Pedophile-Hunting Technology Aimed at Insider Threats

NextSentry is launching its initial product, a software package aimed at helping companies fight the threat of insider data loss, which has its roots in helping law enforcement catch sex offenders.

NextSentry is hoping software partially derived from a pedophile-tracking application can keep corporate insiders on the security straight and narrow.

Security applications vendor NextSentry and its initial product offering were launched May 22, promising to bring sophisticated natural language processing capabilities into the enterprise security content filtering market.

The most intriguing element of the companys new ActiveSentry software: the products roots in public service and law enforcement.

The firms parent company, Next IT, sells a software package of the same name and technology that is used by government agencies for a number of data filtering purposes, including luring sex offenders online.

In that application, the software is used to conduct automated conversations, posing as a teenager, with individuals in Internet chat rooms.

If a person engaged in a chat by the application uses terms that indicate that the person might be a predator, an automated system alerts law enforcement officials who can take over the online conversation and move their investigation forward if necessary.

Leaders at the firm, which is based in Spokane, Wash., say they believe some of the same technologies can also be of great use within private enterprises for identifying sensitive information traveling over IT networks, such as customer account details or product design information.

The key in making such technologies successful, the ability to accurately discern what data is being handled appropriately and what information is being misused, is at the heart of both applications, company officials said.

The growing awareness around the so-called insider threat, or the problem of losing important corporate data through the actions of trusted employees rather than via outside attacks, makes the timing right for NextSentry to launch, said Jim Hereford, the companys chief executive.

The CEO maintains that by putting powerful content filtering tools on corporate networks that record nearly every keystroke landed by an end user, or every Web site they visit, companies can almost immediately determine when someone is circumventing security policies.

Analysts at researchers Gartner have estimated that 70 percent of all corporate security incidents that result in financial loss come from within.

/zimages/3/28571.gifClick here to read more about Pandas enterprise security package.

In the example of financial services companies, which represent one of the firms primary target audiences, enterprises can do anything from earmark certain strings of numbers, like customer account information, to trigger alerts, or ascertain if someone has two applications open at the same time, which might indicate inappropriate activity.

"The problem with most security technologies is that there is almost always someone smart enough to find a way around the encryption or the other safeguards, and its often as simple as cut and paste," Hereford said.

"Our software sits in there on the desktop with a trusted employee and can monitor everything, and prevent them from distributing info by any means."

Next Page: Criminal methods.