Publications

Follow us on social media

SecureTower – accurate user identification

13 April 2011

The recent version of SecureTower DLP system provides the new feature that automatically links all user contact details (ICQ, Skype, e-mail accounts) to the user profile, thus helping to exactly identify sender and recipient of sensitive information.

The system of user identification was significantly updated in SecureTower new release. As opposed to the commonly used system based on the domain name identification, SecureTower additionally takes advantage of such information as user contact details and accounts, IP-address and the period it was used. It helps to avoid misinterpretation of intercepted data, associated with the sender of sensitive information. Moreover, it simplifies SecureTower implementation in large companies, as manual linking of each user details to large amount of users takes much time.

As a result, the investigation of any data leakage or undesired distribution incident moves to a higher level.

Any disloyal employee is a prospective insider. This is the reason, why it is critically important for a company to control employees’ activities, monitor network usage and accurately determine employee’s social circle and interrelations between all participants.

SecureTower allows automated linking of all communication programs’ accounts (messengers, Skype, e-mail) and IP-addresses, used every day by employees to user cards stored in the System. User cards, in their turn, are integrated with the Active Directory and are filled with all available information there.

Such data allows accurate identifying of all incident participants and on the basis of such information prevent data leakage or resolve possible conflict situation, thus positively affecting the entire company’s operations.

Precise user identification enables exact determination of the user role played in the investigated incident. Updated ID system now helps to acquire accurate information on the stages of incident’s origination and development, thus enabling security officer to prevent it.

Talking about information security, it is more important to prevent the problem by investigating possible reasons at an early stage rather than just get notification after it happened.