Mobile phone terminals are lent to employees for business in many companies. In recent years, the mobile phone terminals have become more multifunctional and various applications can be used on the mobile phone terminals. Therefore, the employees can attend efficiently to their business by using the mobile phone terminals. On the other hand, depending on how to use the mobile phone terminals, there is risk of confidential information being leaked. Also, according to the multifunction of mobile phone terminals, the employees may end up using functions and applications of the mobile phone terminals that are in no relation to their works during business hours. Therefore, in general, companies have a regular usage policy which determines how to use mobile phone terminals for business by employees. Companies can avoid the above problems such as information leakage by enforcing employees to use mobile phone terminals for business in accordance with a usage policy.
However, whether or not such a usage policy is appropriately observed is dependent on consciousness and conscience of employees. Therefore, there is a risk of the usage policy being violated because of inappropriate use by malicious employees and/or inappropriate use caused by careless behaviors of employees. However, even if there is violation of the usage policy, it is impossible for the companies to achieve effective results without having a system to confirm and verify violation. In order to solve such problems, related techniques are disclosed as follows.
JP 2007-172221A discloses a quarantine system in which a terminal operation by a user is confirmed and if a rule determined by an administrator is violated, access to intra-company resource by the user is prohibited. The quarantine system according to JP 2007-172221A is configured from a terminal and a quarantine device connected to the terminal through a network. The quarantine device is provided with a log memory section, a rule memory section, a log collection managing section, a log data reading section, a log collator section, and a communication control section. The log memory section stores log data including operations executed in a terminal and data of a user identifier. The rule memory section stores rule data showing operations to a detection target. The log collection managing section receives log data from a terminal and writes it in the log memory section. The log data reading section reads, log data written by the log collection managing section from the log memory section. If the log data read out by the log data reading section indicates execution of an operation included in the rule data which is stored in the rule memory section, the rule collator section determines matching between the log data and a rule. The communication control section instructs the user terminal, which is specified by the user identifier shown in result data, to make a communication control for restricting and/or expanding a communication range in accordance with the rule that is determined as matching by the rule collator section. According to the quarantine system of JP 2007-172221A, by performing a compliance check for user operations, endpoint security can be enhanced.
JP 2007-233661A discloses a log integrated management system, in which in an organization such as company, useful data can be provided for mainly internal control by managing the history of actions and operations by a member unit including physical actions along time series. The log integrated management system according to JP 2007-233661A allows integrated management by collecting logs from actions of members in the organization. The log integrated management system includes a first reception section, a second reception section, a third reception section, a memory section and a storage section. The first reception section receives first log data in which a first identification code of a member is collected in a key, in a security gate arranged to enter and exit the office. The second reception section receives second log data in which a second identification code of a member is collected in a key in a computer authorized for the member to operate. The third reception section receives third log data in which a third identification code of a member is collected in a key, in a computer network authorized to connect by the member. The memory section stores an integrated identification code to identify a member in related to the first identification code, the second identification code and the third identification code at least. The storage section stores the first log data, the second log data and the third log data as an integrated log with a standardized format in a table arranged for each integrated identification code by referring to the memory section. According to the log integrated management system of JP 2007-233661A, respective log data, each of which is collected in a different system, is integrated to manage the history of actions and operations by a member unit including physical actions along time series, whereby detailed actions and operations of each member can be easily understood.
JP 2008-027042A discloses an automatic blog generation system in which the operation history of a mobile phone terminal is stored automatically and the user is allowed to add comments to the stored operation history. The automatic blog generation system of JP 2008-027042A is provided with a mobile phone terminal and a server. The mobile phone terminal displays a history storing setting screen to confirm whether the operation history of a predetermined function is stored, and if it is set to store the operation history of a predetermined function, the operation history is automatically obtained and held. When a predetermined function is operated, the mobile phone terminal displays a confirmation screen to ask whether or not to input comments, and if it is designated to input comments, a comment input screen is displayed. The mobile phone terminal automatically obtains and holds comments inputted in the comment input screen. The server obtains the operation history and comments from the mobile phone terminal and stores them in a blog format. According to the automatic blog generation system of JP 2008-027042A, the operation history of the mobile phone terminal can be stored automatically and a blog can be generated by using operations in the mobile phone terminal as a source.