Can End User Monitoring Bring More to the Organisation Than Just Increased Security and Compliance?
As firewalls, email and content filters work invisibly in the background, is the most obvious place to detect IT wrong doing, or even take a snapshot of business activity, right in front of our eyes? User activity monitoring could, potentially, yield enormous benefits for an organization far beyond just detecting user transgressions. The real advantage this approach could bring to the security community is that these additional benefits can increase organizational buy-in to security and compliance issues and their resolution.
If it were possible to screen everything a user sees and everything a user does, such activity could then be checked against a set of policies so that breeches could be detected and reported. If the screening can take place without the need to record every action this screening need not infringe on a users privacy or interfere with productivity Such a facility could enforce the policies to tackle one the most widespread IT issues that of computer misuse within the organization itself e.g. IP Theft, insider trading and inappropriate, personal use of resources.
If these policies could also detect the completion of online documents, copies of such documents (image, content, etc) could be archived as an independent audit trail for compliance purposes.
Such document capture can provide an instantaneous raw data feed for compiling up to the minute “state of the business” information, BAM (Business Activity Monitoring) and BIM (Business Impact Monitoring) so that companies can demonstrate “due diligence” with regards to their business “state of readiness and compliance” capabilities. BAM also brings other benefits:
BAM – “A term coined by Gartner, BAM is a way to gain meaningful, instant visibility into critical business operations. It works by capturing events from operational systems… To be effective, BAM should permit deep visibility into operations, but BAM should also perform the event-context correlation extremely quickly.” Diaz Nesamoney, CEO, Celequest.
First, however, the raw data must be captured and this where the difficulties begin. The main Electronic Points of Capture (EPOC) for an organization are:
- Desktops
- Websites
- Web Services
- EPOS (Electronic Point of Sale)
Technologies already exist to independently monitor Websites (in page agents), and Web Services (via a Web Service proxies). EPOS already feeds raw data into the organization which leaves the Desktop. Windowing systems such as MS Windows are notoriously difficult to monitor due to the sheer amount of activity in a Windowing system and the diverse nature of the technologies used “behind the scenes”. There, however, emerging techniques to enable the generic capture of Window content for both MS Windows and Non-MS Windows based systems.
Is should not be overlooked, however, that the monitoring of user activity data would also enable the accurate measurement of policy breech activity and therefore policy effectiveness. Such capabilities enable Management to spot and take action to alter trends and thus assist demonstrate corporate compliance and “Due Diligence”.
Sean Bennett is Commercial Director at Orthus limited (http://www.orthus.com). Orthus is a leading provider of information risk professional services, helping orgnisations globally to measure, minimise and manage the information risks they face. Orthus provide end to end services for clients to comprehensivly address risk in their environments including Insider Threats, addressing issues including data leakage, sabotage and fraud; External Threats (http://www.orthus.com/dr_overview.htm) including wireless security, penetration testing, virtualisation security, vulnerability management and Secure Software Development Life-Cycle; Supply Chain Threats including securing cloud services and data processed by third parties; and Legal and Regulatory challenges including Payment Card Industry (PCI) Data Security Standard (DSS).
Welcome back! You may want to subscribe to my RSS feed. Thanks for visiting!
If you enjoyed this post, make sure you subscribe to my RSS feed!
Related Posts - Spyware – Understanding and Addressing The Risk - Part One “Spyware” is no longer simply a nuisance to enterprises. It is estimated that 90% of desktop PCs are infected with some form of “Spyware” (Source : US National Cyber Security Alliance). According to Gartner between 20 and 40% of enterprise helpdesk calls are now related to unwanted “Spyware” programs. There......
- Information Security Titles “Out Of Control” We are in an era where Security and Compliance have made it to the forefront of corporate board room discussions. It is now one of the key topics on the agenda. Are we protecting our corporate and personal data? Are we meeting both corporate and regulatory requirements as it......
- Everyone Knows Spyware Is Bad, But Just What Is Spyware? The term "spyware" is commonly used, however it's not always made clear what it means. So, what is spyware? Spyware refers to computer software that gets installed on your computer and goes on to cause malicious acts without your having a clue about what's going on. Spyware can initiate the......
- Internet Dangers Continue To Happen New web pages are being infected at a rate of one every five seconds making staying safe on the Internet more of a hassle than ever before. The first quarter of 2008 Security Report A Threat . . . From Sophos Labs is enough to make you never......
- Discovering Dangerous Business Application Vulnerabilities Enterprise security consultants may spend their days at mid-size or large organizations; they may perform their assignments from anywhere in the world. Nevertheless, they possess a common assignment: to better manage the risks related to their organizational infrastructure. More and more, corporate Web application security plays a significant role to......
Related Websites - Virtual PBX System - Boost Your Existing Business Phone Service All entrepreneurs understand the importance of being easily accessible to customers. A important part of being accessible is having a powerful small business phone system.The phone needs of a small business are best met by a virtual phone system with PBX features. Such a system takes your existing phone......
- Managed Backup Service Providers Pick Up Where Tape Backup Leaves Off President John F. Kennedy once said about planning that, "The time to repair the roof is when the sun is shining."Businesses small and large can take a cue from that line in regards to their data backup recovery plans. For example, if many businesses affected by the Hurricane Katrina......
-
Print Outsourcing USPS Certified Mail Print Outsourcing USPS Certified Mail Today’s business economy has many companies looking at print outsourcing to keep up sending USPS Certified Mail. Compliance and regulatory mailings are at all time highs. Many companies are looking to cut costs and lighten staff work loads. This is what Certified Mail Envelopes...... -
Self Employment Tax For those who are self employed, the self employment tax and the burden it imparts is a major stressor that can make things tense for those with their own businesses. All it takes is a small bit of time and know how to overcome the burden. The first time you...... - Improved Business Communication Services During Phone Downtime A third (36%) of United Kingdom (UK) workers have had company telephone failures caused by factors such as flooding, power cuts, road works and equipment faults during the past year.This is the main finding of a new study commissioned by a hosted Voice over IP (VoIP) provider, and of......
« Identity Theft and What You Can Do About It – Part One | Home | USB detection using WMI script »
Leave a Comment