Eric Gaffin is the Director of Cybersecurity and Compliance Services for Advanced Technology Group, a managed security and IT services company with a 20-year track record of delivering cutting edge solutions to clients in heavily-regulated industries. See how he’s using ActivTrak to address his clients’ compliance needs.
Q: Why was ActivTrak a good fit for your business?
A: We serve a lot of customers in the healthcare, financial services and legal industries that have complex regulatory requirements and need visibility into their workforce, especially as it relates to maintaining compliance. We evaluated a number of workforce productivity solutions. ActivTrak stood out for its flexible, subscription-based model that allows us to deploy it either as part of an existing bundled package, or an add-on, ad-hoc or ancillary service. That’s extremely important for a lot of our budget-sensitive customers, especially in healthcare where long-term budget commitments are difficult to secure.
Q: How does ActivTrak help your clients?
A: The move to remote work is increasing the need to gain better visibility into how work is getting done. ActivTrak helps us help our clients understand and manage the opportunities and the risks each faces, optimize business processes, and identify patterns that lead to remote work success. ActivTrak’s cloud-based approach, flexible subscription model, and application control help us deliver immediate value to customers with outstanding service and support.
Q: What are some of the key product features being leveraged?
A: Many of our customers have been forced to quickly migrate and support remote workers en masse. This creates a variety of challenges related to security. My team focuses on helping these clients gain clearer visibility into remote work activities. ActivTrak gives us the ability to set alarms when a non-compliant event takes place —a feature a lot of other vendors don’t provide. Another important feature is the ability to block an application from running or thwart access to an insecure website, helping protect our clients’ systems and data. I also like that ActivTrak includes additional productivity monitoring features at no additional cost.
Q: How does ActivTrak stand out from a security and privacy standpoint?
A: In the regulated industries we serve, our clients have a legal obligation to audit for behavior that is insecure or risky. As a result, employees have to expect some level of activity monitoring while also being able to trust their employer is going to keep their personal data secure. I prefer ActivTrak because it’s one of the only vendors in the space that doesn’t do keylogging, which is much less intrusive when it comes to employee tracking. Many of our clients choose to only record activity when there is a red flag or some kind of unusual behavior. You also don’t want to infringe on personal time and devices, so it’s best to use a VDI, which limits monitoring within the secure container of a company-owned environment. I think as long as clients are transparent with their staff about their intentions, then there shouldn’t be a security or privacy concern.
Q: What else do you like about ActivTrak?
A: We really like that ActivTrak is cloud-centric and has a high commitment to security and compliance. I came to Advanced Technology Group with a corporate security background and I’m always looking at potential downstream risks. ActivTrak has compliance built into its DNA as evidenced by a multi-layered approach to secure private information that includes a mix of encryption of data at rest and in transit, multi-factor authentication (MFA), single-sign-on (SSO) and regular security testing of its infrastructure and software for potential vulnerabilities. ActivTrak also offers content redaction and supports data compliance laws, such as HIPAA, COPPA and GDPR.