Internal threat is like cancer in the early stage. When it grows silently, nobody senses its existence. Once it has an impact on health, it has been growing rampant inside body and even risked life. It is quite essential for the IT security officer and auditor in an enterprise to find out about potential internal threats as early as possible.
In a high tech industry, lots of companies have suffered billions US dollars loss just because a few disgruntled employees carried core business confidential information to competitors, or opened a new business to compete against an ex-employer. There has been more than 10 billion US dollar lost, according to a recent market survey of corporate internal threats worldwide in 2013. Moreover, most of cases are still going through a long term lawsuit for reparations. What a victim company loses is not only money - it also loses business momentum in the marketplace, and credit with both partners and customers.
Why is it so hard to detect internal threats inside an enterprise IT environment? Most enterprise architecture is lacking efficient protocols and appropriate equipment to prevent it, though those enterprises have invested significantly in IT security enhancement every year to guard against potential IT threats. On the other hand, the recent trend of "Bring Your Own Device" (BYOD) in the corporate IT environment (via cloud computing) only increases the risk of malice and data leakage.
We fully understand how serious internal threats can be inside enterprise IT environment because Decision Group has also suffered such internal threats in the past. We have developed powerful weapons of network forensic technology to protect against such risks, and we are happy to share our experience and technology with our customers.
Nowadays, enterprise IT environment is getting more and more complicated because of the versatility of business demands from the market, and due ti multiple functions of internal organizations. To address this requirement, Decision Group offers a full spectrum of network forensic solutions to guard against potential internal threats - at every corner of enterprise IT environment.
First, for enterprise wireless and wired networks, we offer several network forensic devices to check for malicious behavior. In a wireless network, Decision Group Network Investigation Toolkit (NIT) can effectively monitor all traffic through an enterprise wireless network. You may easily verify whether there is any unknown access or intrusion from an employee’s own mobile device - or through a spill-over wave.
In an enterprise wired network, there are lots of difficulties with collecting traffic extensively - due to configuration of network segments and traffic volume; however, Decision Group’s network forensic solutions focus on two aspects of IT security: internet links and intranet links. Most internal threat instances are of data leakage through internet. So, detecting whether there is potential data leakage possibility among outbound messages s very critical to the enterprise. On the other hand, the risk of data leakage among outbound messages is much higher in HTTPS protected messages. Decision Group provides E-Detective, which can effectively detect those potential data leakage instances in outbound messages. Whether thay are plain messages or HTTPS messages, E-Detecive will notify an IT security officer when suspicious messages are detected, and keep them as evidence.
Another common point of internal threat behavior is inside the intranet. Threats such as harassment, blackmail, cyber bullying etc., are very common in daily office life. Maintaining a secure office environment for all employees is very important. Decision Group provides the Enterprise Data Guardian System (EDGS) to monitor all internal activities of enterprise emails, file transferring and data accessing.etc. Through deployment of EDGS, IT security can easily confirm malicious cyber activities in the enterprise IT environment.
The above functions detail the data interception of the Decision Group network forensic solutions. Practically, an IT security officer cannot check out each activity record of potential internal threats, but an IT security officer can use powerful analytic tools, like bandwidth usage by person, service usage by person, link analysis etc., provided by Decision Group solutions to identify the facts and motive behind these internal threats. Long term analysis on these intercepted records can also provide valuable insight on employee office behavior. This analytic reporting can be integrated into the corporate IT auditing report.
For those enterprises with multiple office locations, the deployment of Decision Group network forensic solutions can be multi-tier, with a distributed front-end system in each branch office, and a centralized backend management (CMS) with data retention system (DRMS) in an enterprise data center. In this way, an IT security officer and auditor can monitor all potential internal threats across the entire enterprise IT environment centrally. Decision Group network forensic solutions can also be integrated easily with different corporate IT management systems, such as SIEM, IDS, DLP and NMS, to provide a seamless IT security web that addresses any potential IT risk.
Decision Group has developed a full spectrum of network forensic solutions for enterprise IT demand to provide effective internal threat prevention. All the products are based on proven strategies for IT governance and IT risk mitigation in the enterprise IT environment.
Please check out our website: http://www.edecision4u.com for more product sales, technical and service information. Wherever you are, if you need more information about our products and services, please contact us at decision@decision.com.tw. We'll be glad to give you our utmost support service.
About Decision Group, Inc.
Decision Group is a company focused on worldwide renowned DPI application of E-Detective. Decision Group, established in Taipei, Taiwan since 1986, is one of the leaders in manufacturing of PC-Based Multi-Port RS232/422/425 Serial Cards, Data Acquisition & Measurement Products and Industrial Automation and Control Systems.
Decision Group, in the year 2000, started a new line involved in designing and developing equipment and software for Internet Content Monitoring and Network Forensics Analysis Solutions. Now, Decision Group has positioned itself as a total-solution provider with a full-spectrum of products in its portfolio for network forensic and lawful interception.
More Information and Contact by Email: decision@decision.com.tw
URL: www.edecision4u.com (Global), www.internet-recordor.com.tw (Taiwan), www.god-eyes.cn (China), www.decisionjapan.com (Japan) ,
www.e-detective.de (Germany), www.edecision4u.fr (France), www.edecision4u.es (Spain and Latin America) |