Checking for influencer code...
Why Do You Need Compliance Critter?
- Continuous screen recording is essential when investigating security incidents involving malicious users as you need to prove that it is the user performing the malicious action.
- Continuous screen recording allows you to see what the user is doing before and after the malicious action and so capture related activities.
- Continuous screen recording is required for compliance with NIST SP 800-53, PCI DSS, HIPAA, and other standards.
- Compliance Critter is free to install, it starts recording screens immediately and allows you to comply with standards at no up-front cost.
- You only need to pay for those screen recordings you view. Malicious user related security incidents occur at a rate of about 1 in 100 users. Cheaper than similar software where you pay by number of devices installed.
For IT Support / Cybersecurity Teams
- Easy deployment. Just specify password and storage limits which are embedded into the installer for mass deployment.
- Install and forget. Just screen recording, no monitoring of activity, no network usage, no clashes with anti-viruses, no reports.
- Encrypts screen recordings to ensure that they are not a potential security vulnerability.
- Stores recordings on local accessible drive. Overwrites old recordings when specified storage limits reached.
- Supplements other insider threat or employee monitoring software which often do not include screen recordings.
Frequently asked questions
- How much does Compliance Critter cost?
US$50 to view one month of screen recordings on one device. Remember malicious user related security incidents occur at a rate of about 1 in 100 users. Most small companies will never need to view any screen recordings, but it is nice to have the option should you need it. Peace of mind costs nothing.
- Is there a free version of Compliance Critter?
Where Compliance Critter is installed using the attended installer, the first 72 hours of screen recordings can be viewed free of charge. This allows you to confirm that Compliance Critter is working and to adjust the screen capture settings if needed.
- How does Compliance Critter work?
Compliance Critter uses FFmpeg to record the desktop screen and save it as an encrypted video file. The videos are indexed by date / time / application / window title so that you can easily find those segments relevant to your investigation. Video playback uses FFplay.
- What are the limitations of Compliance Critter?
- Compliance Critter does not record sound.
- Compliance Critter does not capture webcam video (unless shown on screen).
- Compliance Critter videos can consume up to 1GB of disk space per day on a device.
- How is disk space on the device managed?
By default, Compliance Critter stores recordings of the last 60 days, or until 50GB of storage is reached, or until the amount of storage available falls below 10GB. After which, old recordings are overwritten by newer recordings. These limits are configurable in the installer and on an individual device basis in the Compliance Critter application itself. Compliance Critter's archiving feature enables you to move screen recordings and associated information out of the pc to another location like an external storage device or a shared drive. This feature is useful if you want to retain potential evidence for possible future use without having to worry about it being overwritten.
On average a business pc has about 20GB - 50GB of storage available, as such it is not possible to guarantee that a pc will be able to store screen recordings of the last 60 days. This is why screen recording software is not commonplace and is the rationale behind the Compliance Critter 'only pay for the screen recordings you view' approach. If you have reason to suspect there has been a security incident a few weeks ago and need to see what the user was doing then there is a good chance the screen recording will be available.
- What is FFmpeg / FFplay?
FFmpeg is an open-source video capture library with associated player. Compliance Critter uses a specially complied version of FFmpeg with the non-free options removed. Compliance Critter also uses the CISCO OpenH264 library which is a free alternative to the MPEG Libx264 library. The license conditions of the OpenH264 library require it to be downloaded from the CISCO server at the time of installation. This download is automated within the Compliance Critter installer, but an internet connection is required.
- How does Compliance Critter compare with Microsoft Recall?
Microsoft has recently introduced a new Windows 11 feature called Recall. Recall takes a screen shot of the user's desktop about once every 4 seconds, uses AI to determine the screen content, and stores the screen shot and content for search purposes. Recall is designed to help individual users find websites, applications and content they have viewed previously. The main differences between Compliance Critter and Recall are:
- Compliance Critter records screens at 4 images per second and so captures the user's actions, such as which files were selected, what exactly was clicked. Recall only stores single screen shot captured every few seconds and so is unable to capture actions.
- Compliance Critter settings and screen recordings are accessible only by the administrator. In Recall, the screenshots are only viewable by the individual user and the user can switch off screen capture completely.
- Compliance Critter is designed to prevent 'fishing expeditions' where the administrator searches for inappropriate content rather than specific security incidents. Compliance Critter captures the window titles but does not allow searching on these titles, similarly Compliance Critter does not record keystrokes.
