Scope and display of monitoring
Bravura Security Fabric , by default, restricts the screen-shot and keystroke-data-monitoring scope to the terminal only, to protect the privacy of the user; for example, when remote users or contractors are accessing monitored systems from public or personal computers, personal data and applications could also be active. This behavior is controlled by the SMON RESTRICT SCOPE setting, which can be applied globally or per managed system policy.
For disclosure options that allow session recording, having SMON RESTRICT SCOPE enabled would mean:
Child processes of the process that receives disclosed access are not recorded.
Local workstation tools opened via
pswxcmd(which open new sessions in the same process as additional tabs) will record all tabs only in the first open session on a workstation; additional simultaneous sessions open to the same tool will record black rectangles.
Disabling this setting allows you to monitor the user’s display and keystrokes on their whole system both inside and outside the terminal when they initiate a privileged session. This provides better security; for example, if a user starts remote desktop, they may be able to copy sensitive data from the remote terminal to an email or another application outside the terminal.
Warning
Clipboard data is not restricted when SMON RESTRICT SCOPE is enabled. Bravura Security Fabric will continue to collect clipboard data inside and outside the terminal for the user's whole system.
The following options on the Recorded session tab control the scope of what is monitored:
Option | Description |
|---|---|
SMON RESTRICT SCOPE | When disabled, the user’s entire system is monitored when the user starts a privileged session. When enabled, monitoring is restricted to the process created by the access disclosure plugin; for example, when the command prompt control ( This should always be disabled when recording user interface meta data. |
When a user initiates a monitored session, an 
icon is displayed in the user’s task bar with a customizable message to notify the user that he or she is being monitored. You can disable this if your security policy requires covert monitoring. It is recommended that you review security and user monitoring policies before enabling covert monitoring.
The following options on the Recorded session tab control how users know their session is being recorded:
Option | Description |
|---|---|
SMON DISPLAY RECORDING ACTIVE TASK BAR ICON | When enabled, an icon is displayed in the user’s desktop task bar to indicate that their session is being recorded. |
SMON DISPLAY RECORDING ACTIVE TASK BAR MESSAGE | The message that is displayed when the user hovers the cursor over the session recording task bar icon. |