To neutralize insider threats, companies are monitoring employees’ work habits and e-mail. Whether you call Edward Snowden a traitor or a whistle-blower, he earned one label about which there’s no debate: insider threat.
Guarding against such risks is an expanding niche in the security industry, with at least 20 companies marketing software tools for tracking and analyzing employee behavior. “The bad guys helped us,” says Idan Tendler, the founder and chief executive officer of Fortscale Security in San Francisco. “It started with Snowden, and people said, ‘Wow, if that happened in the NSA, it could happen to us.’?”
The problem predates the Internet: the salesman who takes the entire customer list with him when he quits, or the engineer who makes off with key product designs. But technology has only made it easier; now the salesman e-mails the data to his Gmail account, and the engineer can put product designs on a USB drive. In an embarrassing episode for Morgan Stanley, the bank dismissed an employee earlier this year for taking information about an estimated 350,000 clients of its wealth-management division.
Companies are also realizing that tracking insiders may improve their odds of catching outside hackers. While investigations into the breaches at Sony and Anthem are ongoing, it’s likely that attackers hijacked employee passwords and logins, then used them to navigate the companies’ computer systems to find and steal data. These methods are the reason it takes a business more than 200 days, on average, to detect breaches, according to FireEye, a cybersecurity company. “Hackers become employees when they get inside,” says Avivah Litan, an analyst at research firm Gartner. “So the name of the game is constant surveillance.”
Fortscale and competitors such as Securonix, based in Los Angeles, sell software that pulls data from a company’s computer systems and feeds it through algorithms to create a profile of each employee.
The software constructs a base line showing what’s normal behavior for that user: where and when he logs in, which programs he uses, which company databases he accesses regularly, and which external websites he browses. It also generates a risk score for users based on what danger they may pose to the organization. With “normal” established, it becomes much easier to spot suspicious activity—for example, a worker downloading thousands of documents from a database she has permission to use but never has before. “What we’re trying to do is get this situational awareness,” says Igor Baikalov, a former security executive at Bank of America and chief scientist at Securonix. “The next step is predictive analytics: How can we detect the small changes and stop the bad thing from happening?”
Dtex Systems, a security company based in San Jose, monitors insider threats by placing software on desktops as well as company-issued laptops. CEO Mohan Koo says that in the first 30 days of surveillance at a financial exchange, the system identified six people who were getting ready to leave with highly sensitive data. Employees heading for the exit start doing things they hadn’t before, such as changing their e-mail habits, Koo explains.
Other approaches delve more deeply into psychology. Stroz Friedberg, a New York-based consulting firm that specializes in digital forensics, is rolling out software called Scout, which evaluates users through the content of their e-mails and other communications using linguistic and behavioral analysis techniques developed by the FBI. The software establishes a base line and then scans for variations that may signal that an employee presents a growing risk to the company. Red flags could include a spike in references to financial stresses such as “late rent” and “medical bills.”
Edward Stroz, the firm’s founder and a former FBI agent, says that while companies may have found this idea too intrusive in the past, he’s seen a change in perception in the past year. He’s still careful when discussing the software, describing it as a way to help employers build a “caring workplace.” He offers the scenario of a star trader at a bank who’s disappointed with the size of her annual bonus. Instead of being blindsided when she defects to a rival, a bank using Scout could identify her discontent early and make sure she doesn’t take sensitive data or other team members with her.
Looming in the background is the question of how to balance employees’ privacy with more intensive monitoring. Dtex says it makes user data anonymous, replacing names with codes and matching names to activity only when necessary for an investigation. That helps companies monitor effectively and comply with privacy laws in countries such as Germany and Switzerland, Koo says. Randy Trzeciak, a cybersecurity specialist at Carnegie Mellon, says it’s important for companies to keep their lawyers in the loop and to outline a clear, well-communicated, and consistently enforced policy, so there’s no perception of selective monitoring.
Some of the methods at companies that hire Securonix make even Baikalov wonder how much is too much. He cites the practice of matching information on user behavior online with feeds from video cameras and other systems that monitor physical locations. Some companies, he says, have created ticket systems so employees can report suspicious behavior by colleagues. “Is it too much, or is it actually the right amount of diligence?” he says. “I’m really curious how much we will get out of it. It’s really the extreme in kind of Orwell-like monitoring.”
The bottom line: About 20 companies sell tools to monitor employee behavior—from e-mail habits to database access—and flag risks. #KhabarLive
I simply want to say I’m new to blogs and honestly savored this page. Most likely I’m likely to bookmark your site . You certainly come with great writings. Bless you for sharing with us your web site.
Since 1998, Clean Services Northwest company has been offering window cleaning, window washers, window cleaners to companies, businesses and organizations in the greater Portland Metro Area, providing quality property maintenance services at a fair price. Clean Services Northwest specializes in window cleaning, pressure washing, carpet cleaning, and gutter cleaning. They also perform other specialized maintenance tasks, such as roof cleaning, vent cleaning, and construction cleanup. Our technicians will have your building or facility looking great, whether we have left the glass sparkling, the concrete brightened, the flooring spotless, or all of the above. Visit us at http://www.cleanservicesnorthwest.com/ or Clean Services Northwest, 8910 SE Fuller Rd, Happy Valley, OR 97086, USA
Hiya there, just turned aware about your article through Google, and have found that it is pretty helpful. I will truly appreciate if you decide to persist this approach.
You’ll find it nearly not possible to encounter well-aware individuals on this area, however , you look like you are familiar with what you’re indicating! Gratitude
I just intend to reveal to you that I am new to online blogging and absolutely enjoyed your article. Probably I am prone to bookmark your blog post . You undoubtedly have memorable article content. Truly Appreciate it for telling with us your very own site webpage
you have got an amazing weblog here! would you wish to make some invite posts on my blog?
Wow! Thank you! I continually wanted to write on my website something like that. Can I include a portion of your post to my website?
It¡¦s really a nice and helpful piece of information. I¡¦m happy that you simply shared this useful information with us. Please stay us informed like this. Thanks for sharing.
I have been checking out a few of your articles and it’s nice stuff. I will definitely bookmark your website.
I’m not sure why but this blog is loading very slow for me. Is anyone else having this issue or is it a problem on my end? I’ll check back later and see if the problem still exists.
Hello there! I know this is kinda off topic but I was wondering if you knew where I could locate a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having trouble finding one? Thanks a lot!
At this time it seems like Drupal is the preferred blogging platform available right now. (from what I’ve read) Is that what you’re using on your blog?
Google
The information and facts talked about in the report are a number of the top obtainable.
Comments are closed.