Software will tell companies when employees are security risks
As virus and hack attacks from outsiders continue to compromise company networks, the greatest potential for damage still comes from those on the inside.
Tracking down inside threats may get easier. Computer Associates said last week it's developing an application to monitor employees and help uncover suspicious or unauthorized activity. Businesses have collected employee-access information in disparate applications for some time. But CA's eTrust 20/20 will be the first to cull data from all systems that maintain standard logs. It will gather and combine information about who's accessing IT systems, who's entering buildings, or who's on the telephone, then present that data as a 3-D video simulation when the software detects a problem. That will give security administrators a more complete picture of employees' access activities.
"You could have an engineer access designs that they're entitled to access, but then the engineer E-mails the designs to a competitor," says Gartner security analyst John Pescatore. The software would detect such activity using CA's artificial-and business-intelligence technology, Neugents, and CleverPath Aion Business Rules Expert.
As for the 3-D playback of employee activities, Pescatore says the simulation and extensive graphics may not be necessary. "I can't imagine that being easier than simply having the software create a report of employee activity," he says.
But the reports are often lengthy and complex, and the graphical simulation may make it easier for security managers to determine when to raise red flags. "If you can imagine going through hundreds or thousands of logs from multiple systems and mentally recording unusual activity, you would get the idea very quickly," says Barry Keyes, VP of eTrust Security Solutions, a division of CA.
CA's eTrust 20/20 will be available through subscription, president and CEO Sanjay Kumar says. CA hasn't disclosed pricing but says it will be based on the number of employees. But potential customers will have to wait until later this year for the software.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.