Teros this week shipped a free Social Security number protection add-on to its $25,000 Teros-100 Application Protection System Web application security appliance.
To my knowledge, this is the first time anyone has tried to automatically filter SSN traffic in real time. Teros has similar add-ons to help prevent credit card and password disclosure.
The SafeIdentity module scans outgoing HTTP traffic, looking for nine digits separated by spaces or dashes after the third and fifth numbers or nine digits with no separators. Customers can then configure how many of these strings can appear in each outgoing Web page (zero times or a single time would be typical choices).
If a Web application with access to an SSN database is cracked and the attacker tries to retrieve a group of SSNs on a single page, the page can automatically be blocked by the Teros-100 hardware.
“As important as our core protection is, its kind of esoteric,” said Teros CEO Bob Walters, in Santa Clara, Calif. “Its hard for a businessperson to get their mind around. When you talk about business object protection, they get that. I think the health care customers will be the first ones to deploy it.”
“This SSN module was in such demand, especially from our health care customers, we really busted our backs to get it into our 2.1 release,” Walters said.
When a page breaching the SSN transfer rules is detected, the Teros hardware can redirect the Web user to an error page. It can also be configured to simply log the error or send an alert to administrators if they dont want to have the device actively manipulate the HTTP traffic stream.
Planned additions to the next update of the module are automatic masking of SSNs to hide the leftmost five digits and session awareness of SSN traffic. The latter feature will enable users to view only SSNs they have already entered on a previous page.
Teros is at www.teros.com.