Criminal Methods

By Matt Hines  |  Posted 2006-05-22 Print this article Print

Hereford pointed out that many high-profile data losses within banks and other institutions have been traced back to criminal methods as simple as someone hitting the print button and walking out with customer information they can sell to others.

ActiveSentry offers the ability to recall screen shots of any data that was accessed by an employee after the fact, and also provides the power to block sensitive documents from being printed on the spot by offering tools that instruct printers to completely black out guarded data.

Allowing companies to set specific policies for any type of information, and promising a low number of false alarms, will convince customers to buy in, said NextSentry officials.

One company already using the software is regional bank Washington Trust, which is also based in Spokane. Company officials said that they replaced a patchwork of e-mail content filtering with ActiveSentry and immediately discovered activity that disobeyed security policies that they had not found before.

"Many employees were breaching policies without knowing it, and this a nice way to address that with automation," said Jim Brockett, chief information officer at Washington Trust. "People were forgetting to encrypt their e-mails, but now those messages are being caught before they leave the network; its true throughout IT that the insider threat is the one area where theres probably the most potential for fraud and breaches, and where business has applied the least amount of technology."

In addition to blocking unencrypted e-mails, blocking the use of USB drives on computers, and preventing unauthorized print jobs, ActiveSentry automatically informs users when they have broken the rules, and also informs a security administrator.

In the case of Washington Trust, which is one of three firms piloting the software, Brockett said that most workers almost immediately alter their behavior and take a more conservative approach to completing actions on their desktops. Read more here about Web surfing while at work. The company has a policy of issuing a friendly reminder over the phone when one of its roughly 100 employees makes a wrong move, and the CIO said that using ActiveSentry has made information security a more high-profile effort across the firm.

"Its too early to tell how engrained in the overall culture the new level of security has become, but we can see that more people are securing their e-mails," he said. "Watching people this closely is a little bit uncomfortable, but at the same time its one of those things that we have to do; as management we want to be as unobtrusive as possible, and this allows us to let people do their jobs while we can make sure that the rules are being followed."

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel