Apr 28, 2002 (08:04 PM EDT)
CA IDs Miscreants In Your Midst

Read the Original Article at InformationWeek

As virus and hack attacks from outsiders continue to compromise company networks, the greatest potential for damage still comes from those on the inside.

Tracking down inside threats may get easier. Computer Associates said last week it's developing an application to monitor employees and help uncover suspicious or unauthorized activity. Businesses have collected employee-access information in disparate applications for some time. But CA's eTrust 20/20 will be the first to cull data from all systems that maintain standard logs. It will gather and combine information about who's accessing IT systems, who's entering buildings, or who's on the telephone, then present that data as a 3-D video simulation when the software detects a problem. That will give security administrators a more complete picture of employees' access activities.

"You could have an engineer access designs that they're entitled to access, but then the engineer E-mails the designs to a competitor," says Gartner security analyst John Pescatore. The software would detect such activity using CA's artificial-and business-intelligence technology, Neugents, and CleverPath Aion Business Rules Expert.

As for the 3-D playback of employee activities, Pescatore says the simulation and extensive graphics may not be necessary. "I can't imagine that being easier than simply having the software create a report of employee activity," he says.

But the reports are often lengthy and complex, and the graphical simulation may make it easier for security managers to determine when to raise red flags. "If you can imagine going through hundreds or thousands of logs from multiple systems and mentally recording unusual activity, you would get the idea very quickly," says Barry Keyes, VP of eTrust Security Solutions, a division of CA.

CA's eTrust 20/20 will be available through subscription, president and CEO Sanjay Kumar says. CA hasn't disclosed pricing but says it will be based on the number of employees. But potential customers will have to wait until later this year for the software.