Can End User Monitoring Bring More to the Organisation Than Just Increased Security and Compliance?
As firewalls, email and content filters work invisibly in the background, is the most obvious place to detect IT wrong doing, or even take a snapshot of business activity, right in front of our eyes? User activity monitoring could, potentially, yield enormous benefits for an organization far beyond just detecting user transgressions. The real advantage this approach could bring to the security community is that these additional benefits can increase organizational buy-in to security and compliance issues and their resolution.
If it were possible to screen everything a user sees and everything a user does, such activity could then be checked against a set of policies so that breeches could be detected and reported. If the screening can take place without the need to record every action this screening need not infringe on a users privacy or interfere with productivity Such a facility could enforce the policies to tackle one the most widespread IT issues that of computer misuse within the organization itself e.g. IP Theft, insider trading and inappropriate, personal use of resources.
If these policies could also detect the completion of online documents, copies of such documents (image, content, etc) could be archived as an independent audit trail for compliance purposes.
Such document capture can provide an instantaneous raw data feed for compiling up to the minute “state of the business” information, BAM (Business Activity Monitoring) and BIM (Business Impact Monitoring) so that companies can demonstrate “due diligence” with regards to their business “state of readiness and compliance” capabilities. BAM also brings other benefits:
BAM – “A term coined by Gartner, BAM is a way to gain meaningful, instant visibility into critical business operations. It works by capturing events from operational systems… To be effective, BAM should permit deep visibility into operations, but BAM should also perform the event-context correlation extremely quickly.” Diaz Nesamoney, CEO, Celequest.
First, however, the raw data must be captured and this where the difficulties begin. The main Electronic Points of Capture (EPOC) for an organization are:
- Desktops
- Websites
- Web Services
- EPOS (Electronic Point of Sale)
Technologies already exist to independently monitor Websites (in page agents), and Web Services (via a Web Service proxies). EPOS already feeds raw data into the organization which leaves the Desktop. Windowing systems such as MS Windows are notoriously difficult to monitor due to the sheer amount of activity in a Windowing system and the diverse nature of the technologies used “behind the scenes”. There, however, emerging techniques to enable the generic capture of Window content for both MS Windows and Non-MS Windows based systems.
Is should not be overlooked, however, that the monitoring of user activity data would also enable the accurate measurement of policy breech activity and therefore policy effectiveness. Such capabilities enable Management to spot and take action to alter trends and thus assist demonstrate corporate compliance and “Due Diligence”.
Sean Bennett is Commercial Director at Orthus limited (http://www.orthus.com). Orthus is a leading provider of information risk professional services, helping orgnisations globally to measure, minimise and manage the information risks they face. Orthus provide end to end services for clients to comprehensivly address risk in their environments including Insider Threats, addressing issues including data leakage, sabotage and fraud; External Threats (http://www.orthus.com/dr_overview.htm) including wireless security, penetration testing, virtualisation security, vulnerability management and Secure Software Development Life-Cycle; Supply Chain Threats including securing cloud services and data processed by third parties; and Legal and Regulatory challenges including Payment Card Industry (PCI) Data Security Standard (DSS).
Welcome back! You may want to subscribe to my RSS feed. Thanks for visiting!
If you enjoyed this post, make sure you subscribe to my RSS feed!
Related Posts - Don't Trust Systemsecurity2009 to Secure Your PC Systemsecurity2009 is one more rogue security program that should not be trusted. Although it advertises itself as a legitimate antispyware tool, it is designed by vicious hackers who only want your money. Like other malware applications, this one has the potential to cause damage to your PC and your personal......
- Internet Dangers Continue To Happen New web pages are being infected at a rate of one every five seconds making staying safe on the Internet more of a hassle than ever before. The first quarter of 2008 Security Report A Threat . . . From Sophos Labs is enough to make you never......
- Top 10 Compliance Spreadsheet Risks and How to Avoid Them - PART 1 One of the biggest threats to compliance isn’t your employees or hackers, but a trusted tool: the spreadsheet. It is unstructured, untracked, and unsecured. Learn to recognize top spreadsheet risks and what you can do to reduce them. Compliance experts estimate that 80 percent of enterprises use spreadsheets to support......
- Think of it As a Safety Net Unless you are an IT or MIS technician or manager, you may have never heard of proxy servers. Most non-technical employees don't know the ins and outs of the technology systems they work with on a daily basis. In non-technical language, proxy servers are controllers or intermediaries, and can be......
- Why Use Privacy Control Software to Protect Your Privacy? Privacy Control software is a form of software that permits individuals to securely clean and remove the information that they no longer want on their computer. This is a very important and necessary tool for anyone concerned about the privacy of their data since many of Windows’ history and file......
Related Websites - VoIP Solution Unleashed Many people today aren't exactly clear about what a VoIP Solution is, or how it works. With modern technologies of present time, a VoIp solution phone system does not require a personal computer or special software to be run on a personal computer to transmit or receive VoIP phone......
-
Self Employment Tax For those who are self employed, the self employment tax and the burden it imparts is a major stressor that can make things tense for those with their own businesses. All it takes is a small bit of time and know how to overcome the burden. The first time you...... - Setting Up a Business From Scratch This is not a definitive 'how to' article. Starting a business is a serious and very difficult process. What this article will do is to give you some general directions and a tip which will help you get organized and remain that way. Most people have a dream about......
- Managed Backup Service Providers Pick Up Where Tape Backup Leaves Off President John F. Kennedy once said about planning that, "The time to repair the roof is when the sun is shining."Businesses small and large can take a cue from that line in regards to their data backup recovery plans. For example, if many businesses affected by the Hurricane Katrina......
- Hosted Telephony Services To get our heads around the state of play in the realm of hosted telephony services, we talked to industry expert Paul Desbois. Q. Hi Paul, I'd like you to imagine I am a novice in this marketplace. I could be running a call centre for instance, but want......
« Identity Theft and What You Can Do About It – Part One | Home | USB detection using WMI script »
Leave a Comment