Insider threat is one of the biggest organizational threats to both government and enterprise. Edward Snowden provides one of the more high-profile examples of insider threat but it can also be as mundane as an employee who is about to leave the company and opts to take a few important documents with them. Typically organizations have a response and monitoring plan in place, but now that the NSA scandal revealed just how little privacy we all have, managers rolling out new monitoring systems are likely to be met with ire. SpectorSoft has launched a new insider threat monitoring feature that is designed to keep employee privacy in mind.
Built on the Spector 360 employee digital activity monitoring platform, this first-of-its-kind solution is an insider-threat detection and early-warning system that alerts organizations when policy violations, fraud, data theft, and illegal and inappropriate activities are taking place. Spector 360 Recon performs continuous surveillance of employee digital activities, encrypts the recorded data and stores it in a “black box” on users’ local PCs and Macs in 30 day intervals. Organizations can appoint appropriate personnel to unlock and review this intelligence and make decisions on when to access it based on early-warning alerts.
“The solution provides employers with more active monitoring throughout the organization, including systems administrators, which have the most access on any system,” explains Mike Tierney, VP of Operations, SpectorSoft in an interview with CivSource.
Most organizations have use policies that limit how employees can access the internet or what they might be able to do during the work day, still a recent survey conducted by SpectorSoft shows that 23% of organizations have dealt with insider misuse in some way.
According to Tierney, the black box gives employers some fairly granular controls over where information ends up. “We can track if a document was loaded onto a USB or emailed out. Employers can also turn off tracking for some websites like online banking since that’s information they don’t really need.”
Allowing storage of only 30 days of data at one time can also give employees a bit more privacy. The black box can be turned on or off, and can record for shorter periods of time than 30 days, but on day 31 prior data is overwritten. “We’ll tell employers what we see if we get an alert about activity and then its up to them to determine probable cause and whether to go further. We also encourage companies to make a policy available to employees that lets them know how this is used. We can drop an icon on the desk top so they see there is something recording as well.”