen recording and screenshots. Each action that takes place during a session is recorded and stored. If a log indicates that a certain problem began at a specific time, a system manager can search for particular events relating to the problem within the data, searching by login, application, console number, or other criteria, and narrow down the chain of events that led to the incident. And when a problem is detected, the program can attach a "sticky note" to the screen/data indicating what happened and how to avoid it happening again. Detective work that would have taken weeks of effort or even more takes mere minutes (okay, maybe hours) with Observe-IT - and the program helps ensure that it turns into a one-time event.
Observe-IT is a small company - so far, it's got only eight employees - but it's got big plans that are already coming to fruition. Several large Israeli companies have signed on, with the program custom-tailored for customers' specific needs - security, system monitoring or ensuring government or international standards compliance. This latter solution promises to be a major growth area for the company, Amos says, because governments around the world have instituted tougher security requirements for hi-tech and other sensitive industries, all requiring meticulous record-keeping and safeguards against security risks that in the past were dealt with "on the fly." Observe-IT ensures compliance with a whole host of these new rules, like the US Patriot Act, tougher measures by the Securities and Exchange Commission and others.
One particular area that customers have found Observe-IT to be very helpful in, Amos says, is to record video conferences over the Web, which the SEC in particular requires be recorded and preserved permanently. As a result of the tougher laws, Amos says, many financial sector companies mulled abandoning Web conferences altogether - but thanks to Inform-IT, they don't have to. With Observe-IT recording the events of the Web conference, as well as which documents were opened and what changes were made from them, even the toughest government inspector will be happy, Amos says.
Despite what you may be thinking, Observe-IT is not meant to be a spy tool for bosses to use against hapless workers. The truth is that any sysadmin who wanted to "catch" a goldbricking employee can utilize a whole host of tools that work surreptitiously on a user's PC and gather up information for use in employee evaluation. But using Observe-IT for such a purpose is a waste of money, says Amos, and of capabilities. It's not about showing off your "power," it's about not losing your shirt on avoidable errors, problems and missed compliance requirements.
As long as human error is a factor in bad business, Inform-IT is guaranteed a bright future!