FAQ: Frequently Asked and Finally Answered

1.    There are locations with multiple official languages and even dialects, can the solution analyse texts written in any of them?
The solution support import of local dictionaries. As policies are customisable, dictionaries can be tailored to a company’s needs.

2.    Does the endpoint software have tamper protection?
The software installed on an endpoint can’t be deleted or sabotaged by a user.

3.    Can the policies be changed when a user’s laptop is outside the corporate perimeter?
There are a few measures to take before moving people to work from home:

  • Configure connection to internal services via VPN
  • Make sure that all the services are available outside the office and assess Internet and backup communication channel bandwidth
  • Install service performance monitoring system
  • Prepare a corporate or a user’s personal PC for remote work denying employee access to corporate laptop BIOS, enabling drive encryption and configuring backup to the corporate cloud for a corporate PC and controlling software update installation, configuring access to terminal servers and providing two-factor authentication for a private PC.
  • Configure the Risk Monitor system – optimise the settings in accordance with the channel bandwidth and activate maximum monitoring of users who can access the most sensitive information.

4.    Is Risk Monitor a combination of DLP and TimeInformer?
TimeInformer includes Keylogger, MonitorController, ProgramController and MicrophoneController.
DLP comprises MailController, IMController, DeviceController, PrintController, HTTPController, CloudController, FTPController, AlertCenter and ReportCenter.
Risk Monitor consists of the complete DLP toolset and incorporates MonitorController, ProgramController, MicrophoneController, and ProfileCenter.

5.    Does the system support Windows, Linux and Mac?
SearchInform instruments support Windows and Linux.

6.    How do you manage laptops with the solution installed on them when they are outside the office?
Risk Monitor can be installed on corporate laptops and taken home. In this case captured data is transferred via the Internet using port forwarding on a proxy server or using VPN.
If employees work with their personal devices from home, then they can connect to a terminal server or VDI with the installed software which transfers data to the Risk Monitor server.

7.    How does the solution monitor data stored in the cloud?
SearchInform tools control contents of cloud storages, scan data and detect confidential information: corporate NAS (Synology, HP, QNAP, etc.), corporate storage (SharePoint), cloud storages (Dropbox, Yandex.Disk, OneDrive and CMIS), take measures in case policies are violated in Office 365, discover sensitive documents which are stored with violations of security policies in shared folders, cloud storages and local NAS systems, SharePoint platform.

8.    Is it possible to launch monitoring without user knowing about this?
The fact that the solution is installed isn’t obvious for a user, the product’s activity is smooth and seamless, but users should be informed about the monitoring process.

9.    What if a company was hacked during an external attack, is it possible to discover which data was leaked?
SearchInform software enables retrospective investigation and allows a specialist to access archived data as the monitoring system scans all the data stored prior to the system installation. Elaborated preconfigured reports show the missing information, FileAuditor classifies data tagging files, makes shadow copies of critical files found on a PC, server or in network folders and saves the history of their revisions facilitating the recovery of lost information.

10.    How does a specialist get alerted to critical incidents?
Alerts can be sent to your email, thus even when you’re outside the office and have only a phone with you it is possible to stay informed on the go. You can also customise reports, schedule their creation and sending to receive the visualised results as diagrams or content route and relation graphs and charts.


11. Is it legal to monitor my employees?
Employee monitoring is legal in the majority of European countries. When signing a contract employees “sell” their time and agree to use an employer’s equipment. Employees must be aware of monitoring. Needless to say the monitoring process must comply with the EU General Data Protection Regulation (GDPR)
SearchInform provides a comprehensive approach to internal monitoring by extending a DLP solution and blending two powerful concepts: incident prevention and internal threat mitigation.


Reminder! This article shall not be used as legal advice. To receive professional legal advice, please consult your lawyer.


12. Is it legal to monitor emails and social media?
Yes, an employer may control all the outbound and inbound emails on the company’s computer. That is why it is essential to explain to your employees that it is not appropriate to open their personal emails on corporate devices. 
If a company has to monitor emails or any other correspondence, MailController and IMController should be considered – the modules of SearchInform Risk Monitor.

13. Is it legal to monitor employee Internet traffic?
Yes. However, the law allows employers to collect and process the limited amount of personal data which is truly required. 
It is advisable for an employer to configure policies regulating the Internet usage so that employees know what is acceptable.

14. Is it legal to monitor screen activity and keystrokes?
Yes, it is legal. However, it is advisable that employers decide on why they have to use this type of surveillance. Employees must be aware of it and give their consent, and again, the monitoring should comply with General Data Protection Regulation.

15. Is it legal to monitor employees transferring data to USB, external hard drives, etc.?
Yes. In fact, one of the simplest ways to steal information is to transfer data from the corporate network to removable media. In accordance with GDPR, device monitoring is allowed if employees are given notice of the monitoring process and internal policies are clarified for them, and in case it is done for a legitimate business purpose and doesn’t infringe on employee privacy.

The best a company can do to not violate individual’s privacy is to be transparent. It is important to make sure that an organisation has clear policy about the monitoring process, and inform your employees about the channels you control.

Here, you can have a quick look at the check-list in order to establish appropriate GDPR compliant practices at your workplace:
•    Inform employees of monitoring; 
•    Ensure that monitoring addresses certain business purposes and does not interfere with the employee’s rights to privacy;
•    Ensure data protection rights.

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.