Mitigating risk, increasing security posture and demonstrating compliance
Current Threat: According to the CSI/FBI 2006 Computer Crime and Security:
Almost 40% of respondents to the survey attribute 20% or more of losses to insider threats.
Unauthorized access to information was the second most expensive type of loss accounting for more than $10,000,000 in 2006.
But the insider threat is more than “data loss,” it’s the type of behavior that puts a business at risk. Organizations need to understand where information originates, how it moves across the network and where it goes. It’s the cause of the problem that they should look for, not the symptom.
Tomorrow's Technology Today: Oakley’s monitoring and investigations tools don’t rely on data, rather situational context to map intent to action. In its product suite, consider Coreview as the telescope that determines risk at the network. Sureview is the microscope, zooming on the desktop, printers, USB, and keyboard entry, even when computers are offline.
A lot of companies are deploying end point or network monitoring solutions to protect their customers’ data. Data protection and breach disclosure regulations drive part of this. Oakley is shifting the landscape because it provides what other monitoring tools can’t, context.
To eliminate insider threats, organizations need to take both the technological and human elements into account. By monitoring and correcting problems with a full understanding of situational context, companies can stop a behavior rather than driving someone to take another channel of action.
Oakley provides comprehensive management across the spectrum of insider threats facing businesses today. Oakley solutions mitigate risk, increase security posture, and increase a company’s ability to demonstrate compliance. Oakley solutions allow enterprises to:
Quickly exonerate the innocent and prosecute the guilty
Enable the whole company to be part of the insider threat remediation process. The insider threat is a board-level issue. With Oakley, management is actively engaged in the remediation of threats
Monitor for risks without overwhelming the company with additional data – Oakley finds the needle in a haystack without creating bigger haystacks
Save time and money by minimizing the time of valuable security analysts. Oakley is a focused tool that allows them to find problems quickly
Its investigation tools don’t rely on data, but situational context and multiple channels to map intent to action. Oakley lets management know that an employee sent customer information then tried to stop it, for example. Or it can show that an employee is trying to avoid detection by using multiple channels to move data. If they use physical copies, Oakley can detect that too. For example, if an employee sends an instant message to an outside contact or competitor saying “I’ll meet you at 4:00,” then downloads information onto a USB drive, an iPod or sends it to the printer, Oakley can detect all those activities and can put them together to paint the picture of intent.
Any behavior that puts a business at risk can be classified as “insider threat,” making the challenge of securing against it all the more difficult. The insider threat includes a wide spectrum of “bad things” people do, it represents a problem of visibility and control in corporate environments today:
Detecting whether a breach of policy has been committed
The context of the users actions – were they trying to do something wrong?
Using electronic pointers to detect actions outside of technology. Technology offers only a partial view of the problem. Sometimes only an indicator of a bad activity is electronic, such as printing information, or copying it to a thumb drive. With context, it’s possible to understand the purpose of those actions.
Policy-driven actions for controlling information both inside the corporate firewall, and outside – for example, when a laptop goes missing
The insider threat problem will not be solved by simply setting policy and blocking email.
Point solutions cover only small, data-centric portions of the insider threat without taking the human element into account. Oakley’s approach to the insider threat focuses on understanding user behavior from the network to the desktop. Oakley solutions can track activities across any communication channel, from emailing sensitive data, to printing customer records, copying intellectual property to an iPod or even a combination of these. More importantly, Oakley provides context that can help indicate intent. No other solution can show the combination of multiple user actions to determine whether a user innocently or maliciously broke the rules.
Although Oakley’s solutions can be complementary, data leak prevention (DLP) and content monitoring and filtering (CMF) tools are not a long term solutions because they don’t solve the whole problem. Those tools focus on blocking and deflecting. With that approach, insider threats are more likely to turn to alternate, even more risky methods. Most insider incidents occur outside of technology, but with Oakley, a company can monitor a trail of the incident electronically.
Oakley offers insight into suspicious activities over the network, at the desktop, printing and peripheral level. Situational context provides a view of the whole incident, not just another data point.
Oakley is not a band-aid solution. They’re here to help fix the problem for good by understanding-and correcting the root cause of the threat.
Conclusion: Oakley manages information risk, but unlike others can differentiate malicious activities from accidents. Like a DNA test, it can help convict the guilty, or exonerate the innocent.
2755 E. Cottonwood Pkwy, Suite 600
Salt Lake City, UT 84121
Tel: 1 801-733-1100