Reducing internal threats

Internal threat management is becoming an increasingly important area of research for the big security companies.

  • E-Mail
Reducing internal threats HIBBERT: Internal threat software isn’t a removal of trust.
By  Ben Furfie Published  January 25, 2011

Internal threat management is becoming an increasingly important area of research for the big security companies. But there is already a provider on the market, and it has CIA-developed technology powering its solution. Arabian Computer News speaks to Overtis VP Mike Hibbert.

Security vendor Overtis is hoping that it can storm the Middle East market with its latest solution Vigliance Pro. The software is described as an insider-threat solution by the vendor, and the company is confident that it can offer enterprises and CIOs in the region something that nobody else offers.

“If you look at where the biggest security breaches have occured in the past three years, they’ve all been internal,” said vice president for emerging markets at Overtis, Mike Hibbert. “It might have been through employees deliberately leaking information, accidently through losing a laptop with sensitive information on it, or through infecting their computer with a virus or malware.”

Hibbert says internal threats are often overlooked, because firms don’t like to consider that their employees might be working against them. “It’s very difficult to protect your infrastructure from outside threats. They’re evolving constantly, and require constant updates for your systems to remain protected,” says Hibbert. “Defending against internal leaks however is a lot easier, but it is often overlooked because enterprises often feel like it is a betrayal of trust if they begin bringing in internal threat solutions.”

Hibbert says that this is not only a dangerous situation to put an enterprise in, but also fails to recognise that employees are already considered the biggest weakness in the security chain. He argues that Overtis’ solutions don’t remove the ability to trust employees, just their ability to abuse that trust.

“If you look at our solutions, we can block application functions, such as copy and paste, saving as, renaming and exporting of files,” he adds. “However, that doesn’t mean that you have to block it. Vigilance Pro’s rules don’t have to be set as a firm yes or no. The software can be set to notify the user that their action has been allowed, but that it is against IT rules and that security has been informed of the incident. It may be the case that senior management needs to access account information at random times, but with IT being notified of when it is accessed, it means the company can follow best practice.

“In addition, we can also help enterprises to manage and prevent misuse of other methods of sending data out of company, such as FTPs, email and even social media,” reveals Hibbert. “The latter is increasingly important to note. More and more companies are looking to use social media, so using blanket bans won’t work anymore. Take Facebook for example: we can allow people to post information from their account, but block their ability to send messages by placing a Javascript object over the message button and disabling the tab button. It’s smart approaches that allow enterprises to continue functioning, without risking data leakage,” Hibbert says.

It also has the ability to manage endpoint security, in addition to the softpoints. “The fact is, more and more, people are bringing their own devices in to work, whether that be USB drives, portable hard drives or even their smartphones. They all have the capability to be abused. The reality is that more and more people are taking work home with them. It’s good for the business sometimes, but equally, it creates many opportunities for staff to abuse that power and leak data. However, if you’re a CIO or head of information security, you’re not going to want to spend resources – be that your own time, or that of your employees – authorising every attempt to export data. It’s one of the biggest advantages of Vigilance Pro – the user can assign each individual user a setting – in addition, each property can be set as a group, individual or company wide.

“It means the IT team doesn’t need to authorise every single action and waste time doing so,” adds Hibbert.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code