Security Requirements for Digital Auditing Solution.

COVID-19 pandemic has greatly shifted the Digital Surveillance economy due to human isolation, distance education, and remote work.
We would like to remind, that supervision technologies like parental controls and employee auditing should be planned and implemented with clear and detailed requirements in mind. Otherwise, the controls may look overwhelmed and untrustful for the environment.

This year, we have witnessed momentous developments caused by how COVID-19 pandemic. Many employees are forced now to work from home and it requires significant adoption of IT infrastructure, internal process workflow, and remote workforce management.
Universities and schools switched to distance education but when it comes to the examination, the distance approach simply doesn’t work. All existing techniques aimed to assess the student’s knowledge in an automated way at a distance needs to be significantly adjusted to avoid copy/paste plagiarism and simple rewriting during the online examination.
Digital auditing and surveillance may help but requirements need to be carefully elaborated and top management needs to initiate the process.

Here are just a few requirements regarding employee auditing that may be fitted into the Security Policy of an organization:

  • To audit and monitor compliance with good security habits after security awareness training.
  • To audit and monitor employee access to confidential information or personally identifiable information (PII) on each workstation.
  • To audit and monitor adherence to attendance and working hours of employees working remotely.
  • The monitoring system should always display its presence and status throughout the computer session.
  • The monitoring system should always remind computer users about the status of monitoring and provide a high level of awareness.
  • The monitoring system should preserve audit trails for a significant amount of time in a secure storage format.
  • The monitoring system should audit and protect access to audit trails.