Intellinx Malaysia: Combating Insider Threat
Monday, April 19th, 2010 | Author:

Protecting sensitive information from unauthorized manipulation and disclosure by its employees and management has become a major concern for large organizations worldwide. Intellinx offers a unique and innovative software solution for mitigating this insider threat. By continuously recording and analyzing all end-user activity in the internal business applications across the enterprise, Intellinx collects invaluable forensic evidence.

Introducing a new dimension for information security officers and internal auditors, Intellinx provides unparalleled visibility to end-user activity. It allows for visual replay of user screens and keystrokes in any application, as if looking over the user’s shoulder. Configurable business rules track user behavior patterns, generating alerts on exceptions in real-time, allowing the internal auditor to immediately zoom-in on specific suspects.

For example, a bank clerk who excessively searches for high profile customer information according to customer name much more frequently than other clerks on a given hour or day can be detected in real-time by Intellinx business rules. Another example that can be detected in real-time as well is a user who displayed 500 customer accounts on a specific day, spending only a few seconds with each account, while on average he accesses only 100 customer accounts per day.

The Intellinx alerts may also be used in a proactive approach triggering action in the operational systems. For example, an Intellinx alert may initiate a process in the operational system for automatic suspension of a suspicious user in real-time.

Intellinx continuously records user activity across multiple applications across multiple platforms in the enterprise, generating a very detailed forensic audit trail. Using the Intellinx online query the auditor can search, for example, for all the users who accessed a specific account number in a specific time frame across the enterprise. Investigating specific cases can also be done by applying new rules to historic recorded data after-the-fact.

Category: Intellinx