With users being able to access the Internet, send and receive e-mail and browse the local network - often in an unstructured manner - it is more important than ever that users or employees are focused and productive and do not steal intellectual property.
It is essential that access to information is managed and users are accountable for their actions. This is according to local data security solutions provider J2 Software.
Companies have a duty to protect their information and also the personal information of their customers. In many cases, there are simply not enough steps taken to protect against all possible eventualities. This duty has been extended from the age-old mention of a company's fiduciary duty to run the business correctly to add additional steps in terms of good governance and responsibility.
To claim “we did not know what was happening” is unacceptable; company directors are forced, through these new laws and good governance practices, to make sure they have preventative, quantitative and corrective steps in place to protect their organisation from risk. Non-compliance can have dire effects, which include directors being held personally liable, or jailed.
J2 Software managing director John Mc Loughlin says many IT administrators and business managers lack the tools to know quickly and accurately what users are doing on an organisation's computers and the network. “Little consideration has been given to providing solid management systems to ensure that the investment in technology delivers maximum benefit while mitigating risk.
“Although most organisations focus solely on securing their networks from external threats with various types of firewall technology, many neglect to implement strategies to manage the internal risks in their network. It is now common knowledge that more than 70% of information security breaches originate internally,” he explains.
“Are your company and your customers' secrets and confidential information safe, even from people within your own organisation, and do you really know? You must know what your people are accessing and whether they are using information correctly and for the correct purposes. You need to guard your information against sabotage and corporate theft. In these difficult times, it is imperative that you track, monitor, enforce and control the activity of your staff. Do you have any idea if your data is leaving the organisation?” he asks.
There are obvious gaps, and these gaps need to be urgently addressed and rectified. SystemSkan offers a new and practical approach to covering these alarming gaps in a simple, single solution. SystemSkan is a fully integrated internal security and policy enforcement solution that can be deployed over small and large-scale networks. It is an essential policy enforcement tool to manage networks, knowledge workers and to protect intellectual property. It also assists management to set the appropriate policy and provides enforcement, which will protect company information, addressing all the questions raised above.
The solution is a total user management tool that provides business managers and IT administrators with the ability to view and record every user's actions on the computer network, including Internet and outgoing e-mail attachments. With SystemSkan, every user event is audited and can be controlled.
In addition, SystemSkan can detect program usage, file access and activity, and generate records of all network activity, including but not limited to Internet use and provide reports in a simple, easy-to-use format.
Unlike basic monitoring products, which are purely reactive (ie, providing a report once a breach of network policy has occurred), SystemSkan provides both reactive and proactive security features. Reactive security is provided through the Web-based Reporting Module, while the proactive security is provided through the Permissions Manager, which allows you to continuously and automatically screen all user activity and can be configured to prevent inappropriate activities or lock users PCs when policy is broken. This proactive functionality prevents policy breach before it occurs.
Mc Loughlin says SystemSkan has been developed to suit the needs of IT administrators, but with a simple to use central console, it is friendly enough for CEOs, department and IT managers to use quickly and easily. “SystemSkan as an essential policy enforcement tool does not replace the requirement for adequate firewall and external security technologies, rather it is complementary technology to provide a complete, internal security and policy enforcement solution.”
The SystemSkan solution can be tailored to match the specific needs of any organisation. Modules include policy enforcement, remote administration and asset management. Additional modules are continually developed to provide for the changing needs of management and network administrators.
It provides a complete audit trail of business and personal use of computers within the workplace. Business managers and IT administrators can view these records at their convenience. Application use, file and directory access, Internet activity and e-mail attachments are all recorded. Reports can be generated and audited logs can be filtered to quickly and easily identify specific activity. Furthermore, all reports can be printed and exported.
The Permissions Manager allows IT administrators to predefine a list of suitable applications, network information and Web sites that can be accessed by particular groups of users. For example, a certain user group may only be permitted to run common applications such as Microsoft Office and Outlook, and access a limited number of work related websites. Another user group may be able to access more applications, a larger list of Web sites and a different set of network directories.
“Simple restrictions on the use of removable media such as CD Rom or flash drives can help to greatly reduce the introduction of viruses and the removal of company data. Similarly, restricting access to unsecured Web-based mailing (eg, Hotmail and Yahoo) ensures that users are utilising the company e-mail system in a manner that promotes professionalism and ensures that confidential information is not removed from site without authorisation or traceability,” he explains.
The Notification Manager directs the administrator to suspicious activities, once a suspicious activity has been identified, SystemSkan can enable various automated actions including no action; warn the user of the activity; alert the administrator; close the application automatically, take a snapshot of the workstation's screen; lock the workstation; or combinations of any of the aforementioned.
Unlike simple graphical remote control products, SystemSkan Remote Administration provides total control over any number of remote computers without chewing up bandwidth or slowing down the network. This enables IT administrators to maximise their productivity without disturbing users.
This module also provides a helpdesk facility with integrated messaging and remote launching of executables, Web sites and applications.
For more information, contact J2 Software on 0861 00 J TWO (5896) or email john@jtwo.co.za.
Share
J2 Software
J2 Software is a leading South African IT security company. While most organisations are now starting to realise the impact of data theft and abuse of IT resources by employees, J2 recognised the need to protect against this activity some time ago. J2 Software was born after the founders identified an opportunity in the IT market in South Africa and the rest of Africa. They saw a growing need for information security solutions that were comprehensive, simple to deploy, easy to use and good value for money. After tireless searching and investigation, J2 Software was officially launched in 2006.
Shortly after inception, the customer list of J2 Software started to grow rapidly; and this continues to be the case to this day. J2 Software has provided services and solutions to numerous renowned, forward-thinking companies with sites running in South Africa, Angola, Botswana, Kenya, Malawi, Mauritius, Mozambique, Tanzania, Uganda and Zambia.
J2 Software provides solutions and services to various organisations that have a requirement to secure their sensitive information as well as implement, monitor and enforce internal security policies. In recent times, organisations are placing a far higher priority on the security, accountability and control of their most prized asset, their information.
Adding to this is the ever-growing pressure being placed on companies and their directors to maintain the security and control of the sensitive data of their clients, as well as the necessity to conform to various local and international compliance regulations.
With the continued rise of identity theft and confidential data leakage the need for our product offering is not only and advantage, but an absolute necessity.
Editorial contacts