NuView Aims to Help Companies Improve Information Security

MyView, a software-based solution, allows administrators to change and restrict user access to data as employees are hired or leave departments, NuView says.

To help companies better control information security and access within the four walls of an organization, NuView has introduced MyView, a software-based solution that allows administrators to monitor, change and restrict user access to specific unstructured data based on policies they can create and change as needed.

"The classic enterprise situation is that users dont know all of the things they have access to, and the administrator has no idea which people have access to specific things," said Rahul Mehta, CEO of Houston, Texas-based NuView Inc. "Thats the main problem were trying to solve."

Using MyView, administrators can quickly see an organization-wide view of which users have access to which resources.

They also can more easily deal with constantly changing security requirements that occur routinely in all organizations as employees are hired, leave the company or change departments, Mehta said.

Security administrators also can benefit from the solution, which allows them to respond more quickly to potential security breaches by quickly noting which employees have access to specific resources suspected of being compromised.

MyView addresses a real need in the information security realm, said Brad ONeill, a senior analyst at Taneja Group of Hopkinton, Mass.

"A lot of CIOs and vice presidents in the IT area are increasingly interested in making sure they have locked down control over who gets access to what information," he said.

"And equally important is being able to back historically and figure out why Event X happened—being able to figure out who was accessing what information at what time. Was it some sort of access that was transgressed or did we not just set up the network access nodes correctly?"

MyView also focuses on addressing security threats that come from within an organization—a growing threat, but one that many organizations dont adequately address, Mehta said.

"Companies have spent a lot of money protecting their organizations from external threats, but the biggest threat is internal," he said.

"For example, how do you know what people have had access to your payroll data? Maybe an employee who is leaving the company decides to copy your payroll data or give all of your employee information to a recruiter."

/zimages/1/28571.gifClick here to read more about information security.

And although NuView isnt technically a storage solution, an organizations storage paradigm can be impacted by the solution.

"A storage administrator clears the share, and a security administrator gives permissions to those shares. The third person is the end user, who gets access to information once it has been synchronized by the storage and security administrators," he said.

"With this, the storage administrator can virtualize the resource and based on the security, also personalize the resource. That way, when users log onto the network, they see only what they have access to and nothing more.

As the line between storage and security continues to blur, products like MyView will become even more entrenched in the world of storage, ONeill said.

"Today, the challenges are much more data management-related than parochial storage issues. Now its about file systems, data management and process security."

By automating processes that have been largely manual and time-consuming, MyView has broken some new ground, although ONeill predicts that other vendors soon will release products with similar functionality.

"Traditionally companies can do these things, but it is very difficult to span across multiple server environments or geographies," he said. "The reason NuView can do this is because they have done the groundwork already at the lower levels of namespace aggregation."

MyView is expected to be available within 30 days.

/zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.