SlideShare a Scribd company logo
AWARENESS
                                                                    T E C H N O L O G I E S
                                                                    Complete internal threat solution on
                                                                    the endpoint delivered as a service
                                                                    A Whitepaper By Ron Penna




                                                                    About Awareness Technologies, Inc
                                                                    Awareness Technologies, Inc (ATI) is a Los Angeles, California company founded in
                                                                    2002 who has over 200,000 total users and 10,000 corporate customers using ATI’s
                                                                    patented Software as a Service (SaaS) all-in-one endpoint security solution to
                                                                    protect organizations from their greatest threat, the insider. Awareness
                                                                    Technologies was honored with the distinction of “Technology Fast 500” by Deloitte
                                                                    in 2008. Leading and marquee organizations in government, financial, health care,
                                                                    education and many Fortune 5000 companies use Awareness Technologies to
                                                                    mitigate the threats posed by insiders.




Awareness Technologies, Inc.    Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com   ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS
T E C H N O L O G I E S


                                Awareness Technologies
                                Complete internal threat solution on the endpoint delivered as a service
                                A Whitepaper By Ron Penna


                                The primary focus of security professionals over the last 10 years has been External Security – keeping the unknown bad guy
                                out. However, there is now recognition that Insiders are by far the greatest risk to a company, as they know where critical and
                                confidential data already resides. Insiders can be an employee, contractor, telecommuter, traveler, or anyone that has
                                privileged access to systems. Breaches caused by insiders can include negligence, pretexting, and carelessness, as well as a
                                wide range of malicious behavior. Even most breaches by external individuals were made possible by insiders whether
                                deliberate or not.


                                Insiders are a growing problem and yet the technology solutions available to mitigate the insider threat are far fewer in
                                number, and far less utilized than solutions that claim to prevent compromise by outsiders. The dedicated focus on external
                                threats has created a very large gap in most organizations information security programs that companies are just now realizing
                                they must address. Like the slow boil of a frog in water, as a society we have acclimated ourselves to a very unhealthy balance
                                between external and internal threats. It is important that we understand why so we can reverse this trend.




                                Information Security Evolution
                                Over the past decade, information security has gone through a series of evolutionary steps. Originally there were single,
                                individual threats from the outside. These were individually mitigated through separate solutions. Viruses were stopped by
                                anti-virus solutions; hackers blocked by firewalls; SPAM filtered by anti-SPAM solutions, and so forth.



                                     Security 2000-2009



                                         Viruses                                                                                                Hackers
                                                                         us




                                                                                                                         Fire


                                                                                       Company Network
                                                                    i-Vir




                                                                                                                             wal
                                                                 Ant




                                                                                                                                l
                                                                                                                          are
                                                                   An




                                                                                                                       alw
                                                                     ti-
                                                                        Sp




                                                                                                                   ti-M
                                                                          am




                                                                                                                 An




                                              Spam                                                                                          Malware


                                The number of threats and paired solutions grew to the point where technology providers began offering solutions that
                                included several mitigation techniques within a single device. These devices are commonly referred to as unified threat
                                management (UTM) devices. Most organizations today don’t just have a firewall but rather an all-in-one device that that
                                includes firewall, intrusion detection and prevention, gateway anti-virus, web content filtering, SPAM filtering and more.
                                These UTM devices attempt to give you all the protection you need from Internet based threats.




                                                                          PAGE 1



Awareness Technologies, Inc.               Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com              ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS
T E C H N O L O G I E S
                                Awareness Technologies
                                Complete internal threat solution on the endpoint delivered as a service                                                                   A Whitepaper By Ron Penna



                                The threat landscape has changed over the past few years to be more focused on internal threats. This includes attackers
                                directly compromising internal systems as well as increased risks from insiders themselves. Confidential data loss, laptop theft
                                and loss, employee productivity and liability issues, regulatory compliance, incident forensics and data monitoring and recording
                                are all issues the modern day information security professional, compliance officer, and IT administrator must address.



                                  Security 2010 and Beyond

                                                                                                                    DLP
                                       Viruses                                                                                                                            Hackers



                                                                          us
                                                                     i-Vir




                                                                                                                                                           Fire
                                                                                                                 Confidential


                                                                  Ant
                                                                                                                    Data




                                                                                                                                                               wal
                                                                                                                                                                  l
                                                                                                              Company Network

                                                                         Laptop Recovery




                                                                                                                                                       Web Filtering
                                                                                                Laptop                               Employee
                                                                                               Theft/Loss                           Productivity




                                                                                                                                                            are
                                                                                                              Employee Errors &




                                                                                                                                                         alw
                                                                                                              Regulatory Failures
                                                                      An




                                                                                                                                                     ti-M
                                                                        ti-
                                                                           Sp




                                                                                                                                                   An
                                                                             am




                                                                                                            Employee Monitoring

                                        Spam                                                                                                                            Malware


                                Again we see the same pattern but this time it revolves around insider threats. Individual internal threats spawn a myriad
                                of individual point solutions . Software conflicts, management difficulty, and interoperability will naturally lead to the next
                                evolution of insider threat mitigation solutions. What emerges is an all-in-one solution that has a complete set of security
                                solutions to protect organizations from their greatest threat, the insider.


                                In addition to the trend toward a unified threat solution, there are two other key themes that have now become core to
                                IT security. The first is Software as a Service or SaaS. The need for simplicity has emerged as a critical element that
                                allows companies to adopt a multitude of security technologies in a rapid and efficient manner.




                                            Proliferation of single                                Proliferation of single                                             Emergence of UTM
                                             point solutions for                                    point solutions for                                                for Internal Threats
                                               external threats                                       external threats




                                2000                2005                                   2007                   2008               2009            2010                  FUTURE




                                   Emergence of SaaS                                       Emergence of UTM                         Proliferation of single            Emergence of SaaS
                                   for external threats                                      to consolidate                           point solution for               for Internal Threats
                                                                                            external threats                           internal threats




                                                                                            PAGE 2



Awareness Technologies, Inc.                Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com               ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS
T E C H N O L O G I E S

                                 Awareness Technologies
                                 Complete internal threat solution on the endpoint delivered as a service                                              A Whitepaper By Ron Penna



                                 The second is the shift away from network-based security technologies to the endpoint, as recognition of the clear
                                 benefits from controlling the problem at their source – the endpoint.


                                                   Summary of 4 core evolutionary themes in IT Security

                                                   Old                                                      New
                                                   External threats                                         Internal Threats
                                                   Multi-point solutions                                    Unified Threat Solution
                                                   Complex/costly                                           SaaS (simple/lowcost)
                                                   Network-based                                            Endpoint-based




                                The Solution in Concept
                                With the above in mind, Awareness Technologies has created Interguard -- a complete, unified solution focused on insider
                                threats through a single vendor that offers easy deployment and centralized management though a SaaS delivery model
                                which sits on the endpoint providing complete visibility and control.



                                1. Unified Internal Threat Solution
                                There is no shortage of technologies that mitigate specific threats. With the number of new threats compounding each
                                year, more and more technologies are needed. These single point solutions have become a plague for IT administrators
                                due to the overwhelming administrative and management requirements that accompany having so many different
                                technologies, each with their own management and monitoring interface. Information security professionals need to have
                                an all-in-one, multi-threat prevention platform that creates layered security protection for all insider threats including loss
                                of critical data (both intentional and accidental) as well as employee productivity and malfeasance. Accordingly, a
                                complete insider threat solution would include all elements necessary to control all insider actions including:

                                      Data Loss Prevention
                                      Web Filtering
                                      Laptop Recovery
                                      Employee Monitoring



                                2. End-Point Security Solution
                                With the exception of desktop anti-virus, nearly everything organizations use to protect their networks and systems is
                                applied on the network level. Firewalls, intrusion detection systems, proxies, filters, and scores of other technologies have
                                been used at the “edge” of the network to keep the bad guys out. This approach is sensible to keep bad guys out;
                                However, the situation is different with insiders as their damage is done from within the network or the endpoint.
                                Accordingly, it is nothing more than common (or uncommon) sense that insider threat protection occur on the endpoint.
                                In addition, with the advent of the mobile workforce, endpoint security has become that much more necessary as network
                                based solutions do not adequately account for off-network staff. What information security professionals need is a next
                                generation end-point solution that focuses on the insider that works everywhere and sees everything. No excuses or
                                exceptions for telecommuters, travelers, and other remote employees. No security gaps missed by lack of visibility across
                                all end-points, regardless of location.




                                                                            PAGE 3



Awareness Technologies, Inc.                 Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com                ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS
T E C H N O L O G I E S

                                Awareness Technologies
                                Complete internal threat solution on the endpoint delivered as a service                                              A Whitepaper By Ron Penna




                                3. Software as a Service
                                For years IT administrators and information security personnel have struggled with the difficulty of traditional client/server
                                applications. Each new threat has a corresponding solution that must be tested, deployed and managed. Most require
                                hardware for centralized data collection, reporting, management, configuration and monitoring. Procuring hardware for
                                each new solution is both timely and costly. Setup and configuration of a system are often times so complex, it is nearly
                                impossible to try solutions before you buy them. What information security professionals need is a method to easily and
                                quickly download, try and buy solutions that don’t require any hardware whatsoever. This is what SaaS promises,
                                however few technology providers have been able to step up and address the needs of organizations in this way.




                                                                                                  Internet

                                                Offsite
                                               Employee
                                                                                                                                              Employee on
                                                                                   Data Center           Reporting                              the road


                                                                                              Organization




                                Data Protection and Employee Productivity Redefined
                                In order to understand the solution, we need to agree on the problem. From a very high level, insiders can do two things
                                to cause damage to a business. The first is leak or lose critical data, while the second is use company resources for
                                unproductive purposes. Most of us believe that DLP and Webfiltering are sufficient to solve these issues. But are they?
                                Let’s start with the first – leak or lose of data.


                                Again, the common view is that DLP is the answer to prevent data leaks. However, let’s examine the realities. In DLP, we
                                set up policies to prevent confidential data from leaving the organization, either through email or removable media. So the
                                first step is to set up policies, and then let the machine do the rest. Standard DLP is ideal for what it does, but let’s
                                examine it in the real world by looking at some what if scenarios:


                                        1. DLP is only as good as the policies you set up. What if you don’t set up all the policies you need?
                                            What if there are gaps? How would you even know if sensitive data was leaking out?

                                        2. As most DLP solutions are network based, what if you have remote or travelling staff? What if
                                            personal webmail (hotmail) is used to send out data?

                                        3. What about data that is sensitive but required for business, such as a salesperson needing client data
                                            including all contact information, expiration date and amount of contracts? Since we can’t prevent
                                            them from having this data, how do we control this threat if they leave to go to a competitor?

                                        4. What about data that is saved to a laptop that walks out the door every day or from time-to-time?
                                            How does standard DLP address lost or stolen laptops?




                                                                            PAGE 4



Awareness Technologies, Inc.                 Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com                ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS
T E C H N O L O G I E S

                                Awareness Technologies
                                Complete internal threat solution on the endpoint delivered as a service                                                A Whitepaper By Ron Penna



                                For this reason, we believe that DLP is a necessary but insufficient solution for protecting data. In order to complete
                                the picture, organizations need to be able to both record and store all computer activity as well as have the ability to
                                retrieve/disable the asset or delete the information stored on laptops. By recording all computer activity data,
                                Information security specialists can now review the realities of what data is leaving the organization and thus
                                fine-tune policies. In addition, a complete forensic record exists on demand should an issue arise. With respect to
                                laptops, most data breaches today occur as a result of lost or stolen laptops. These have also represented the most
                                public and damaging cases. Thus, the ability to geolocate and/or disable a laptop or delete sensitive information
                                remotely is a critical element of complete data protection.


                                As such, Awareness Technologies Data Protection suite includes complete data protection through:

                                1.    DLP
                                         Screen all email (both work and personal) including attachments for sensitive data and block if needed.

                                         Detect and block non-public personal information (NPPI) from leaving your network or organization.

                                         Stop the use of removable media.

                                         Block files based on their content from being copied to portable media.

                                         Protect and enforce policies governing each employee’s computer use, including those that never
                                         connect to a network…including laptops!

                                         Easy intuitive policy creation.



                                 2.    Stolen Laptop Protection
                                            Remotely retrieve important files invisibly, using any Internet connection.

                                            Monitor everything the thief does including all of the files they attempt to access, etc.

                                            Prevent the thief from being able to access to any desired programs (Excel, Word, etc.)

                                            Remotely delete files or an entire hard drive.

                                            Secure and confirm deletion to the highest government standard of unrecoverability.

                                            Geo-locate the stolen laptop, in real-time over any Internet connection, often with greater accuracy than GPS.



                                  3.   Employee Monitoring
                                            Trigger words allow for proactive alerts without the need to log in to the admin view.

                                            Works invisibly and undetectable at each desktop, without impacting central network computer resources.

                                            Records all employee communications including email, webmail, and instant messaging.

                                            Blocks or limits applications like peer to peer, webmail and instant messaging.

                                            Records and analyzes all keystroke activity, regardless of the application used.

                                            Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses.

                                            Screenshots taken whenever an alert word is typed or read on a webpage.

                                            Ability to search all stored data based on alert words as well as sender or recipient.

                                            Full individualized reporting on an employee’s computer activity.


                                                                             PAGE 5



Awareness Technologies, Inc.                  Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com                 ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS
T E C H N O L O G I E S

                                Awareness Technologies
                                Complete internal threat solution on the endpoint delivered as a service                                              A Whitepaper By Ron Penna



                                Now let’s turn to Employee Productivity. Again, it is commonly believed that standard network-based webfiltering fully
                                addresses this issue. But let’s ask a few what ifs:

                                      1. What if the employee is remote or travelling? In today’s business climate, few organizations don’t have a
                                          growing remote employee base. Once of the network, there is no way to enforce policy.

                                      2. Are there other unproductive activities beyond simple url blocking, such as IM, personal email, peer-to-peer, games?

                                      3. What can you really tell about an employee’s day from a list of urls visited? Can you really tell what is being googled?


                                For this reason, we believe that standard network-based webfiltering is insufficient. The first problem is addressed by a
                                solution that works both on and off network. Endpoint solutions accomplish are the only way to address this scenario. The
                                second problem is addressed through a solution that goes beyond webfiltering by recording all computer activity and can
                                block any application such as webmail, IM, games and peer-to-peer. In this way, an employer can be assured that
                                company assets can only be used for work purposes as can see a full picture of the employees day in context. That is,
                                how much time is spent on work email, vs personal email vs. websurfing vs IM vs. Excel or Word or Powerpoint.



                                 Day in the life of an employee:


                                                              Business Email                                            Games



                                                                                                                                Media Player




                                               Microsoft Office                                                                      File Sharing




                                                                                                                                     IM/Chat



                                                        Personal Email



                                                                                                            Web Browsing




                                As such, Awareness Technologies Employee Productivity suite includes:


                                 1.   Webfiltering
                                          Monitors and filters Internet use on and off the network (even on laptops).

                                          Blocks or limits applications like peer-to-peer and instant messaging.

                                          Screenshots taken whenever an alert word is typed or read on a webpage.

                                          All search terms captured.

                                          Works whether the system is connected to the network or not.




                                                                               PAGE 6



Awareness Technologies, Inc.                  Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com                 ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS
T E C H N O L O G I E S

                                Awareness Technologies
                                Complete internal threat solution on the endpoint delivered as a service                                            A Whitepaper By Ron Penna


                                2.   Employee Monitoring
                                        Works invisibly and undetectable at each desktop, without impacting central network computer resources.

                                        Records all employee communications including email, webmail, and instant messaging.

                                        Blocks or limits applications like peer to peer, webmail and instant messaging.

                                        Records and analyzes all keystroke activity, regardless of the application used.

                                        Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses.

                                        Screenshots taken whenever an alert word is typed or read on a webpage.

                                        Ability to search all stored data based on alert words as well as sender or recipient.

                                        Full individualized reporting on an employee’s computer activity.




                                Employers today recognize that employees represent their greatest competitive asset, and thus their greatest potential
                                threat. With a business climate today that demands maximum employee productivity and recognizes that employees have
                                access and knowledge of critical data. a greater portion of the IT security budget will begin to be spent on solutions that
                                mitigate the greatest threat to organizations, the insider. While this fundamental shift will not happen overnight, it will
                                literally redefine information security over the next decade. As such, we urge organizations to consider the entirety of the
                                problem and to not take the same piecemeal approach initially used in addressing external threats.



                                Organizations should consider lessons learned from the evolution of external security and consider solutions that solve the
                                problem. In summary, these are:



                                1.     Complete – one solution and one interface for all insider threats.


                                2.    SaaS – removes obstacle to adoption through simplicity of installation and management.


                                3.    Endpoint – control the problem at the source for complete visibility and control.




                                 Awareness Technologies
                                The Awareness Technologies solution is the next evolution in insider risk mitigation technology designed for organizations
                                of all sizes. With its easy to deploy, easy trial, and no hardware required, you can immediately enjoy the benefits of this
                                next generation solution within minutes.




                                                                          PAGE 7



Awareness Technologies, Inc.               Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557
www.awarenesstechnologies.com              ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.

More Related Content

Viewers also liked

Mx Pb En 100929
Mx Pb En 100929Mx Pb En 100929
Forrester Healthcare
Forrester HealthcareForrester Healthcare
Forrester Healthcare
GuardEra Access Solutions, Inc.
 
Patrick Notley1
Patrick Notley1Patrick Notley1
HITECH Modifications to HIPAA
HITECH Modifications to HIPAAHITECH Modifications to HIPAA
HITECH Modifications to HIPAA
GuardEra Access Solutions, Inc.
 
HIPAA Regs
HIPAA RegsHIPAA Regs
Wordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment WebsiteWordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment Website
stevewilsonguru
 

Viewers also liked (6)

Mx Pb En 100929
Mx Pb En 100929Mx Pb En 100929
Mx Pb En 100929
 
Forrester Healthcare
Forrester HealthcareForrester Healthcare
Forrester Healthcare
 
Patrick Notley1
Patrick Notley1Patrick Notley1
Patrick Notley1
 
HITECH Modifications to HIPAA
HITECH Modifications to HIPAAHITECH Modifications to HIPAA
HITECH Modifications to HIPAA
 
HIPAA Regs
HIPAA RegsHIPAA Regs
HIPAA Regs
 
Wordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment WebsiteWordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment Website
 

Similar to Awarenesstechnologies Intro Document

Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer
 
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselUnderstanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Adam Palmer
 
Anti virus in the corporate arena
Anti virus in the corporate arenaAnti virus in the corporate arena
Anti virus in the corporate arena
UltraUploader
 
L123
L123L123
L123
Btyy121
 
Project.pptx
Project.pptxProject.pptx
Project.pptx
Dhruv896840
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)
Hamisi Kibonde
 
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
CompanySeceon
 
Readying People Against Deceptive Practices
Readying People Against Deceptive PracticesReadying People Against Deceptive Practices
Readying People Against Deceptive Practices
MSFTSIRv16
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of Bloatware
GFI Software
 
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTMDSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
Andris Soroka
 
Attact evolution
Attact evolutionAttact evolution
Attact evolution
RoshAan4
 
The impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clientsThe impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clients
Jose Lopez
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape   dave cunningham quoted sep 2008The risk landscape   dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008
David Cunningham
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview EN
ITrust - Cybersecurity as a Service
 
2013 global security report
2013 global security report2013 global security report
2013 global security report
Yury Chemerkin
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
CMR WORLD TECH
 
Security Strategies for UC
Security Strategies for UCSecurity Strategies for UC
Security Strategies for UC
Digium
 
Symantec reportinternetsecurity
Symantec reportinternetsecuritySymantec reportinternetsecurity
Symantec reportinternetsecurity
Achraf Chtibi
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docx
acarolyn
 
symc_annual2001
symc_annual2001symc_annual2001
symc_annual2001
finance40
 

Similar to Awarenesstechnologies Intro Document (20)

Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
 
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselUnderstanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House Counsel
 
Anti virus in the corporate arena
Anti virus in the corporate arenaAnti virus in the corporate arena
Anti virus in the corporate arena
 
L123
L123L123
L123
 
Project.pptx
Project.pptxProject.pptx
Project.pptx
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)
 
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
 
Readying People Against Deceptive Practices
Readying People Against Deceptive PracticesReadying People Against Deceptive Practices
Readying People Against Deceptive Practices
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of Bloatware
 
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTMDSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
 
Attact evolution
Attact evolutionAttact evolution
Attact evolution
 
The impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clientsThe impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clients
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape   dave cunningham quoted sep 2008The risk landscape   dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview EN
 
2013 global security report
2013 global security report2013 global security report
2013 global security report
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Security Strategies for UC
Security Strategies for UCSecurity Strategies for UC
Security Strategies for UC
 
Symantec reportinternetsecurity
Symantec reportinternetsecuritySymantec reportinternetsecurity
Symantec reportinternetsecurity
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docx
 
symc_annual2001
symc_annual2001symc_annual2001
symc_annual2001
 

More from GuardEra Access Solutions, Inc.

Rp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xgRp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xg
GuardEra Access Solutions, Inc.
 
Deepwater Horizon
Deepwater HorizonDeepwater Horizon
Cloud Computing Payback
Cloud Computing PaybackCloud Computing Payback
Cloud Computing Payback
GuardEra Access Solutions, Inc.
 
10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets
GuardEra Access Solutions, Inc.
 
Security Breach Laws
Security Breach LawsSecurity Breach Laws
Security Breach Laws
GuardEra Access Solutions, Inc.
 
2010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V12010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V1
GuardEra Access Solutions, Inc.
 
2010 Hipaa Rules 011310
2010 Hipaa Rules 0113102010 Hipaa Rules 011310
2010 Hipaa Rules 011310
GuardEra Access Solutions, Inc.
 
Og Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact ReportOg Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact Report
GuardEra Access Solutions, Inc.
 
Accel Ops Brochure0609
Accel Ops Brochure0609Accel Ops Brochure0609
Accel Ops Brochure0609
GuardEra Access Solutions, Inc.
 
Healthcare Data Security Update
Healthcare Data Security UpdateHealthcare Data Security Update
Healthcare Data Security Update
GuardEra Access Solutions, Inc.
 
HITECH Act
HITECH ActHITECH Act
EMR Yes- No
EMR Yes- NoEMR Yes- No
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
GuardEra Access Solutions, Inc.
 
Closing the Clinical IT Chasm
Closing the Clinical IT ChasmClosing the Clinical IT Chasm
Closing the Clinical IT Chasm
GuardEra Access Solutions, Inc.
 
Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & Cost
GuardEra Access Solutions, Inc.
 
2009 Databreach Report
2009 Databreach Report2009 Databreach Report
2009 Databreach Report
GuardEra Access Solutions, Inc.
 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
GuardEra Access Solutions, Inc.
 
Enabling Healthcare Reform Using IT
Enabling Healthcare Reform Using ITEnabling Healthcare Reform Using IT
Enabling Healthcare Reform Using IT
GuardEra Access Solutions, Inc.
 
Thisa Lite Message
Thisa Lite MessageThisa Lite Message
Thisa Customer Presentation Ga
Thisa Customer Presentation GaThisa Customer Presentation Ga
Thisa Customer Presentation Ga
GuardEra Access Solutions, Inc.
 

More from GuardEra Access Solutions, Inc. (20)

Rp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xgRp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xg
 
Deepwater Horizon
Deepwater HorizonDeepwater Horizon
Deepwater Horizon
 
Cloud Computing Payback
Cloud Computing PaybackCloud Computing Payback
Cloud Computing Payback
 
10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets
 
Security Breach Laws
Security Breach LawsSecurity Breach Laws
Security Breach Laws
 
2010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V12010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V1
 
2010 Hipaa Rules 011310
2010 Hipaa Rules 0113102010 Hipaa Rules 011310
2010 Hipaa Rules 011310
 
Og Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact ReportOg Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact Report
 
Accel Ops Brochure0609
Accel Ops Brochure0609Accel Ops Brochure0609
Accel Ops Brochure0609
 
Healthcare Data Security Update
Healthcare Data Security UpdateHealthcare Data Security Update
Healthcare Data Security Update
 
HITECH Act
HITECH ActHITECH Act
HITECH Act
 
EMR Yes- No
EMR Yes- NoEMR Yes- No
EMR Yes- No
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
 
Closing the Clinical IT Chasm
Closing the Clinical IT ChasmClosing the Clinical IT Chasm
Closing the Clinical IT Chasm
 
Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & Cost
 
2009 Databreach Report
2009 Databreach Report2009 Databreach Report
2009 Databreach Report
 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
 
Enabling Healthcare Reform Using IT
Enabling Healthcare Reform Using ITEnabling Healthcare Reform Using IT
Enabling Healthcare Reform Using IT
 
Thisa Lite Message
Thisa Lite MessageThisa Lite Message
Thisa Lite Message
 
Thisa Customer Presentation Ga
Thisa Customer Presentation GaThisa Customer Presentation Ga
Thisa Customer Presentation Ga
 

Awarenesstechnologies Intro Document

  • 1. AWARENESS T E C H N O L O G I E S Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna About Awareness Technologies, Inc Awareness Technologies, Inc (ATI) is a Los Angeles, California company founded in 2002 who has over 200,000 total users and 10,000 corporate customers using ATI’s patented Software as a Service (SaaS) all-in-one endpoint security solution to protect organizations from their greatest threat, the insider. Awareness Technologies was honored with the distinction of “Technology Fast 500” by Deloitte in 2008. Leading and marquee organizations in government, financial, health care, education and many Fortune 5000 companies use Awareness Technologies to mitigate the threats posed by insiders. Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 2. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The primary focus of security professionals over the last 10 years has been External Security – keeping the unknown bad guy out. However, there is now recognition that Insiders are by far the greatest risk to a company, as they know where critical and confidential data already resides. Insiders can be an employee, contractor, telecommuter, traveler, or anyone that has privileged access to systems. Breaches caused by insiders can include negligence, pretexting, and carelessness, as well as a wide range of malicious behavior. Even most breaches by external individuals were made possible by insiders whether deliberate or not. Insiders are a growing problem and yet the technology solutions available to mitigate the insider threat are far fewer in number, and far less utilized than solutions that claim to prevent compromise by outsiders. The dedicated focus on external threats has created a very large gap in most organizations information security programs that companies are just now realizing they must address. Like the slow boil of a frog in water, as a society we have acclimated ourselves to a very unhealthy balance between external and internal threats. It is important that we understand why so we can reverse this trend. Information Security Evolution Over the past decade, information security has gone through a series of evolutionary steps. Originally there were single, individual threats from the outside. These were individually mitigated through separate solutions. Viruses were stopped by anti-virus solutions; hackers blocked by firewalls; SPAM filtered by anti-SPAM solutions, and so forth. Security 2000-2009 Viruses Hackers us Fire Company Network i-Vir wal Ant l are An alw ti- Sp ti-M am An Spam Malware The number of threats and paired solutions grew to the point where technology providers began offering solutions that included several mitigation techniques within a single device. These devices are commonly referred to as unified threat management (UTM) devices. Most organizations today don’t just have a firewall but rather an all-in-one device that that includes firewall, intrusion detection and prevention, gateway anti-virus, web content filtering, SPAM filtering and more. These UTM devices attempt to give you all the protection you need from Internet based threats. PAGE 1 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 3. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The threat landscape has changed over the past few years to be more focused on internal threats. This includes attackers directly compromising internal systems as well as increased risks from insiders themselves. Confidential data loss, laptop theft and loss, employee productivity and liability issues, regulatory compliance, incident forensics and data monitoring and recording are all issues the modern day information security professional, compliance officer, and IT administrator must address. Security 2010 and Beyond DLP Viruses Hackers us i-Vir Fire Confidential Ant Data wal l Company Network Laptop Recovery Web Filtering Laptop Employee Theft/Loss Productivity are Employee Errors & alw Regulatory Failures An ti-M ti- Sp An am Employee Monitoring Spam Malware Again we see the same pattern but this time it revolves around insider threats. Individual internal threats spawn a myriad of individual point solutions . Software conflicts, management difficulty, and interoperability will naturally lead to the next evolution of insider threat mitigation solutions. What emerges is an all-in-one solution that has a complete set of security solutions to protect organizations from their greatest threat, the insider. In addition to the trend toward a unified threat solution, there are two other key themes that have now become core to IT security. The first is Software as a Service or SaaS. The need for simplicity has emerged as a critical element that allows companies to adopt a multitude of security technologies in a rapid and efficient manner. Proliferation of single Proliferation of single Emergence of UTM point solutions for point solutions for for Internal Threats external threats external threats 2000 2005 2007 2008 2009 2010 FUTURE Emergence of SaaS Emergence of UTM Proliferation of single Emergence of SaaS for external threats to consolidate point solution for for Internal Threats external threats internal threats PAGE 2 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 4. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The second is the shift away from network-based security technologies to the endpoint, as recognition of the clear benefits from controlling the problem at their source – the endpoint. Summary of 4 core evolutionary themes in IT Security Old New External threats Internal Threats Multi-point solutions Unified Threat Solution Complex/costly SaaS (simple/lowcost) Network-based Endpoint-based The Solution in Concept With the above in mind, Awareness Technologies has created Interguard -- a complete, unified solution focused on insider threats through a single vendor that offers easy deployment and centralized management though a SaaS delivery model which sits on the endpoint providing complete visibility and control. 1. Unified Internal Threat Solution There is no shortage of technologies that mitigate specific threats. With the number of new threats compounding each year, more and more technologies are needed. These single point solutions have become a plague for IT administrators due to the overwhelming administrative and management requirements that accompany having so many different technologies, each with their own management and monitoring interface. Information security professionals need to have an all-in-one, multi-threat prevention platform that creates layered security protection for all insider threats including loss of critical data (both intentional and accidental) as well as employee productivity and malfeasance. Accordingly, a complete insider threat solution would include all elements necessary to control all insider actions including: Data Loss Prevention Web Filtering Laptop Recovery Employee Monitoring 2. End-Point Security Solution With the exception of desktop anti-virus, nearly everything organizations use to protect their networks and systems is applied on the network level. Firewalls, intrusion detection systems, proxies, filters, and scores of other technologies have been used at the “edge” of the network to keep the bad guys out. This approach is sensible to keep bad guys out; However, the situation is different with insiders as their damage is done from within the network or the endpoint. Accordingly, it is nothing more than common (or uncommon) sense that insider threat protection occur on the endpoint. In addition, with the advent of the mobile workforce, endpoint security has become that much more necessary as network based solutions do not adequately account for off-network staff. What information security professionals need is a next generation end-point solution that focuses on the insider that works everywhere and sees everything. No excuses or exceptions for telecommuters, travelers, and other remote employees. No security gaps missed by lack of visibility across all end-points, regardless of location. PAGE 3 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 5. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna 3. Software as a Service For years IT administrators and information security personnel have struggled with the difficulty of traditional client/server applications. Each new threat has a corresponding solution that must be tested, deployed and managed. Most require hardware for centralized data collection, reporting, management, configuration and monitoring. Procuring hardware for each new solution is both timely and costly. Setup and configuration of a system are often times so complex, it is nearly impossible to try solutions before you buy them. What information security professionals need is a method to easily and quickly download, try and buy solutions that don’t require any hardware whatsoever. This is what SaaS promises, however few technology providers have been able to step up and address the needs of organizations in this way. Internet Offsite Employee Employee on Data Center Reporting the road Organization Data Protection and Employee Productivity Redefined In order to understand the solution, we need to agree on the problem. From a very high level, insiders can do two things to cause damage to a business. The first is leak or lose critical data, while the second is use company resources for unproductive purposes. Most of us believe that DLP and Webfiltering are sufficient to solve these issues. But are they? Let’s start with the first – leak or lose of data. Again, the common view is that DLP is the answer to prevent data leaks. However, let’s examine the realities. In DLP, we set up policies to prevent confidential data from leaving the organization, either through email or removable media. So the first step is to set up policies, and then let the machine do the rest. Standard DLP is ideal for what it does, but let’s examine it in the real world by looking at some what if scenarios: 1. DLP is only as good as the policies you set up. What if you don’t set up all the policies you need? What if there are gaps? How would you even know if sensitive data was leaking out? 2. As most DLP solutions are network based, what if you have remote or travelling staff? What if personal webmail (hotmail) is used to send out data? 3. What about data that is sensitive but required for business, such as a salesperson needing client data including all contact information, expiration date and amount of contracts? Since we can’t prevent them from having this data, how do we control this threat if they leave to go to a competitor? 4. What about data that is saved to a laptop that walks out the door every day or from time-to-time? How does standard DLP address lost or stolen laptops? PAGE 4 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 6. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna For this reason, we believe that DLP is a necessary but insufficient solution for protecting data. In order to complete the picture, organizations need to be able to both record and store all computer activity as well as have the ability to retrieve/disable the asset or delete the information stored on laptops. By recording all computer activity data, Information security specialists can now review the realities of what data is leaving the organization and thus fine-tune policies. In addition, a complete forensic record exists on demand should an issue arise. With respect to laptops, most data breaches today occur as a result of lost or stolen laptops. These have also represented the most public and damaging cases. Thus, the ability to geolocate and/or disable a laptop or delete sensitive information remotely is a critical element of complete data protection. As such, Awareness Technologies Data Protection suite includes complete data protection through: 1. DLP Screen all email (both work and personal) including attachments for sensitive data and block if needed. Detect and block non-public personal information (NPPI) from leaving your network or organization. Stop the use of removable media. Block files based on their content from being copied to portable media. Protect and enforce policies governing each employee’s computer use, including those that never connect to a network…including laptops! Easy intuitive policy creation. 2. Stolen Laptop Protection Remotely retrieve important files invisibly, using any Internet connection. Monitor everything the thief does including all of the files they attempt to access, etc. Prevent the thief from being able to access to any desired programs (Excel, Word, etc.) Remotely delete files or an entire hard drive. Secure and confirm deletion to the highest government standard of unrecoverability. Geo-locate the stolen laptop, in real-time over any Internet connection, often with greater accuracy than GPS. 3. Employee Monitoring Trigger words allow for proactive alerts without the need to log in to the admin view. Works invisibly and undetectable at each desktop, without impacting central network computer resources. Records all employee communications including email, webmail, and instant messaging. Blocks or limits applications like peer to peer, webmail and instant messaging. Records and analyzes all keystroke activity, regardless of the application used. Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses. Screenshots taken whenever an alert word is typed or read on a webpage. Ability to search all stored data based on alert words as well as sender or recipient. Full individualized reporting on an employee’s computer activity. PAGE 5 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 7. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna Now let’s turn to Employee Productivity. Again, it is commonly believed that standard network-based webfiltering fully addresses this issue. But let’s ask a few what ifs: 1. What if the employee is remote or travelling? In today’s business climate, few organizations don’t have a growing remote employee base. Once of the network, there is no way to enforce policy. 2. Are there other unproductive activities beyond simple url blocking, such as IM, personal email, peer-to-peer, games? 3. What can you really tell about an employee’s day from a list of urls visited? Can you really tell what is being googled? For this reason, we believe that standard network-based webfiltering is insufficient. The first problem is addressed by a solution that works both on and off network. Endpoint solutions accomplish are the only way to address this scenario. The second problem is addressed through a solution that goes beyond webfiltering by recording all computer activity and can block any application such as webmail, IM, games and peer-to-peer. In this way, an employer can be assured that company assets can only be used for work purposes as can see a full picture of the employees day in context. That is, how much time is spent on work email, vs personal email vs. websurfing vs IM vs. Excel or Word or Powerpoint. Day in the life of an employee: Business Email Games Media Player Microsoft Office File Sharing IM/Chat Personal Email Web Browsing As such, Awareness Technologies Employee Productivity suite includes: 1. Webfiltering Monitors and filters Internet use on and off the network (even on laptops). Blocks or limits applications like peer-to-peer and instant messaging. Screenshots taken whenever an alert word is typed or read on a webpage. All search terms captured. Works whether the system is connected to the network or not. PAGE 6 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 8. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna 2. Employee Monitoring Works invisibly and undetectable at each desktop, without impacting central network computer resources. Records all employee communications including email, webmail, and instant messaging. Blocks or limits applications like peer to peer, webmail and instant messaging. Records and analyzes all keystroke activity, regardless of the application used. Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses. Screenshots taken whenever an alert word is typed or read on a webpage. Ability to search all stored data based on alert words as well as sender or recipient. Full individualized reporting on an employee’s computer activity. Employers today recognize that employees represent their greatest competitive asset, and thus their greatest potential threat. With a business climate today that demands maximum employee productivity and recognizes that employees have access and knowledge of critical data. a greater portion of the IT security budget will begin to be spent on solutions that mitigate the greatest threat to organizations, the insider. While this fundamental shift will not happen overnight, it will literally redefine information security over the next decade. As such, we urge organizations to consider the entirety of the problem and to not take the same piecemeal approach initially used in addressing external threats. Organizations should consider lessons learned from the evolution of external security and consider solutions that solve the problem. In summary, these are: 1. Complete – one solution and one interface for all insider threats. 2. SaaS – removes obstacle to adoption through simplicity of installation and management. 3. Endpoint – control the problem at the source for complete visibility and control. Awareness Technologies The Awareness Technologies solution is the next evolution in insider risk mitigation technology designed for organizations of all sizes. With its easy to deploy, easy trial, and no hardware required, you can immediately enjoy the benefits of this next generation solution within minutes. PAGE 7 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.