360-Degree Protection from Insider Threats
According to the report released by Solar Security analysts, the number of information security incidents increased by 76% at the year-end 2015. However, it is noted that the share of internal violations exceeds by far the number of external violations. Why can a company employee turn out to be more dangerous than a hacker and how can a company build an efficient information security system ensuring insider threat protection — these and other issues were the focal point of a joint workshop held by ICL — KME CS and Solar Security.
ICL — KME CS and Solar Security held a joint workshop in Kazan dedicated to insider threat protection technologies, ranging from process control automation, access management to commercial crime prevention.
The workshop participants paid particular attention to Identity Management Systems. Last year Gartner called IDM systems as one of growth drivers for the Russian information security market.
Representatives of Solar Security showcased Solar inRights, an in-house developed IDM system. This product is intended to automate management of and control over individual identities, their authentication, authorization, roles and privileges within information systems.
A new approach to application of DLP systems was also discussed at the workshop. According to Solar Security experts, this type of solutions was previously used to deal with data leaks. However, users have recently started paying more attention to analytical functionality of DLP systems because timely analysis of employee communications makes it possible to detect and prevent corporate fraud at early stages.
This functionality is embedded in upgraded version of Solar Dozor solution. Version 6.1 included a number of improvements of analytical features. In particular, «communication heat map» feature was added to system functionality. It helps to visualize intensity of communications between employees or intensity of data flow and enables IT security department to evaluate the situation, to identify potential risks and hot spots.
The final part of the workshop was dedicated to a round table discussion where participants could discuss urgent issues of IT security management within the enterprise. Andrey Prozorov, Head of Expert Division, Solar Security, was moderator of the round table discussion.
“One of key benefits of IDM systems is cost efficiency. Automation of access management makes it possible to significantly reduce the workload of system administrators who otherwise have to manage access requests manually. The probability of security breach incidents due to a human factor is also reduced,” said Dmitry Bondar, expert from Solar Security. “While developing Solar inRights we resorted to our experience in implementing IDM systems in large domestic enterprises that’s why this solution fully complies with Russian market standards and requirements of industry regulators.”
“Solar Security provides information security incident management services including detection and assessment of large number of information security events. Based upon these data we can produce statistical summary,” — said Andrey. “Thus, according to our data, internal to external violations ratio is 2 to 1. This fact shows that a company employee can easily turn out to be more dangerous than an expert hacker. First, he has access to various systems, secondly, he understands better who might be interested to buy the sensitive data and who finds it valuable. Of course, we should not automatically treat all employees as potential violators because in fact there are few real intruders. Most often information security incidents occur because of ordinary negligence.”