Software will tell companies when employees are security risks
As virus and hack attacks from outsiders continue to compromise company networks, the greatest potential for damage still comes from those on the inside.
Tracking down inside threats may get easier. Computer Associates said last week it's developing an application to monitor employees and help uncover suspicious or unauthorized activity. Businesses have collected employee-access information in disparate applications for some time. But CA's eTrust 20/20 will be the first to cull data from all systems that maintain standard logs. It will gather and combine information about who's accessing IT systems, who's entering buildings, or who's on the telephone, then present that data as a 3-D video simulation when the software detects a problem. That will give security administrators a more complete picture of employees' access activities.
"You could have an engineer access designs that they're entitled to access, but then the engineer E-mails the designs to a competitor," says Gartner security analyst John Pescatore. The software would detect such activity using CA's artificial-and business-intelligence technology, Neugents, and CleverPath Aion Business Rules Expert.
As for the 3-D playback of employee activities, Pescatore says the simulation and extensive graphics may not be necessary. "I can't imagine that being easier than simply having the software create a report of employee activity," he says.
But the reports are often lengthy and complex, and the graphical simulation may make it easier for security managers to determine when to raise red flags. "If you can imagine going through hundreds or thousands of logs from multiple systems and mentally recording unusual activity, you would get the idea very quickly," says Barry Keyes, VP of eTrust Security Solutions, a division of CA.
CA's eTrust 20/20 will be available through subscription, president and CEO Sanjay Kumar says. CA hasn't disclosed pricing but says it will be based on the number of employees. But potential customers will have to wait until later this year for the software.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.