Insider threats may include malicious, compromised, disgruntled, or simply careless employees or other insiders. In some cases, the insider is trying to steal something, but more often than not, they are misusing logins our violating policies about webmail or cloud storage.
Insider threat prevention technologies focus on tracking everything every employee does on their computer and other devices. However, such heavy-handed techniques like creating videos of user behavior or logging keystrokes can be difficult and expensive to scale, and may violate privacy regulations.
Dtex Systems takes a different approach. Its agents go on enterprise endpoints, monitoring user behavior but only sending ‘high fidelity signals’ to the central platform. This approach preserves the privacy of users and doesn’t burden the network.
Dtex also gives security analysts granular policy control. For example, if an organization has a ‘no DropBox’ rule, they may find that some people have a bona fide reason to use DropBox, and Dtex lets them adjust the policy to allow such uses while preventing (or alerting on) others.
In addition, Dtex provides detailed auditability, so security analysts can ‘play back’ an audit trail to analyze a user’s behavior, say, for a month before they gave their notice.
Copyright © Intellyx LLC. Intellyx publishes the Agile Digital Transformation Roadmap poster, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, none of the organizations mentioned in this article are Intellyx customers. To be considered for a Brain Candy article, email us at firstname.lastname@example.org.